You are not logged in. Please login or register.
Please post questions or comments you have about wolfSSL products here. It is helpful to be as descriptive as possible when asking your questions.
ReferenceswolfSSL - Embedded SSL Library → Posts by embhorn
Where you put the define depends on how you are building the library. If you are using the --enable-usersettings option, than add this to user_settings.h
#define RSA_MIN_SIZE 2048
Else you can add it on the configure line with:
./configure CFLAGS="-DRSA_MIN_SIZE=2048"
Yes you will need to rebuild the library.
Yes, v3.15.7 supports ECC-P256 by default.
https://github.com/wolfSSL/wolfssl/blob … #L188-L189
Hello bohuynh315
Welcome to the wolfSSL Forums. Can you tell us a bit about what you are working on and the high-level overview of the project to help us better classify this inquiry? Thank you in advance!
You can use the wolfSSL_get_ciphers API to get a list of the currently available ciphers. Here is an example:
https://github.com/wolfSSL/wolfssl/blob … #L267-L274
Thanks,
Eric - wolfSSL Support
The wolfSSL IO layer is only requesting reads from the driver layer. So first it requests 5 bytes (the TLS header) which contains the packet size. Then we ask for the full remainder of the TLS packet, however they can return less. The read callback will continue to be called until the full TLS header has been read. Then it will ask for 5 bytes again. If you return more than asked it would be an error.
Hi likewise,
The IO interface for wolfSSL is very flexible. You can use the IO callbacks to accomplish your goals:
https://www.wolfssl.com/documentation/m … tion-layer
As Anthony mentioned before, please feel free to direct your questions to support@wolfssl.com
Could you tell us a bit about your project using wolfSSL?
Thanks,
Eric - wolfSSL Support
Hello mabduljawad
Thanks for joining the wolfSSL forums! The wolfMQTT library will only use malloc if configured to allocate MQTTv5 properties dynamically. By default, the library is stack-only.
For wolfSSL, check out the static memory guide:
https://www.wolfssl.com/docs/static-buffer-allocation/
Could you tell us a bit about your MQTT project? Feel free to email support@wolfssl.com for a more private discussion.
Thanks,
Eric - wolfSSL Support
Hello pathakpulkit06
Welcome to the wolfSSL Forums!
Yes, that error is usually an indication that the available stack should be increased. Could you share some more of your application code?
Here is an example that uses wc_PBKDF2 to stretch a password:
https://github.com/wolfSSL/wolfssl-exam … .c#L56-L60
Could you tell us a bit about your project goals using wolfSSL? Feel free to email support@wolfssl.com if you'd prefer a more private format.
Thanks,
Eric - wolfSSL Support
Hello east1ifep
Thanks for your question. We had to disable attachments in the forums, so I cannot review your pcap and log.
Could you please send this request to support@wolfssl.com, and we'll get a proper support ticket created to help you out.
Kind regards,
Eric - wolfSSL Support
Hello Jacob,
Welcome to the wolfSSL Forums.
I suspect this issue is related to a customer that has a support contract with us. Please email support@wolfssl.com to initiate a support ticket that will receive the highest priority response.
Thanks,
Eric - wolfSSL Support
Hi horroraround,
Thanks for joining the wolfSSL Forums. The max props define is set to 30, and can be overridden by defining MQTT_MAX_PROPS at build time. This was a design decision that allowed us to keep the library requirements small and still allow flexibility for applications.
Alternatively, if your application can tolerate dynamic memory usage, the library can allocate property structures dynamically using malloc. Just add the configuration define WOLFMQTT_DYN_PROP to enable this feature.
Thanks,
Eric - wolfSSL Support
The non-blocking ECC assembler component (sp_256_ecc_mulmod_8_nb), is a place-holder for future development. Obviously we do intend to implement this feature. If you'd like me to mark you down as interested in this feature, please send an email to support@wolfssl.com
Hi Siewie,
You've found one of the functions that does not support static memory allocation. You are handling it correctly. Would you like me to create a feature request to add static memory support to the `wc_ecc_curve_load` function?
Please send an email to support@wolfssl.com to begin that process.
Kind regards,
Eric - wolfSSL Support
Hi Siewie,
Welcome to the wolfSSL Forums. We encourage users to send an email to support@wolfssl.com in order to receive the highest priority support.
Here is a short RSA example that will give you an idea of the intended usage:
https://github.com/wolfSSL/wolfAsyncCry … sa-example
> (2) Is it correct that any hash function callback provided through "wc_CryptoCb_RegisterDevice" must be blocking?
No, the callbacks can be implemented as non-blocking, and utilize the async features.
> (3) It appears like we could improve the performance a lot by using the WOLFSSL_SP_ARM_CORTEX_M_ASM option. However, the non-blocking implementation is not available. Concretely, we are missing the definition of struct sp_256_ecc_mulmod_8_ctx and the function sp_256_ecc_mulmod_8_nb (wolfcrypt + wolfasynccrypt v5.6.6).
