You are not logged in. Please login or register.
Active topics Unanswered topics
Welcome to the wolfSSL Forums!
Please post questions or comments you have about wolfSSL products here. It is helpful to be as descriptive as possible when asking your questions.
References
Stable Releases - download stable product releases.
Development Branch - latest development branch on GitHub.
wolfSSL Manual - wolfSSL (formerly CyaSSL) product manual and API reference.
Search options (Page 9 of 15)
Hi alen.loncaric
Thanks for contacting wolfSSL. Typically this is because the settings are not getting picked up by the configuration headers. Could you please share the "./configure" command you are using?
@adarshr.r6 and @SheilaLyons
We have some excellent CSR examples here:
https://github.com/wolfSSL/wolfssl-exam … er/certgen
If you still have questions, please feel free to email support@wolfssl.com to open a ticket.
Thanks for clarifying. I was able to reproduce a similar error
Creating certificate...
Failure code was -134
...with
./configure --enable-certgen --enable-certext --enable-certreq --enable-keygen --enable-debug
But with
./configure --enable-all --enable-debug
the example works correctly. I will work on updating the example instructions.
The parser is failing on the attribute
openssl req -in testcsr2.pem -noout -text
Certificate Request:
Data:
Version: 1 (0x0)
Subject: C = DE, ST = BW, L = KER, O = OVGU, OU = COMSYS, CN = testName, emailAddress = xyz@ovgu.de
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key: (256 bit)
pub:
04:6b:61:17:b7:64:a7:c8:64:ef:7e:1b:df:81:d7:
3b:68:cf:d5:77:f3:26:6a:5a:7e:81:cd:b0:02:25:
b4:7f:ff:42:62:44:dd:e3:e0:40:49:89:8d:ff:d7:
e5:36:3b:b0:cb:d1:1b:2d:59:89:de:3e:6e:12:46:
2a:56:a2:37:5a
ASN1 OID: prime256v1
NIST CURVE: P-256
Attributes:
unstructuredName :ovgu
challengePassword :1234
Signature Algorithm: ecdsa-with-SHA256
30:45:02:21:00:d3:cf:8a:a5:95:9f:fa:cb:84:dd:bf:ed:a8:
7b:4a:91:ba:a2:6f:ef:cf:19:41:40:c2:ab:d8:db:b3:95:c9:
53:02:20:3b:4c:fb:75:08:12:09:93:e3:66:7a:9f:35:12:4c:
de:ca:1d:24:f0:eb:40:8d:a0:66:28:71:9f:5e:54:1a:40
Here is some relevant information:
https://stackoverflow.com/questions/187 … cturedname
Try rebuilding the CSR without entering the unstructuredName field.
Hi adarshr.r6
Thanks for contacting wolfSSL. Typically we would like to review the problematic CSR. If you'd rather not share on this public forum, you are welcome to submit a support request by emailing support@wolfssl.com
Hi Bruce,
Thanks for sending a message to support@wolfssl.com. We will assist you there.
GENERIC EXAMPLE:
./configure \
CC="/path/to/your/toolchain/toolchain-gcc" \
AR="/path/to/your/toolchain/toolchain-ar" \
AS="/path/to/your/toolchain/toolchain-gcc" \
RANLIB="/path/to/your/toolchain/toolchain-ranlib" \
LD="/path/to/your/toolchain/toolchain-ld" \
--host=<your host> \
--target=<your target> \
<your other configure options here> \
CFLAGS="-mcpu=<your cpu definition here> \
<other cflags here>" \
LIBS="<libs>"
SPECIFIC EXAMPLE:
./configure \
CC="/usr/local/gcc_arm/gcc-arm-none-eabi-7-2017-q4-major/bin/arm-none-eabi-gcc" \
AR="/usr/local/gcc_arm/gcc-arm-none-eabi-7-2017-q4-major/bin/arm-none-eabi-ar" \
AS="/usr/local/gcc_arm/gcc-arm-none-eabi-7-2017-q4-major/bin/arm-none-eabi-gcc" \
RANLIB="/usr/local/gcc_arm/gcc-arm-none-eabi-7-2017-q4-major/bin/arm-none-eabi-ranlib" \
LD="/usr/local/gcc_arm/gcc-arm-none-eabi-7-2017-q4-major/bin/arm-none-eabi-ld" \
--host=arm-none-eabi \
--enable-aesgcm --enable-ecc \
CFLAGS="-mcpu=cortex-m4 \
-Os -specs=rdimon.specs" \
LIBS="-Wl,--start-group -lm -lgcc -lc -lrdimon -Wl,--end-group"
Hello Junkhar,
To better prioritize your support request, please open a ticket by sending an email to support@wolfssl.com
Thanks,
Eric @ wolfSSL Support
Hello Rod,
Please review the section on cross compiling in the wolfSSL User Manual:
https://www.wolfssl.com/docs/wolfssl-ma … users%20on
Let us know if there are questions.
