Thanks, Eric.
I sent an email to support@wolfssl.com

Regards;
Gus

Hello Eric:

Thanks for the help.
I followed your guidance and I checked I'm actually using TLS1.2 (somehow I though I was using 1.1) which seems to be the default for AWS IoT Core.

Anyway, I replaced the function to use the wolfSSLv23_client_method( ) which seems to be a better choice to take care of selecting the highest version supported from both ends. Nevertheless, the error continues with same error message....

Any idea what else could be causing the error? Something related to certificates could also give this error?

I appreciate any direction.

Regards;
Gus

Hello:

I'm using wolfssl with Atmel/Microchip ECC508 HW, but I'm not longer able to connect to AWS IoT Core as I'm getting this error;


wolfSSL Leaving DoHandShakeMsgType(), return 0
wolfSSL Leaving DoHandShakeMsg(), return 0
SSL version error
wolfSSL error occurred, error = -326
ERROR: aws_client_mqtt_connect L#618 Error(8) : Failed to TLS connect!

So I guess it's time to updgrade the wolfssl library. However, how should I proceed on this as I see latest release might not have the ECC508 configuration, so dropping the new stack into my project might break the current configuration (using HW accelerator)?

Any help on how to upgrade keeping the current configuration?

Thanks
Gus

Thanks, Kaleb.

BTW, is MD5 supported in wolfSSL? I'm using v. 3.9 and I only found MD2.c in the files...

Thanks
Gus

Hello:
I'm using WolfSSL 3.9 and TLS1.2 running on a Cortex M4 @ 120MHz. Also using ATMEL ATECC508A crypto chip.

I'm downloading firmware to the flash and I need to verify image integrity. I was thinking on using Hash algorithm to verify the integrity. Should I use MD5 (deprecated) instead of SHA-256/512 to have better performance? Since this is an integrity check, I thought using MD5 wouldn't be a problem... Is this correct? Any advise?

Note: firmware image size is ~ 300KBytes.

Thanks
Gus

Update:
I realized the flash routines add 512 bytes of RAM so I guess the current memory configuration for the stack is at the limit, so this change affects the overall wolfSSL stack functioning (to clarify, this doesn't come from my local array, but from the flash routines as it seems they need an extra space to handle the data before writing the flash).

I also wanted to share that, even without the flash routines, it was working fine BUT if at some point the SSL connection breaks, an attempt to reconnect (going through the SSL process again) gives the same error (RSA....: memory/config problem). So it seems there are some memory leakage or garbage that doesn't allow to do the TLS handshaking process for a second time. Only way is to reboot to start from fresh....

It seems I will need to reconfigure memory, but I would like to understand the wolfSSL stack memory requirements to avoid this problem.  The current value of FP_MAX_BITS is 4096. Changing it to 8192 doesn't solve the problem.

Thanks
Gus

Hello:
What exactly means the "RSA_FUNCTION MP_EXPTMOD_E: memory/config problem" error?
I 'm using wolfSSL (with RTOS) to connect to AWS and it works perfect.

Now, I had to add a routine to write flash in the mcu ATSAM4, and for some reason (?), the stack does not longer connect. Checking the log, I see the above error.

I can't find the way the flash routines affect the stack. These routines use an array of 512 bytes but at local scope (inside a function) so it shouldn't affect. The flash routine is a wrapper around routines in ROM (from Atmel) and has few functions to init, unlock, erase and write the flash. Making tests I discover only the write function (last step in the procedure) is the one affects the stack. So the array in memory is not the cause of the problem. I don't know exactly how the flash_write() affects this.

Anyway, I would need to understand what above error means... It's the memory not enough? Why memory config problem? Is there any way to check additional parameters to see how the other code affects the stack?

I hope someone can help.
Thanks
Gus

Hello:

I'm using wolfssl stack with Atmel ATECC508 crytochip.
I 'm getting this error when trying to verify vertificate signature;

About to verify certificate signature
[b]RSA_FUNCTION MP_EXPTMOD_E: memory/config problem[/b]
Rsa SSL verify error
Confirm signature failed
Failed to verify CA from chain
.......
About to verify certificate signature
No CA signer to verify with
Failed to verify Peer's cert
        No callback override available, fatal
wolfSSL Leaving DoHandShakeMsgType(), return -188
wolfSSL Leaving DoHandShakeMsg(), return -188
wolfSSL error occurred, error = -188
ERROR: aws_client_mqtt_connect L#244 Error(8) : Failed to TLS connect!

It's clear there is a memory problem, but I would like to know how much memory is required for this operation. I tried to add more memory to the heap (using FreeRTOS) but it didn't help.
Any other advice about how to solve this issue?

Thanks in advance
Gus

9

(10 replies, posted in wolfSSL)

Hello David:

Thank you!
This definitely helped me to solve the problem.

Thanks again.
Regards;
Gus

10

(10 replies, posted in wolfSSL)

UPDATE:

After many hours of debugging, I think I found the problem...

When the interface receives more than one packet from the last time the code checked for new packets, both messages are passed as one (combining both), and it seems this is not valid for the decryption. I still see with wireshark that all messages are received separately, but the network interface passes them as one.  Can be this the case?

