Hi cxenof03,

The encryption algorithm is initialized with the call to keys.c:SetKeysSide(). Actually the internal function SetKeys() is making the calls to wc_AesInit() and wc_AesGcmSetKey().

WritePSKBinders sets the keys for early data on the client. DoPreSharedKeys sets the keys on the server.

* The PSK establishes a master secret. See SetupPskKey() and DoPreSharedKeys().
* DeriveEarlySecret() derives the secret for creating the keys. See "Early Secret" in diagram in TLS 1.3 spec, page 93.
* DeriveTls13Keys() calls DeriveEarlySecret() and then derives the key that is placed in the 'Key data' that is used in SetKeysSide. See "client_early_secret_traffic_secret" in TLS 1.3 spec, page 93.
* SetKeysSide takes the 'Key data' and extracts out the key to use.

Thanks,
David Garske, wolfSSL

Hi Hadrien,

Have you seen our recent PR adding attestation support?
https://github.com/wolfSSL/wolfTPM/pull/161

We are also working on another example that uses TLS v1.3 between peers that should be posted in a few weeks.

If you are not familiar with it the tpm.dev website has some great discussions on this topic.

Thanks,
David Garske, wolfSSL

Hi keeperp,

Thank you for the report. I believe the `WOLF_CONF_MATH == 4` option will work if you comment out `WOLFSSL_SP_MATH` in the generated `wolfSSL.I-CUBE-wolfSSL_conf.h`. The `WOLFSSL_SP_MATH` define reduces code size and disables some areas of the code.

For example if building this on Linux "./configure --enable-srp --enable-sp --enable-sp-math && make" it will report "configure: error: Cannot use single precision math and SRP".
If I build without `--enable-sp-math` or `WOLFSSL_SP_MATH` it works fine.

Thanks,
David Garske, wolfSSL

Hi cxenof03,

1) Good point. I put up a PR with API's for getting the static ephemeral here:
https://github.com/wolfSSL/wolfssl/pull/3942

2) Those are pointers to DerBuffer (ASN.1) with members `buffer` and `length`. The above PR should solve this for you.

3) Yes the KeyShare public keys will map to the static ephemeral keys.

Thanks,
David Garske, wolfSSL

Hi Abhishek,

That is good news regarding the Cube pack.

We fully support both bare-metal and LWIP. For LWIP we support either the Posix or RAW interface. With the LWIP Posix interface requires threading (I believe). We do have an LWIP raw example in an old PR here:
https://github.com/wolfSSL/wolfssl/pull/599

Another option is to define `WOLFSSL_USER_IO` and set read / write callbacks using the following API's:

/* I/O callbacks */
typedef int (*CallbackIORecv)(WOLFSSL *ssl, char *buf, int sz, void *ctx);
typedef int (*CallbackIOSend)(WOLFSSL *ssl, char *buf, int sz, void *ctx);
WOLFSSL_API void wolfSSL_CTX_SetIORecv(WOLFSSL_CTX*, CallbackIORecv);
WOLFSSL_API void wolfSSL_CTX_SetIOSend(WOLFSSL_CTX*, CallbackIOSend);
WOLFSSL_API void wolfSSL_SSLSetIORecv(WOLFSSL*, CallbackIORecv);
WOLFSSL_API void wolfSSL_SSLSetIOSend(WOLFSSL*, CallbackIOSend);

We have some examples for this here:
https://github.com/wolfSSL/wolfssl-exam … callback.c

Thanks,
David Garske, wolfSSL

Hi All,

I have posted an example for using our TLS v1.3 secret logging here:
https://github.com/wolfSSL/wolfssl-examples/pull/251

Thanks,
David Garske, wolfSSL

Hi Iyaps,

For TLS v1.3 it is on by default, but you can explicitly set `--enable-tls13` to turn it on.

TLS v1.3 requires the following additional build options (if not using ./configure):

#define WOLFSSL_TLS13
#define HAVE_FFDHE_2048
#define HAVE_HKDF
#define WC_RSA_PSS

Thanks,
David Garske, wolfSSL

Hi Iyyappan,

Can you provide me your build settings? Are you using custom IO callbacks for the LWIP layer or the LWIP socket layer and wolfio.c default implementation? Its possible the callback is not returning the right values.

Since you are using multi-threading I assume you have `FREERTOS` defined for mutex protection. Even so you may not use the same WOLFSSL object from more than one thread. There is a feature you can use to duplicate the WOLFSSL object so you have one for reading and another for writing. If interested that is `HAVE_WRITE_DUP` and `wolfSSL_write_dup`.

Thanks,
David Garske, wolfSSL

Hi Iyyappan,

Can you share a snippet of your code calling wolfSSL_read()? Also can you call `err = wolfSSL_get_error(ssl, 0);` and see if any other error code is returned? Also can you enable logging using DEBUG_WOLFSSL and calling wolfSSL_Debugging_ON()?

I suspect either an issue with heap memory exhausted or the supplied argument to wolfSSL_read invalid.

Thanks,
David Garske, wolfSSL

Hi Abhishek,

No, the directory in wolfssl/linuxkm must be excluded. Those files are only for building with the Linux Kernel Module.

Right-click this folder in Project Explorer tree and go to "Properties". Under Resource there is an option to exclude the directory. I am running some tests with the wolfSSL Cube pack v4.7.0 again to make sure my fix for this exclusion is working.

Thanks,
David Garske, wolfSSL

Hi Kim,

You cannot fix this issue by adding build macros above the options.h in your application. You must compile the wolfSSL library with these settings otherwise the wolfSSL code will not be updated to support 4096-bit keys.

If you use the instructions above for adding CFLAGS to your ./configure it will build the library with these settings and also include them in your options.h.

Perhaps you should send an inquiry to our support@wolfssl.com referencing this forum post for some additional guidance?

Thanks,
David Garske, wolfSSL

Hi Robert,

I agree, if you model it off AES GCM it should be easy. Feel free to put up a PR with your contribution and I can review/comment. To merge we would need a signed contributor agreement or once you have a license agreement.

Thanks,
David Garske, wolfSSL