It seems increasing FP_MAX_BITS fixed the problem.
Thanks for the help.
You are not logged in. Please login or register.
Please post questions or comments you have about wolfSSL products here. It is helpful to be as descriptive as possible when asking your questions.
ReferenceswolfSSL - Embedded SSL Library → Posts by X-log
Pages 1
It seems increasing FP_MAX_BITS fixed the problem.
Thanks for the help.
No, I am generating my own keys&certs in x86 eviroment.
My cm3 enviroment does not have filesystem, so I cant run keygen & certgen tests (and curently I don't have enough free time to try to port them to it).
Current status:
server-CM3-bigint, certs(4096b)-x86-bigint, client-x86-bigint - everything ok
server-CM3-fastmath, certs(4096b)-x86-bigint, client-x86-bigint - fails
server-CM3-bigint, certs(4096b)-x86-bigint, client-x86-fastmath - everything ok
server-CM3-fastmath, certs(4096b)-x86-bigint, client-x86-fastmath - fails
wolfSSL embedded SSL fails to verify clients cert signature then running on cortex M3 with fastmath.
I could also try to generate keys & certs using fastmath, but I'm guessing it will also fail.
All tests pass.
MD5 test passed!
MD4 test passed!
SHA test passed!
SHA-256 test passed!
HMAC-MD5 test passed!
HMAC-SHA test passed!
HMAC-SHA256 test passed!
ARC4 test passed!
Rabbit test passed!
DES test passed!
DES3 test passed!
AES test passed!
RANDOM test passed!
RSA test passed!
PWDBASED test passed!
MD5 test passed!
MD4 test passed!
SHA test passed!
SHA-256 test passed!
HMAC-MD5 test passed!
HMAC-SHA test passed!
HMAC-SHA256 test passed!
ARC4 test passed!
Rabbit test passed!
DES test passed!
DES3 test passed!
AES test passed!
RANDOM test passed!
RSA test passed!
PWDBASED test passed!
CyaSSL Entering CYASSL_CTX_new
CyaSSL Entering CyaSSL_Init
CyaSSL Entering CyaSSL_CertManagerNew
CyaSSL Leaving CYASSL_CTX_new, return 0
CyaSSL Entering CyaSSL_CTX_use_certificate_buffer
Checking cert signature type
CyaSSL Entering GetExplicitVersion
CyaSSL Entering GetMyVersion
CyaSSL Entering GetAlgoId
Getting Cert Name
Getting Cert Name
CyaSSL Entering GetAlgoId
Not ECDSA cert signature
CyaSSL Entering CyaSSL_CTX_use_PrivateKey_buffer
CyaSSL Entering GetMyVersion
CyaSSL Entering CyaSSL_CTX_load_verify_buffer
Processing CA PEM file
Adding a CA
CyaSSL Entering GetExplicitVersion
CyaSSL Entering GetMyVersion
CyaSSL Entering GetAlgoId
Getting Cert Name
Getting Cert Name
CyaSSL Entering GetAlgoId
CyaSSL Entering DecodeCertExtensions
CyaSSL Entering DecodeBasicCaConstraint
CyaSSL Entering GetAlgoId
Parsed new CA
Freeing Parsed CA
Freeing der CA
OK Freeing der CA
CyaSSL Leaving AddCA, return 0
Processed a CA
CyaSSL Entering CyaSSL_CTX_set_verify
CyaSSL Entering SSL_new
CyaSSL Leaving SSL_new, return 0CyaSSL Entering SSL_set_fd
CyaSSL Leaving SSL_set_fd, return 1
CyaSSL Entering SSL_accept()
growing input buffergrowing input buffer
received record layer msg
CyaSSL Entering DoHandShakeMsg()
CyaSSL Entering DoHandShakeMsgType
processing client hello
CyaSSL Entering MatchSuite
CyaSSL Entering VerifySuite
Requires RSA
Verified suite validity
CyaSSL Leaving DoHandShakeMsgType(), return 0
CyaSSL Leaving DoHandShakeMsg(), return 0
accept state ACCEPT_CLIENT_HELLO_DONE
accept state HELLO_VERIFY_SENT
accept state ACCEPT_FIRST_REPLY_DONE
growing output bufferShrinking output buffer
accept state SERVER_HELLO_SENT
growing output bufferShrinking output buffer
accept state CERT_SENT
accept state KEY_EXCHANGE_SENT
growing output bufferShrinking output buffer
accept state CERT_REQ_SENT
growing output bufferShrinking output buffer
accept state SERVER_HELLO_DONE
growing input bufferreceived record layer msg
CyaSSL Entering DoHandShakeMsg()
CyaSSL Entering DoHandShakeMsgType
processing certificate
Loading peer's cert chain
Put another cert into chain
Veriying Peer's cert
CyaSSL Entering GetExplicitVersion
CyaSSL Entering GetMyVersion
CyaSSL Entering GetAlgoId
Getting Cert Name
Getting Cert Name
CyaSSL Entering GetAlgoId
CyaSSL Entering GetAlgoId
About to verify certificate signature
Rsa SSL verify error
Confirm signature failed
Failed to verify Peer's cert
No callback override available, fatal
CyaSSL Leaving DoHandShakeMsgType(), return -155
CyaSSL Leaving DoHandShakeMsg(), return -155
CyaSSL error occured, error = -155
CyaSSL Entering SSL_free
CTX ref count not 0 yet, no free
Shrinking input bufferCyaSSL Leaving SSL_free, return 0
CyaSSL Entering SSL_new
CyaSSL Leaving SSL_new, return 0
I'm running wolfssl 2.5.0 on cortex m3 (lpc1788) mcu. If I swith to fastmath, wolfssl fails to verify RSA certificates (keys & certificates were generated on x86 wolfssl instance using default big integer lib). Is this behaviour normal (wolfssl_fastmath is incompatible with wolfssl_big_integer) and I need to make new keys using fast math?
version: 2.0.0rc2
ProcessChainBuffer (ssl.c:919) is only defined then filesystem is used (#ifndef NO_FILESYSTEM region), although this function is used by CyaSSL_CTX_load_verify_buffer (ssl.c:2238) resulting in linking error;
Pages 1
wolfSSL - Embedded SSL Library → Posts by X-log
Powered by PunBB, supported by Informer Technologies, Inc.
Generated in 0.015 seconds (95% PHP - 5% DB) with 5 queries