I'll check with the team on this question.
Thanks,
Eric - wolfSSL Support
Hi Anders,
Are you building wolfCrypt Pi?
Thanks,
Eric - wolfSSL Support
Yes, as long as the user_settings.h file is in the include path it will be used.
Add this option to the compiler CFLAGS "-DWOLFSSL_USER_SETTINGS"
Hi Scotty
There are a couple of ways to resolve this. You could
Use NTP to set the time prior to connecting to the server.
Disable time verification during runtime by loading certs using _ex version of load API with WOLFSSL_LOAD_FLAG_DATE_ERR_OKAY flag
Use a verify callback to override the date errors during the first server connection.
Configure no date checks ever - define NO_ASN_TIME_CHECK
Let us know if that helps.
Thanks,
Eric - wolfSSL Support
Hello groovytacocat,
Welcome to the wolfSSL forums!
There are two method for using a custom RNG source with wolfSSL:
"Custom Seed Source" using CUSTOM_RAND_GENERATE to seed the P-RNG
or
"Bypass P-RNG and use only HW RNG" using CUSTOM_RAND_GENERATE_BLOCK
By setting NO_HASHDRBG, you are disabling the P-RNG, but you have not defined CUSTOM_RAND_GENERATE_BLOCK
Please try removing the define for NO_HASHDRBG
Could you tell us a bit more about your project using wolfSSL? Feel free to email us at support@wolfssl.com if you'd prefer a more private venue.
Thanks,
Eric - wolfSSL Support
Hi RJ,
You can use VSCode to build the wolfSSL library by simply opening the folder where you cloned or downloaded wolfSSL.
Or you can use the GitHub extension to "Clone GitHub Repository..."
Enter "https://github.com/wolfSSL/wolfssl.git"
Then "Clone from URL https://github.com/wolfSSL/wolfssl.git" and select a folder in which to store the code.
Next you can build using Cmake, or using the command line using these instructions:
https://github.com/wolfSSL/wolfssl/blob/master/INSTALL
After installing wolfSSL, you can link the library to your application by adding "-lwolfssl" to your compiler flags. Be sure to add the wolfSSL include files that were installed to the application.
#include <wolfssl/options.h>
#include <wolfssl/wolfcrypt/settings.h>Hello RJ
Thanks for joining the wolfSSL Forums. We have an excellent examples repository. You will need to create a new MPLABX project, as these are generic examples, not Harmony specific:
https://github.com/wolfSSL/wolfssl-exam … er-tls13.c
Could you tell us a bit about your project? Feel free to email support@wolfssl.com if you'd prefer to keep this information private.
Thanks,
Eric - wolfSSL Support
Hello Bilal,
Thanks for joining the wolfSSL Forums. The -188 error indicates that the client should load a CA cert that can be used to verify the server's cert during the handshake. As you found, you can skip this check, or use a verify callback.
The -112 error is commonly encountered when a memory alloc fails.
Could you please tell us a bit about your project? Please feel free to send an email to support@wolfssl.com if you'd prefer a more private discussion.
Thanks,
Eric - wolfSSL Support
Hello Adam,
Thanks for joining the wolfSSL forums. I am checking with the team to see if we any relevant docs or examples for ESP32 using Arduino framework.
Could you tell us a bit about your project? If you'd prefer to keep it private, feel free to email support@wolfssl.com
Kind regards,
Eric - wolfSSL Support
Hello Óscar,
Thanks for joining the wolfSSL Forums.
Here are the DTLS demos:
https://github.com/wolfSSL/wolfssl-exam … aster/dtls
And here are the PSK demos for TLS, which you can easily adapt to DTLS:
https://github.com/wolfSSL/wolfssl-exam … master/psk
Can you tell us a bit about your project using wolfSSL?
Thanks,
Eric - wolfSSL Support
Hi Karthikeyan
Thanks for joining the wolfSSL forums. I've copied my answer to the support ticket you opened here:
Are you already able to build wolfSSL in MPLAB?
https://github.com/wolfSSL/wolfssl/tree/master/mplabx
After you get wolfSSL building, we have an unofficial port of wolfSSH for MPLAB:
https://github.com/wolfSSL/wolfssh/pull/52
You can follow the instructions in the readme:
https://github.com/wolfSSL/wolfssh/blob … /README.md
Hi sand7000
Welcome to the wolfSSL Forums! Please send an email to facts@wolfssl.com and we can get you in contact with the right business director. Sounds like a cool project. Is this something you will be open-sourcing?
Thanks,
Eric - wolfSSL Support
wolfSSL - Embedded SSL Library → Posts by embhorn
Powered by PunBB, supported by Informer Technologies, Inc.
Generated in 0.023 seconds (76% PHP - 24% DB) with 5 queries