You are not logged in. Please login or register.
Please post questions or comments you have about wolfSSL products here. It is helpful to be as descriptive as possible when asking your questions.
ReferenceswolfSSL - Embedded SSL Library → Posts by Extremee
Pages 1
Hi Kaleb,
I found the issue 173 - BAD_FUNC_ARG. It must be something with generated seed in random.c. I implemented this with a template from arduino. This one fails at ssl_new(). When I just return 0 - (I have read that somewhere) - in the generated seed the error is than 370 in ssl_accept().
Could this be the failure? What should I write in the generated seed, when the one from arduino is failing?
Regards,
Thomas
Hi Kaleb,
that's the point i changed nothing. I just downloaded wolfssl again and configured it as I had it before. Then I replaced the old library with the new ohne.
The settings are the same which I posted before.
I know and I thank you, that you spend your time on my issues. Do you have an idea what i could try?
Regards
Thomas
Hi Kaleb,
as I wrote in my first post. I want to establish a DTLS-over-CoAP server on the Arduino MKR1000. This project is the last part of my bachelor thesis.
Today i thought to configure the library new. I got stuck on an error way before the other issues. Now wolfSSL_new() fails with 173 - BAD_FUNC_ARG. I don´t know how this would go to an end.. please help me again.
Regards
Thomas
Hi Kaleb,
yes I use UDP.
My settings:
#ifdef WOLFSSL_ARDUINO
#define WOLFSSL_DTLS
#define USER_TIME
#define NO_INLINE
#define NO_WRITEV
#define NO_WOLFSSL_DIR
#define SINGLE_THREADED
#define NO_DEV_RANDOM
#define WOLFSSL_USER_IO
#define HAVE_ECC
#define NO_DH
#define NO_SESSION_CACHE
#define USE_SLOW_SHA
#endifI used this tutorial to transform your dtls server example to my arduino.
Here is my code on Arduino. I attached the wolfSSL_write function to my code. Before this I skipped everything in the code when ssl_accept failed. Now the server is sending a client hello back. A new wireshark capture is also attached. But I still get 370 or 311 error in ssl_accept, depends on what the client writes in the epoch field.
Here is my code from the arduino sketch:
void loop()
{
int sz;
// With awaitDataGramm() I create the socket, set options, bind the socket and wait for a client. The client arrival is handled by a Arduino WiFiInterface
int socketCheck = udp.awaitDataGramm(5684);
Serial.println("SocketCheck ");
Serial.print(socketCheck);
//Returns the created socketnumber
Serial.println(udp.getListenSocket());
while (cleanup != 1) {
// udp.parsePacket() is everytime called when a new package is arriving. And it stores the clientIP, ClientPort.
if ((sz = udp.parsePacket()) > 0) {
//Storing clientIP, clientPort and Socket for wolfssl.
getIpAndPort(udp.remoteIP(), udp.remotePort(), udp.getListenSocket());
if (( ssl = wolfSSL_new(ctx) ) == NULL) {
Serial.println("wolfSSL_new error.\n");
cleanup = 1;
}
if (wolfSSL_set_fd(ssl, udp.getListenSocket()) != SSL_SUCCESS) {
Serial.println("set_fd error");
cleanup = 1;
}
int result;
//Accept always runs into an error.
//When client sets epoch time field to 0 a 311 error results.
//When client sets epoch time field > 0, wolfssl is looping in processReply() because always getRecordHeader has the SEQUENCE_ERROR as the return value
if ((result = wolfSSL_accept(ssl)) != SSL_SUCCESS) {
Serial.println(result);
int err = wolfSSL_get_error(ssl, 0);
Serial.println(err);
Serial.println("SSL_accept failed.\n");
cleanup = 1;
}
float temperature = readTemp();
Serial.println(temperature);
static char temp[4];
sprintf(temp, "%f", temperature);
int checkRead;
if ((checkRead = wolfSSL_read(ssl, packetbuf, sizeof(packetbuf))) < 0) {
Serial.println("Read failed");
}
int checkWrite;
if ((checkWrite = wolfSSL_write(ssl, temp, sizeof(temp))) < 0) {
Serial.println("Write failed");
}
}Regards
Thomas
Hi Kaleb,
thank you for your reply.
I am implementing the server side.
The wireshark capture is the attempt to connect a client to the server. My server sends nothing back because it fails during the ssl_accept.
The DtlsCheckWindow returns now 1 but only because ssl->keys.curEpoch == ssl->keys.nextEpoch are 0. After this it runs into UNKNOWN_RECORD_TYPE.
Regards
Thomas
Hi Kaleb,
thank you for your answer. You were right WOLFSSL_USER_IO was defined in the settings. I implemented my own IO callbacks and now the Socket processes the values correctly. Your questions:
What TCP/IP stack are you using?
I use WiFi - IP - UDP.
Are you checking all the return values when creating the socket?
Yes I do.
Are you confident the socket was successfully opened for TCP prior to calling wolfSSL_connect on the file descriptor?
Here I´m not shure what you mean.
A new error occured in method ProcessReply from internal.c. When
GetRecordHeader has been called it returns: SEQUENCE_ERROR -370
case getRecordLayerHeader:
ret = GetRecordHeader(ssl, ssl->buffers.inputBuffer.buffer,
&ssl->buffers.inputBuffer.idx,
&ssl->curRL, &ssl->curSize);The 370 error comes from the following position:
#ifdef WOLFSSL_DTLS
myRecordBuffer = DtlsCheckWindow(ssl);
if (IsDtlsNotSctpMode(ssl) &&
(!DtlsCheckWindow(ssl) ||
(ssl->options.handShakeDone && ssl->keys.curEpoch == 0))) {
return SEQUENCE_ERROR;
}
#endifIf gets hit because IsDtlsNotSctpMode(ssl) == 1 and !DtlsCheckWindow(ssl) == 0.
Please help me.
Regards,
Thomas
Hi,
my aim is to establish a CoAP Server with DTLS over UDP on an Arduino MKR1000. I used microcoap for CoAP and a given example UDP implementation from Arduino. To enable DTLS I followed the wolfSSL DTLS Server example
I merged this example to the UDP implementation from Arduino. Before this I ported wolfssl to the Arduino and implemented the random and xtime function.
My problem is, that the handshake fails, when I establish a connection with a CoAPS client to my CoAP server. On the server I get the UDP package and I could parse it. But when I call wolfSSL_accept(ssl) it returns -1 and the error code is 308 - SOCKET_ERROR_E. The ssl parameter is not null. The source of the error is, when the following method gets called in internal.c:
in = Receive(ssl,
ssl->buffers.inputBuffer.buffer +
ssl->buffers.inputBuffer.length,
inSz);
if (in == -1)
return SOCKET_ERROR_E;Why did I get this error?
Thanks,
Thomas
Pages 1
wolfSSL - Embedded SSL Library → Posts by Extremee
Powered by PunBB, supported by Informer Technologies, Inc.
Generated in 0.017 seconds (96% PHP - 4% DB) with 4 queries