101

(1 replies, posted in wolfSSL)

Hi Keterna,

Welcome to the wolfSSL Forums! Yes, you are on the right track. You'll need to define HAVE_SECRET_CALLBACK to access the wolfSSL_set_tls13_secret_cb API.

Here is a client example that writes the shared secret to a log file, which can then be used to decrypt the packets in wrieshark:
https://github.com/wolfSSL/wolfssl-exam … nt-tls13.c

Here is the analogous server example:
https://github.com/wolfSSL/wolfssl-exam … er-tls13.c

Could you tell us a bit more about your project? Feel free to email support@wolfssl.com if you'd prefer a less public discussion.

Thanks,
Eric - wolfSSL Support

Come see us at Black Hat in Las Vegas August 9th & 10th, booth #2617!
https://www.blackhat.com/us-23/

102

(1 replies, posted in wolfSSL)

Hello Amjal,

Sorry to hear about your trouble with the Zephyr port. The port was last tested on Zephyr 2.7 with Zephyr SDK 0.13.1.

If this is a project blocker, I suggest using our Support system by emailing support@wolfssl.com

Thanks,
Eric - wolfSSL Support

Hi sricor,

I have responded to your ticket in our Zendesk portal. Thanks for sending that in.

Hello sricor,

Welcome to the wolfSSL Forums. This sounds like a very interesting project. If the return code is MQTT_CODE_CONTINUE, then the IO driver is returning EINPROGRESS or EWOULDBLOCK, indicating that the driver buffer is not being emptied. I'd like to try to reproduce this. Could you please send an email to support@wolfssl.com mentioning this forum post?

Thanks,
Eric - wolfSSL Support

105

(2 replies, posted in wolfSSL)

Hello hakahane

Welcome to the wolfSSL forums. Thanks for bringing this to our attention! I've fixed it in
https://github.com/wolfSSL/wolfssl/pull/6532

Please give it a test and let us know if you find other issues.

Kind regards,
Eric - wolfSSL Support

Hello solamnic

Welcome to the wolfSSL Forums. I've requested feedback from our engineers on your questions.

Thanks,
Eric - wolfSSL Support

Hi Alex,

The key parameter is not constant for the async state machine and in order to utilize the key's heap memory. So long as one hash verify operation completes before reusing the key, it can be reused.

Thanks,
Eric - wolfSSL Support

108

(3 replies, posted in wolfCrypt)

A lot of the math functions your are trying to use are gated because they are not typically used by applications. I can't really give you a "guide" to exposing these API. You should review the header files, as they are a pretty good indicator if a function is gated.

109

(3 replies, posted in wolfCrypt)

Hi wangzihao,

The --enable-fpecc option enables Fixed Point cache ECC. It is not required to use ecc_mul2add.

You do need to make the function public by adding -DWOLFSSL_PUBLIC_ECC_ADD_DBL to CFLAGS

Please keep these questions coming! We are happy to help others learn!

Thanks,
Eric

Hi wangzihao,

You'll want to pass in the the curve ID to wc_ecc_get_generator:

        ret = wc_ecc_get_generator(pt, wc_ecc_get_curve_idx(ECC_SECP256R1));

There is an example in test_wc_ecc_get_generator() in tests/api.c

Thanks,
Eric - wolfSSL Support

Hi avlec,

I recommend sending an email to our support team. It will be easier for us to make suggestions if we first gather your version and config information.

support@wolfssl.com

Thanks,
Eric

Hello alex65,

Thanks for joining the wolfSSL Forums. Usually an undefined error indicates that the component you are trying use is not configured
in wolfSSL. Please check that the following macro is defined

HAVE_AES_ECB

Here are instructions for changing the configuration:
https://github.com/wolfSSL/wolfssl/tree … figuration

Thanks,
Eric - wolfSSL Support

Hello cvinothkumar,

Thanks for joining the wolfSSL Forums. You'll want to use wc_PKCS12_parse to get the DER cert out of the bundle.
https://github.com/wolfSSL/wolfssl-exam … -example.c

Then you can retrieve the public key from the DER cert
https://github.com/wolfSSL/wolfssl-exam … m-certfile

Could you tell us a bit about your project?

Thanks,
Eric - wolfSSL Support

Hi testwolverinebagel,

Thanks for joining the wolfSSL Forums. That is odd. Is this on an embedded platform that may be delayed while trying to negotiate a secure connection?

I will check with the team to see if we have a wolfSSH example client set up with EPOLL that you could review.

Kind regards,
Eric - wolfSSL Support

115

(2 replies, posted in wolfSSL)

Hi muataz.m

Could you tell us a bit about your project?

Have you reviewed the Android example readme?
https://github.com/wolfSSL/wolfssljni/t … DE/Android

Let us know if that helps.

Thanks,
Eric - wolfSSL Support

116

(6 replies, posted in wolfSSL)

I am answering your questions via the support ticket you opened in our ZenDesk portal

117

(1 replies, posted in wolfSSL)

Answered in ZenDesk

118

(6 replies, posted in wolfSSL)

You can use the configuration define

WOLFSSL_ALT_CERT_CHAINS

119

(3 replies, posted in wolfMQTT)

Excellent, we'll continue the conversation there!

120

(3 replies, posted in wolfMQTT)

Hi vschiavoni,

Thanks for joining the wolfSSL Forums. Yes, we are still gathering requirements for the project. Please send an email to

facts@wolfssl.com

and we can have a discussion about your use case.

Kind regards,
Eric - wolfSSL Support

121

(1 replies, posted in wolfSSL)

Hi muataz.m

Thanks for joining the wolfSSL Forums. Perhaps this will be useful:
https://learn.microsoft.com/en-us/xamar … tform/cpp/

If you're interested in having us create a Xamarin Forms port of wolfSSL, please send an email to

facts@wolfssl.com

where we can create a feature request for you.

Thanks,
Eric - wolfSSL Support

122

(6 replies, posted in wolfSSL)

Hi mrdebug,

Thanks for joining the wolfSSL Forums. Try enabling alternate cert chains with

--enable-altcertchains

./examples/client/client -h www.google.com -p 443 -g -v 3 -A google.crt 
SSL version is TLSv1.2
SSL cipher suite is TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
SSL curve name is SECP256R1
Alternate cert chain used
SSL connect ok, sending GET...
HTTP/1.0 200 OK
Date: Wed, 15 Mar 2023 13:34:58 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=ISO-8859-1
P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
Server: gws
X-XSS-Protection: 0
X-Fra

123

(6 replies, posted in wolfCrypt)

Hi Shammon,

Thanks for joining the wolfSSL Forums. Please try including the wolfSSL config header before any other wolfSSL includes:

#ifndef WOLFSSL_USER_SETTINGS
    #include <wolfssl/options.h>
#endif
#include <wolfssl/wolfcrypt/settings.h>

Thanks,
Eric - wolfSSL Support

124

(4 replies, posted in wolfCrypt)

It seems like we have the same conversation happening on two forums:
https://stackoverflow.com/questions/755 … to-sp-init

Let's just keep the conversation going here.

Thanks,
Eric - wolfSSL Support

125

(4 replies, posted in wolfCrypt)

Hi wangzihao,

Thanks for joining the wolfSSL Forums. Could you share the "./config" command you used?

Are you trying to use the math library directly in your application? If so you'll need to define "WOLFSSL_PUBLIC_MP" in the configuration. You should use the "mp_*" API instead of the direct "sp_*" functions.

Let us know if there are still questions.

Thanks,
Eric - wolfSSL Support