76 Reply by Jacob

(5 replies, posted in wolfSSL)

Hi sbernard,

To answer the question about Supported Elliptic Curves after enabling them as a configure option they then need to be added to the client ssl struct. In example,

code to init ssl struct ....

    if (wolfSSL_UseSupportedCurve(ssl, WOLFSSL_ECC_SECP160R1) != SSL_SUCCESS)
        printf("handle error\n);

   ...code to make connection and then clean up

If using the example wolfSSL client this function call can be added in at line 788 of the current one. As soon as one has been added then the client sends out the ECC curve extension. With wireshark there should then be Extension: elliptic_curves when looking at the client hello. Just as farther info when using, all available curve options are

WOLFSSL_ECC_SECP160R1 = 0x10,
WOLFSSL_ECC_SECP192R1 = 0x13,
WOLFSSL_ECC_SECP224R1 = 0x15,
WOLFSSL_ECC_SECP256R1 = 0x17,
WOLFSSL_ECC_SECP384R1 = 0x18,
WOLFSSL_ECC_SECP521R1 = 0x19

Unfortunately the ECC Point Format Extension has not yet been added. There is some internal code started for it but it has gotten pushed to the back burner.

Regards,
Jacob

Go to forum: wolfSSL

77 Reply by Jacob

(6 replies, posted in wolfSSL)

Hi Amir,
Sorry, yeah looks like that function only exports to ANSI X9.63 format.
I did some farther resarch into possible ways for wolfSSL to convert an ECC key to DER format. We currently don't have a function or process that can convert ECC keys to DER format to then be used in wolfSSL_CTX_use_PrivateKey_buffer(). Thanks for bringing it to our attention though, it's now been added to the feature list for looking into adding a future ECC to DER function.

Regards,
Jacob

Go to forum: wolfSSL

78 Reply by Jacob

(6 replies, posted in wolfSSL)

Hello Amir
Let me know if this is what you are looking for http://www.yassl.com/forums/topic518-co … o-der.html
If not could you tell us some more about the project and the use case?
Thanks,
Jacob

Go to forum: wolfSSL