You are not logged in. Please login or register.
Active topics Unanswered topics
Welcome to the wolfSSL Forums!
Please post questions or comments you have about wolfSSL products here. It is helpful to be as descriptive as possible when asking your questions.
References
Stable Releases - download stable product releases.
Development Branch - latest development branch on GitHub.
wolfSSL Manual - wolfSSL (formerly CyaSSL) product manual and API reference.
Search options (Page 4 of 4)
Hi Simon,
I tried connecting to the example Scandium server using Eclipse across a local host connection and saw Scandium send all of DTLS 1.2 flight 4 at once for a grand size of 1,985 bytes. Then the scenario you described earlier. The reason for this is our MTU size for DTLS is set to a conservative 1,500 but is not large enough to handle that size. This is a larger size than what is expected to be sent. A temporary fix for this is to adjust the size in wolfssl/internal.h about line 811 setting MAX_MTU to be 2500 rather than 1500. After doing that I was then able to get farther in the handshake.
Regards,
Jacob
Hi sbernard,
To answer the question about Supported Elliptic Curves after enabling them as a configure option they then need to be added to the client ssl struct. In example,
code to init ssl struct ....
if (wolfSSL_UseSupportedCurve(ssl, WOLFSSL_ECC_SECP160R1) != SSL_SUCCESS)
printf("handle error\n);
...code to make connection and then clean up
If using the example wolfSSL client this function call can be added in at line 788 of the current one. As soon as one has been added then the client sends out the ECC curve extension. With wireshark there should then be Extension: elliptic_curves when looking at the client hello. Just as farther info when using, all available curve options are
WOLFSSL_ECC_SECP160R1 = 0x10,
WOLFSSL_ECC_SECP192R1 = 0x13,
WOLFSSL_ECC_SECP224R1 = 0x15,
WOLFSSL_ECC_SECP256R1 = 0x17,
WOLFSSL_ECC_SECP384R1 = 0x18,
WOLFSSL_ECC_SECP521R1 = 0x19
Unfortunately the ECC Point Format Extension has not yet been added. There is some internal code started for it but it has gotten pushed to the back burner.
Regards,
Jacob
Hi Amir,
Sorry, yeah looks like that function only exports to ANSI X9.63 format.
I did some farther resarch into possible ways for wolfSSL to convert an ECC key to DER format. We currently don't have a function or process that can convert ECC keys to DER format to then be used in wolfSSL_CTX_use_PrivateKey_buffer(). Thanks for bringing it to our attention though, it's now been added to the feature list for looking into adding a future ECC to DER function.
Regards,
Jacob
Hello Amir
Let me know if this is what you are looking for http://www.yassl.com/forums/topic518-co … o-der.html
If not could you tell us some more about the project and the use case?
Thanks,
Jacob
Posts found: 76 to 79 of 79
Generated in 0.017 seconds (90% PHP - 10% DB) with 5 queries