You are not logged in. Please login or register.
Please post questions or comments you have about wolfSSL products here. It is helpful to be as descriptive as possible when asking your questions.
ReferenceswolfSSL - Embedded SSL Library → Posts by embhorn
I don't see the attachment. Is it the same error?
Hi a7v7
Are you in the root wolfssl directory when trying to execute the test script? Could you try "make check" and report the results?
The latest version of wolfSSL is v4.8.1 and is available from https://github.com/wolfSSL/wolfssl
Thanks,
Eric @ wolfSSL Support
Hi Kelvin,
Thanks for this additional report. I had to switch over to the HiveMQ broker to reproduce this issue because the Mosquitto broker apparently does not send the reason code with QoS 2 PUBREC response (but it does send it with PUBACK).
I've posted a patch here:
https://github.com/wolfSSL/wolfMQTT/pull/224
It does not fully address your concern about reporting the PUBREC reason code, but I have added that as a feature request.
Thanks,
Eric
Thanks for your suggestions. I've created a fix for the puback issue, as well as other packet types that make use of reason codes. https://github.com/wolfSSL/wolfMQTT/pull/220
Looking forward to your feedback!
Thanks,
Eric @ wolfSSL Support
Hello Kelvin,
I was able to reproduce this issue with a local instance of the mosquitto broker, also. I'll post a fix as soon as it is available.
Thanks,
Eric @ wolfSSL Support
It will be handled automatically only as part of TLS handshake key exchange. If you are building keys, the size will need to be set manually.
Hello Georg,
We do not have support for that specific openSSL API. We do handle setting the DH key size automatically during the key exchange:
src/internal.c :: GetDhPublicKey
#ifdef HAVE_FFDHE
switch (ssl->options.dhKeySz) {
#ifdef HAVE_FFDHE_2048
case 2048/8:
params = wc_Dh_ffdhe2048_Get();
group = WOLFSSL_FFDHE_2048;
break;
#endif
.
.
.If you are interested in opening a feature request for `SSL_CTX_set_dh_auto` in wolfSSL, please send an email to support@wolfssl.com
Thanks,
Eric @wolfSSL Support
Hi rlev,
Are you setting `mqttPublish.total_len` to the return value of snprintf?
Try checking in the application that the expected length is equal to the value of `mqttPublish.total_len` before calling `MqttClient_Publish`.
https://github.com/Microchip-MPLAB-Harm … ask.c#L480
The MCH example uses strlen to set the payload length, so if your application is sending JSON data, it's possible that some NULL is causing an invalid length calculation.
Thanks,
Eric @ wolfSSL Support
Hello sapi01,
You'll want to build the library with the option "WOLFSSL_ALT_CERT_CHAINS".
src/internal.c
* WOLFSSL_ALT_CERT_CHAINS:
* Allows CA's to be presented by peer, but not part of a valid chain.
* Default wolfSSL behavior is to require validation of all presented peer
* certificates. This also allows loading intermediate CA's as trusted
* and ignoring no signer failures for CA's up the chain to root.
Thanks,
Eric @ wolfSSL Support
Hello AkhiG,
The error message "Not ECDSA cert signature" indicates that the signature check failed on the cert that was being verified. This could happen from a driver issue, a buffer overrun, etc.
Are you able to capture the packets with wireshark when the failure occurs?
Thanks,
Eric @ wolfSSL Support
Hi n_jusic,
I'm not finding much. Here is a mystery post on the openssl forum:
http://openssl.6102.n7.nabble.com/RAND- … 78233.html
You can also implement your own random function and use it to seed wolfSSL.
https://github.com/wolfSSL/wolfssl/blob … main.c#L71
Thanks,
Eric @ wolfSSL Support
Hello ss2009ahnu,
Is this using the wolfCrypt test?
https://github.com/wolfSSL/wolfssl/tree … crypt/test
Could you please post the output from running the test?
Thanks,
Eric @ wolfSSL Support
Hello,
The server uses a callback to set up a session ticket, which will then be sent to the client (if requested using `wolfssl_CTX_UseSessionTicket` API, which is only relevant to the client). You can review the example code.
`wolfSSL_CTX_set_TicketEncCb` API:
https://github.com/wolfSSL/wolfssl/blob … er.c#L2076
example callback:
https://github.com/wolfSSL/wolfssl/blob … st.h#L4052
Kind regards,
Eric @ wolfSSL Support
Hi Scott,
There is some logic in SP to try and determine the type sizes. They depend on the system checking the *_MAX values. Please try adding define
#undef ULLONG_MAX
#define ULLONG_MAX 18446744073709551615ULLGreat, can you please double check that the wolfssl.dll that is being linked with the application was generated using the same configuration headers that you are including with the application?
Hi Scott,
Does the source file include `wolfssl/wolfcrypt/settings.h`?
Does the wolfssl DLL get created? Do the wolfSSL examples build correctly?
Hi Chris,
I'll ask the team to review this for you...
Hello Ashwini,
The VS project uses the user_settings.h from the IDE/WIN folder by default:
https://github.com/wolfSSL/wolfssl/blob … settings.h
Your application should be including the following headers
#include <wolfssl/wolfcrypt/settings.h>
#include <wolfssl/ssl.h>Please share the user_settings.h file that is being used.
Hello Ashwini,
Could you please confirm that the application is including the same options.h header (or settings.h, if using the user_settings.h method)?
Also please share your configuration and the actual error as printed from the linker.
Thanks,
Eric @ wolfSSL Support
wolfSSH does not currently support FreeRTOS. If you are interested in opening a feature request to have us add support, please send an email to facts @ wolfssl.com
I can't recall if the platform you are using is able to produce debug logs. If so, that could help us determine what is happening when the crash occurs.
Another tool to help determine the stability of wolfSSL is to run the wolfCrypt test application:
https://github.com/wolfSSL/wolfssl/tree … crypt/test
This sounds like insufficient stack space. The 4096 RSA math uses a lot of stack memory! Have you tested using with the RSA_LOW_MEM option configured?
Hi yass007
Certainly it is possible, just not currently implemented. You would need to add functionality for all the operations in order for standardized clients to connect properly. Alternatively, you could integrate a ramdisk that already has filesystem support.
Hi Scott,
From the webpage you linked...
define the preprocessor macro “WOLFSSL_USER_SETTINGS” in your project
So in the project file that builds the wolfSSL library code, you should add a preprocessor macro for WOLFSSL_USER_SETTINGS. I clarify because you stated
define WOLFSSL_USER_SETTINGS in the APPLCATION...
The settings.h header will include user_settings.h, and those values will override anything in settings.h.
wolfSSL - Embedded SSL Library → Posts by embhorn
Powered by PunBB, supported by Informer Technologies, Inc.
Generated in 0.020 seconds (76% PHP - 24% DB) with 4 queries