Hi adarshr.r6
Thank you so much for reaching out to wolfSSL support, can you tell us a bit about what you are working on and the high-level overview of the project to help us better classify this inquiry? Thank you in advance!
Your application must include the wolfSSL configuration headers before any others.
https://github.com/wolfSSL/wolfssl-exam … -tls.c#L34
/* wolfSSL */
#include <wolfssl/options.h>
#include <wolfssl/ssl.h>
Let us know if there are questions.
Please try only creating a new SSL object, instead of a new CTX and SSL. Here is an example:
https://github.com/wolfSSL/wolfssl-exam … tls-perf.c
Your last message did not attach a pcap file
Could you share the wolfSSL configuration? Also a log and pcap is very useful in determining why a connection is failing. If you'd prefer to keep this information private, please feel free to open a support ticket by emailing support @ wolfssl.com
Have you run the example stand-alone yet? It might be useful to see it working first, then try to integrate.
Hello Junkhar,
Thanks for contacting wolfSSL Support. Which Harmony webserver example project are you testing with?
Browsers often open multiple TLS connections to help speed up displaying a webpage. This can cause issues with embedded servers. Are you seeing a single connection succeed? If you test with wget does it work?
Thanks,
Eric
Hello Davide,
You'll want to cross-compile the library. Here is an example:
GENERIC EXAMPLE:
./configure \
CC="/path/to/your/toolchain/toolchain-gcc" \
AR="/path/to/your/toolchain/toolchain-ar" \
AS="/path/to/your/toolchain/toolchain-gcc" \
RANLIB="/path/to/your/toolchain/toolchain-ranlib" \
LD="/path/to/your/toolchain/toolchain-ld" \
--host=<your host> \
<your other configure options here> \
CFLAGS="-mcpu=<your cpu definition here> \
<other cflags here>" \
LIBS="<libs>"
SPECIFIC EXAMPLE:
./configure \
CC="/usr/local/gcc_arm/gcc-arm-none-eabi-7-2017-q4-major/bin/arm-none-eabi-gcc" \
AR="/usr/local/gcc_arm/gcc-arm-none-eabi-7-2017-q4-major/bin/arm-none-eabi-ar" \
AS="/usr/local/gcc_arm/gcc-arm-none-eabi-7-2017-q4-major/bin/arm-none-eabi-gcc" \
RANLIB="/usr/local/gcc_arm/gcc-arm-none-eabi-7-2017-q4-major/bin/arm-none-eabi-ranlib" \
LD="/usr/local/gcc_arm/gcc-arm-none-eabi-7-2017-q4-major/bin/arm-none-eabi-ld" \
--host=arm-none-eabi \
--enable-aesgcm --enable-ecc \
CFLAGS="-mcpu=cortex-m4 \
-Os -specs=rdimon.specs" \
LIBS="-Wl,--start-group -lm -lgcc -lc -lrdimon -Wl,--end-group"
Chapter 2.6 of the wolfSSL manual will be helpful, as the same rules apply to wolfMQTT.
https://www.wolfssl.com/docs/wolfssl-manual/ch2/
Hello Akhi,
The wolfSSL interface is agnostic to the underlying transport layer. As such, it does not provide a method for fetching the MAC address. TI-RTOS does provide such capability:
https://www.ti.com/tool/NDKTCPIP
Kind regards,
Eric @ wolfSSL Support
Also, here is an example of a very minimal configuration for ECC. Perhaps it will be useful:
https://github.com/wolfSSL/wolfssl/blob … _min_ecc.h
That does not sound outrageous.
