You are not logged in. Please login or register.
Please post questions or comments you have about wolfSSL products here. It is helpful to be as descriptive as possible when asking your questions.
ReferenceswolfSSL - Embedded SSL Library → Posts by embhorn
Hi asn,
Welcome to the wolfSSL Forums.
You should not add configuration defines in the source files. This will always result in undefined behavior.
This is the preferred method for configuring the library:
https://www.wolfssl.com/using-user_settings-h-wolfssl/
Yes, you can build wolfSSL for PPC. The environment variable `__ppc__` will be detected to set up the correct settings for that architecture.
Let us know if there are questions.
Thanks,
Eric - wolfSSL Support
Hi James,
Please email support@wolfssl.com for a discussion about FIPS impacts.
Hello James,
Thanks for joining the wolfSSL Forums. wolfSSL does not currently support ECC571. I can help you open an official feature request. Please email support@wolfssl.com to get the process started.
Kind regards,
Eric - wolfSSL Support
Servers often do not support bidirectional shutdown, instead just silently closing the connection.
In the case of DTLS, a time out while waiting for the close notify could be used to handle the case of a non-responding server.
Hi bp787
Are you trying to do a bi-directional shutdown?
Does the server respond with anything after the first shutdown? Do you have a pcap of the interaction?
Thanks,
Eric - wolfSSL Support
That protocol is not currently supported in wolfSSL, but we do accept feature requests. You can start the process by emailing support@wolfssl.com
Hello Jens,
Thanks for joining the wolfSSL Forums.
Yes, we implemented Karatsuba in 2022:
https://github.com/wolfSSL/wolfssl/pull/4853
You'll see some comparison benchmarks in the comments of that PR
Have you checked out our wolfBoot project?
https://github.com/wolfSSL/wolfBoot
https://github.com/wolfSSL/wolfBoot/blo … md#stm32h7
Feel free to email us at support@wolfssl.com with any questions.
Kind regards,
Eric - wolfSSL Support
Hello mrinalilothey
Welcome to the wolfSSL Forums.
We have some example projects for IAR Workbench to get you started:
https://github.com/wolfSSL/wolfssl/tree … /IAR-EWARM
Let us know if there are questions. You can always open a support ticket by emailing support@wolfssl.com
Could you tell us a bit about your project using wolfSSL?
Thanks,
Eric - wolfSSL Support
Hi Nicolas,
Welcome to the forums!
My colleague is going to review and provide a response for you.
Thanks,
Eric - wolfSSL Support
Hi invoker,
I would recommend opening a support ticket by emailing support@wolfssl.com
Thanks,
Eric
I just meant that maybe you could setup a reproducer using the certs you are trying
Could you create a test case using the wolfSSL examples?
<wolfssl>./examples/server/server<wolfssl>./examples/client/clientThe keygen component is present in source, but there is not a separate utility (yet)
https://github.com/wolfSSL/wolfssh/blob … c/keygen.c
It looks like the listenAddress option is not fully supported yet.
Hello forza,
Thanks for joining the wolfSSL Forums. wolfSSH-sshd is intended to be full replacement for the OpenSSH server. Here is a getting started video:
https://www.youtube.com/watch?v=xJOyoalxA0U
There doesn't seem to be any official documentation on the wolfsshd itself
This is relatively new feature of the project, so documentation is still forthcoming.
I'll check with the team about the key-gen tool.
Could you tell us a bit about your project using wolfSSH? Feel free to email us at support@wolfssl.com for a more private discussion.
Kind regards,
Eric - wolfSSL Support
Thanks for sharing the log inline....
From the log, the peer sent a "decrypt error" alert:
received record layer msg
got ALERT!
Alert type: decrypt_error
wolfSSL error occurred, error = 51 line:20389 file:src/internal.c
wolfSSL error occurred, error = 313 line:12991 file:src/ssl.cSo the peer was not able to decode the message and quit the handshake.
Can you provide more info about the server?
Hello invoker,
Thanks for joining the wolfSSL Forums. Unfortunately we needed to disable file attachments in these forums, so I am unable to see your log.
You are welcome to create a support ticket by emailing support@wolfssl.com
Are you connecting to one of the wolfSSL example servers?
Kind regards,
Eric - wolfSSL Support
Hi bp787
Thanks for joining the wolfSSL forums. I'm glad to hear that you were able to resolve the build issues.
> However, i'm still SUPER unclear if this is the correct way to go about it or if there's a better/cleaner route
I would say use the client-tls-pkcs12 example as a base and change it to DTLS. Then you should be able to test connecting to the wolfSSL example server, using the -u option to specify DTLS.
Could you tell us more about your project using wolfSSL? Feel free to email support@wolfssl.com for a more private discussion.
Thanks,
Eric - wolfSSL Support
Hello medyuuna,
Thanks for joining the wolfSSL Forums. I was able to reproduce the issue you reported. I have created a fix in the PR:
https://github.com/wolfSSL/wolfssh/pull/716
Please test it and let me know if this resolves the issue for you also.
Could you tell us a bit about your project using wolfSSH? Feel free to email us at support@wolfssl.com for a more private conversation.
Kind regards,
Eric - wolfSSL Support
Hi parmstrong3
Thanks for joining the wolfSSL forums. I am requesting our ESP32 expert to chime in here.
Could you tell us a bit about your project? Feel free to email support@wolfssl.com if you'd prefer a less public venue.
Thanks,
Eric - wolfSSL Support
I really should have mentioned this before, but you should review the sniffer code:
https://github.com/wolfSSL/wolfssl/tree … sslSniffer
Specifically the code around checking for application data:
https://github.com/wolfSSL/wolfssl/blob … er.c#L6413
Where you put the define depends on how you are building the library. If you are using the --enable-usersettings option, than add this to user_settings.h
#define RSA_MIN_SIZE 2048
Else you can add it on the configure line with:
./configure CFLAGS="-DRSA_MIN_SIZE=2048"
Yes you will need to rebuild the library.
Yes, v3.15.7 supports ECC-P256 by default.
https://github.com/wolfSSL/wolfssl/blob … #L188-L189
Hello bohuynh315
Welcome to the wolfSSL Forums. Can you tell us a bit about what you are working on and the high-level overview of the project to help us better classify this inquiry? Thank you in advance!
You can use the wolfSSL_get_ciphers API to get a list of the currently available ciphers. Here is an example:
https://github.com/wolfSSL/wolfssl/blob … #L267-L274
Thanks,
Eric - wolfSSL Support
The wolfSSL IO layer is only requesting reads from the driver layer. So first it requests 5 bytes (the TLS header) which contains the packet size. Then we ask for the full remainder of the TLS packet, however they can return less. The read callback will continue to be called until the full TLS header has been read. Then it will ask for 5 bytes again. If you return more than asked it would be an error.
Hi likewise,
The IO interface for wolfSSL is very flexible. You can use the IO callbacks to accomplish your goals:
https://www.wolfssl.com/documentation/m … tion-layer
As Anthony mentioned before, please feel free to direct your questions to support@wolfssl.com
Could you tell us a bit about your project using wolfSSL?
Thanks,
Eric - wolfSSL Support
wolfSSL - Embedded SSL Library → Posts by embhorn
Powered by PunBB, supported by Informer Technologies, Inc.
Generated in 0.020 seconds (78% PHP - 22% DB) with 5 queries