Hi DDaugher

Welcome to the wolfSSL Forums.

Yes, AES-GCM is a good candidate. You can check out the wolfSSL crypto benchmarking tool to get a better idea of throughputs.
https://github.com/wolfSSL/wolfssl/tree … /benchmark

We also have several excellent examples in this other repository:
https://github.com/wolfSSL/wolfssl-examples
https://github.com/wolfSSL/wolfssl-exam … crypto/aes

Could you tell us a bit about your project? Feel free to email us at support@wolfssl.com for a more private conversation.

Thanks,
Eric - wolfSSL Support

I'm not going to say its impossible, but certainly it will be more straightforward on Linux.

Hi asn,

Welcome to the wolfSSL Forums.

You should not add configuration defines in the source files. This will always result in undefined behavior.

This is the preferred method for configuring the library:
https://www.wolfssl.com/using-user_settings-h-wolfssl/

Yes, you can build wolfSSL for PPC. The environment variable `__ppc__` will be detected to set up the correct settings for that architecture.

Let us know if there are questions.

Thanks,
Eric - wolfSSL Support

Hello James,

Thanks for joining the wolfSSL Forums. wolfSSL does not currently support ECC571. I can help you open an official feature request. Please email support@wolfssl.com to get the process started.

Kind regards,
Eric - wolfSSL Support

Hi bp787

Are you trying to do a bi-directional shutdown?

Does the server respond with anything after the first shutdown? Do you have a pcap of the interaction?

Thanks,
Eric - wolfSSL Support

Hello Jens,

Thanks for joining the wolfSSL Forums.

Yes, we implemented Karatsuba in 2022:
https://github.com/wolfSSL/wolfssl/pull/4853
You'll see some comparison benchmarks in the comments of that PR

Have you checked out our wolfBoot project?
https://github.com/wolfSSL/wolfBoot
https://github.com/wolfSSL/wolfBoot/blo … md#stm32h7

Feel free to email us at support@wolfssl.com with any questions.

Kind regards,
Eric - wolfSSL Support

Hi Nicolas,

Welcome to the forums!

My colleague is going to review and provide a response for you.

Thanks,
Eric - wolfSSL Support

I just meant that maybe you could setup a reproducer using the certs you are trying

The keygen component is present in source, but there is not a separate utility (yet)
https://github.com/wolfSSL/wolfssh/blob … c/keygen.c

It looks like the listenAddress option is not fully supported yet.

Thanks for sharing the log inline....

From the log, the peer sent a "decrypt error" alert:

received record layer msg
got ALERT!
Alert type: decrypt_error
wolfSSL error occurred, error = 51 line:20389 file:src/internal.c
wolfSSL error occurred, error = 313 line:12991 file:src/ssl.c

So the peer was not able to decode the message and quit the handshake.

Can you provide more info about the server?

Hi bp787

Thanks for joining the wolfSSL forums. I'm glad to hear that you were able to resolve the build issues.

> However, i'm still SUPER unclear if this is the correct way to go about it or if there's a better/cleaner route

I would say use the client-tls-pkcs12 example as a base and change it to DTLS. Then you should be able to test connecting to the wolfSSL example server, using the -u option to specify DTLS.

Could you tell us more about your project using wolfSSL? Feel free to email support@wolfssl.com for a more private discussion.

Thanks,
Eric - wolfSSL Support

Hi parmstrong3

Thanks for joining the wolfSSL forums. I am requesting our ESP32 expert to chime in here.

Could you tell us a bit about your project? Feel free to email support@wolfssl.com if you'd prefer a less public venue.

Thanks,
Eric - wolfSSL Support