Here is a guide you may find useful:
https://www.wolfssl.com/docs/wolfssl-ma … llocation/
In particular, the tuning section at the end.
Hi Alex,
Nothing stands out as odd in the configuration. There could be an issue in how the application is handling the wolfSSL context.
Have you reviewed the examples repository? In particular this one may be of interest to you:
https://github.com/wolfSSL/wolfssl-exam … blocking.c
Thanks,
Eric @ wolfSSL Support
Excellent. Right, if you had filled the buffer with data (used all 1024 bytes), then the sizeof operator would be correct.
Yes, the sizeof operator returns the actual size of the buffer, not the string. You want to use
#ifndef WOLFSSL_USER_SETTINGS
#include <wolfssl/options.h>
#endif
#include <wolfssl/wolfcrypt/settings.h>
#include <wolfssl/ssl.h>
#include <wolfssl/wolfcrypt/sha256.h>
#include <wolfssl/wolfcrypt/error-crypt.h>
void main() {
byte md5sum[MD5_DIGEST_SIZE];
byte sha256sum[SHA256_DIGEST_SIZE];
byte buffer[1024] = "Hello";
Md5 md5;
Sha256 sha256;
//MD5
wc_InitMd5(&md5);
wc_Md5Update(&md5, buffer, strlen(buffer));
wc_Md5Final(&md5, md5sum);
printf("MD5 is \n");
for(int i=0 ; i < MD5_DIGEST_SIZE ;i++) printf("%x",md5sum[i]);
printf(" \n");
wc_Md5Free(&md5);
//SHA256
wc_InitSha256(&sha256);
wc_Sha256Update(&sha256, buffer, strlen(buffer));
wc_Sha256Final(&sha256, sha256sum);
printf("SHA is \n");
for(int i=0 ; i < SHA256_DIGEST_SIZE ;i++) printf("%x",sha256sum[i]);
printf(" \n");
wc_Sha256Free(&sha256);
}
MD5 is
8b1a9953c4611296a827abf8c4784d7
SHA is
185f8db32271fe25f561a6fc938b2e26436ec304eda51807d1764826381969
Hello
I would be curious to see your application code, perhaps you are hashing the whole buffer, not just the string "Hello"
wolfSSL has a command line utility project, aptly named wolfCLU:
https://github.com/wolfSSL/wolfCLU
I used it below to demonstrate that the hashes match the values from other tools (openssl and sha256sum):
$ echo "Hello" > test.txt
$ wolfssl -hash md5 -in test.txt
09f7e02f1290be211da707a266f153b3
$ openssl md5 test.txt
MD5(test.txt)= 09f7e02f1290be211da707a266f153b3
$ wolfssl -hash sha256 -in test.txt
66a045b452102c59d840ec097d59d9467e13a3f34f6494e539ffd32c1bb35f18
$ sha256sum test.txt
66a045b452102c59d840ec097d59d9467e13a3f34f6494e539ffd32c1bb35f18 test.txt
HI Kelvin,
Thanks for confirming the fix. Most customers of wolfSSL utilize the ZenDesk platform by emailing `support@wolfssl.com`. Tickets in ZenDesk are monitored and more closely tracked.
You are welcome to use whichever method suits you.
Hi Davide,
I have not heard back from my contact at Sysgo (out of office), but you might have some luck reaching out to them also
info@sysgo.com
I participated in a webinar in which the Sysgo engineer developed a demo using PikeOS and wolfSSL / wolfMQTT. Of course wolfSSL and wolfMQTT code is available as open source on Github, but the PikeOS code will need to be provided by Sysgo.
https://www.youtube.com/watch?v=e2MjDM_JjXQ
Thanks,
Eric @ wolfSSL Support
Posts found: 201 to 225 of 360
Generated in 0.023 seconds (77% PHP - 23% DB) with 5 queries