You are not logged in. Please login or register.
Active topics Unanswered topics
Welcome to the wolfSSL Forums!
Please post questions or comments you have about wolfSSL products here. It is helpful to be as descriptive as possible when asking your questions.
References
Stable Releases - download stable product releases.
Development Branch - latest development branch on GitHub.
wolfSSL Manual - wolfSSL (formerly CyaSSL) product manual and API reference.
Search options
Unfortunately I still have not seen a single SSL connection example that works on LPC1768 board with the wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, 0);
We have tested our code using your standard wolfSSL embedded SSL library on a Mac and it works, but it does not work on this board.
If you know of any working example that can connect to google or twitter or some such site over HTTPS, please let me know.
Thanks.
Where is your example server?
I am developing for LPC1768 (mbed board) and need an embedded SSL library. Does wolfSSL come with Trusted CA roots or one has to load them manually?
Any updates on this? Or any other pointers?
Okay. I tried using this Extension by adding the following 2 defines in settings.h :
#define HAVE_TLS_EXTENSIONS
#define HAVE_MAX_FRAGMENT
and in main.cpp where SSL is getting initialized,
ssl = CyaSSL_new(ctx);
if (CyaSSL_CTX_UseMaxFragment(ctx, CYASSL_MFL_2_9) != SSL_SUCCESS) {
printf("CyaSSL_CTX_UseMaxFragment failed\n");
int err = CyaSSL_get_error(ssl, 0);
err_sys("SSL Connection Error");
}
Unfortunately, this did not have any effect and the program stopped at the same location. And I am still not sure why it uses NetSecure_BlkGet.
Well, if it was a memory issue, wouldn't XMALLOC fail with a NULL pointer? I am checking for NULL. So in integer.c in mp_init_size() I have the following:
/* alloc mem */
a->dp = OPT_CAST(mp_digit) XMALLOC (sizeof (mp_digit) * size, 0,
DYNAMIC_TYPE_BIGINT);
if (a->dp == NULL) {
WOLFSSL_MSG("KRB: mp_init_size: Memory Allocation Failed");
return MP_MEM;
}
I am guessing if this is a memory issue, a->dp would be NULL? In my case, the program literally stops doing anything. There is nothing printed after my statement before XALLOC.
Hi,
The way I found out which XMALLOC will be used, is by using the same ifdef statements that you have in settings.h. So this is not from a Search. Basically, I added the following code in integer.c just before the call to XMALLOC, to determine which XMALLOC will be used:
#if defined(CYASSL_LEANPSK) && !defined(XMALLOC_USER)
CYASSL_MSG("KRB: mp_init_size: Define 1");
#endif
#if defined(XMALLOC_USER) && defined(SSN_BUILDING_LIBYASSL)
CYASSL_MSG("KRB: mp_init_size: Define 2");
#endif
#ifdef EBSNET
CYASSL_MSG("KRB: mp_init_size: Define 3");
#endif
#ifdef CYASSL_SAFERTOS
CYASSL_MSG("KRB: mp_init_size: Define 4");
#endif
#ifdef FREESCALE_MQX
CYASSL_MSG("KRB: mp_init_size: Define 5");
#endif
#if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED)
CYASSL_MSG("KRB: mp_init_size: Define 6. Uses NetSecure_BlkGet");
#endif
So even I am confused as to why it uses this.
I will definitely look into this Maximum Fragment Length Extension.
Thanks,
Kedar
I am using a LPC1768 and while trying to establish SSL connection with Google, and using CyaSSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, NULL), my program gets stuck in mp_init_size function (Integer.c) during Signature Verification. I traced this to a XMALLOC call. Looking at Settings.h and using standard debugging I see that it is using NetSecure_BlkGet -
#if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED)
#define MICRIUM_MALLOC
#define XMALLOC(s, h, type) ((void *)NetSecure_BlkGet((CPU_INT08U)(type), \
(CPU_SIZE_T)(s), (void *)0))
Now where is this NetSecure_BlkGet function and any idea why it gets stuck here?
Thanks.
I printed the memory allocations on this board, and they don't seem to be topping off -
Main RAM = 8680 (has 32K total)
AHBSRAM0 = 16384 (this used by Ethernet is topped off)
AHBSRAM1 = 11348 (this one used by USB is low)
CANRAM = 0 (not used at all - I think this is 2K)
This doesn't look like memory issue. It just dies in the call to mp_mulmod. It never comes out.
Hello Chris,
Well I am not sure what it is set to (since I did not set it explicitly and I am fairly new to this platform). I am using the mbed online IDE (compiler). I am surely not using fast math (USE_FAST_MATH is not defined for mbed platform by default either).
I did manage to trace it further and I think it does run out of memory, although I don't get any explicit error message for it. The program stops after a call to mp_grow. From the online IDE's "Build details" the RAM footprint of this is about 36K. The board has 64K of RAM but from the Memory model doc for mbed (http://developer.mbed.org/handbook/Memory-Model) it seems 32K is dedicated for peripheral drivers and such :-(
Thanks,
Kedar
Using LPC1768 mbed board with the Application board to connect to google.com over SSL.
Doing wolfSSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, NULL) to connect to google.com over SSL. After going through various validations, there is the Signature Verification (call to ConfirmSignature in asn.c). sigOID is 649 (CTC_SHAwRSA) and keyOID is 645 (RSAk). This calls RsaSSL_VerifyInline. Then a call to RsaFunction. Here the type is RSA_PUBLIC_DECRYPT. In this block, there is a call to mp_exptmod. But the call is never made. I have a debug line as the first line in the mp_exptmod function but that never gets called. The code never reaches this line! It is as if the function never gets called. The program just stops there.
Any help/pointers will be greatly appreciated.
Posts found: 11
Generated in 0.017 seconds (95% PHP - 5% DB) with 4 queries