Socks 69
Rev Buffer size 1
Rev Buffer size 1
Rev Buffer size 38
Subscribed Topic = devControl/ABC106{
                                      "Msg":"Help!"
                                                   }

Message (size: 19) = {
                       "Msg":"Help!"
                                    }

Socks 138
Rev Buffer size 1
Rev Buffer size 1
Rev Buffer size 38
Subscribed Topic = devControl/ABC106{
                                      "Msg":"Help!"
                                                   }

Message (size: 19) = {
                       "Msg":"Help!"
                                    }

Socks 69
.....SendAlert.....2 20
----> Detecta problema Decrypting

If this is causing the error, I will see how can I modify it to avoid this problem.
Thanks
Gus

11

(10 replies, posted in wolfSSL)

Hello David:

I was able to rework the code so all mqtt calls are on the same thread, and also increased stack and heap for FreeRTOS tasks to avoid possible memory corruption... But I still have the Decryption issue....

I was also able to narrow down the test case to check when exactly the issue occurs, and it seems to happen when more than one packet is received very fast (at least relative to what the receiver can process) by the internet interface (I tested with both ethernet with lwIP and WiFi with on-chip stack), which apparently cause one of the packets are dropped by the driver and then I get the decryption problem.. So my question is, when a TLS session is in course, does each packet encryption relates to the previous one? I mean, in case a packet is lost, will next packet be decrypted without problem? Since the packet is encrypted, I can't check the content to see if this is exactly what it was sent from the other end....

Thanks for your support.
Regards;
Gus

12

(10 replies, posted in wolfSSL)

David:

While reviewing the code, I realized I have a high priority task which looks for packets arriving from a Radio interface and forward them via MQTT Pub which utilizes wolfSSL_write() to send data to the cloud.
I also have another (lower prority) task which waits for data (MQTT Sub) from the cloud and utilizes wolfSSL_read() for this.
It seems at some point, while the latest task is checking for arrived packets from the cloud, it might be interrupted by the first one to send the radio packets to the cloud. I'm not sure at which point the task is being interrupted but it's possible that while using wolfSSL_read() this happen, leading to a potential problem.

How should I protect the wolfSSL access? Should I use a lock for avoiding concurrent access to wolfSSL_read() and  wolfSSL_write() functions?

UPDATE: it seems you wrote by the time I was writing this message... Thanks for clarifications. I just want to add I'm using MQTT Eclipse Paho as it was the one coming with the example. Anyway, I will continue working on following your advices.

Thank you for your support.
Regards;
Gus

13

(10 replies, posted in wolfSSL)

Hello:

I reviewed the potential memory leaks but so far I'm using malloc() in two places;  to create a socket and a global structure that keeps all MQTT info in one place. I'm not creating those objects more than once...

What I believe I could have is a memory corruption issue; either in the stack or in some data buffer being accessed simultaneously from different tasks...

BTW, I realized in the configuration, I'm using #define SINGLE_THREADED which is not actually the case since I'm using FreeRTOS. Should I use a different one? Is there any restriction/condition for wolfSSL when used with FreeRTOS?

Thanks
Gus

14

(10 replies, posted in wolfSSL)

Hello David:

Thank you very much for your support.

Answering your questions, I'm using the Atmel Zero touch AWS IoT kit (http://www.atmel.com/applications/iot/aws-zero-touch-secure-provisioning-platform/default.aspx?tab=overview ) as a base code. The project is using FreeRTOS and the mcu is Atmel ATSAM4E (with AES) and the kit comes with ATECC508 Crypto chip. (Original code was provided by ATSAMG55 but I ported to my mcu).
Honestly, I'm not sure if Encryption is done by Hardware or Software; how can I check this?

Thanks for the input; I will try to check the memory issue. I will continue investigating on this direction. Any other input, it will be much appreciated.

UPDATE: I tried to search for 'WOLFSSL_TRACK_MEMORY' but it is not there... In settings.h, the configuration define is 'ATMEL_AWS_WOLFSSL' with following configuration;

#if defined(ATMEL_AWS_WOLFSSL)
    #define SINGLE_THREADED
    #define HAVE_ECC
    #define HAVE_AESGCM
    #define HAVE_PK_CALLBACKS
    #define NO_FILESYSTEM
    #define NO_PSK
    #define NO_OLD_TLS
    #define NO_WRITEV
    #define NO_WOLFSSL_DIR
    #define NO_DEV_RANDOM
    #define NO_DSA
    #define NO_HC128
    #define NO_RABBIT
    #define NO_MD2
    #define NO_MD4
    #define NO_MD5
    #define NO_SHA
    #define NO_RC4
    #define NO_DES3
    #define NO_PWDBASED
    #define NO_SKID
    #define NO_SESSION_CACHE
    #define WOLFSSL_USER_IO
    #define WOLFSSL_STATIC_DH
    #define WOLFSSL_CERT_GEN
    #define WOLFSSL_SMALL_STACK
    //#define DEBUG_WOLFSSL
    #define NO_WOLFSSL_SERVER    
#endif

Regards;
Gus

15

(10 replies, posted in wolfSSL)

Hello:

I 'm using the wolfSSL library to secure an MQTT connection with AWS IoT using mutual authentication. A device publishes messages and subscribes to a couple of topics.
So far, I don't have any problem publishing, but eventually, I have decryption problems when receiving a message.

So basically everything works fine until at some point I get this message in the console;
  .....SendAlert.....2 20
which comes from SendAlert(), and means severity: 2, type:20

Debugging the issue, I found problem happens in Decrypt() (internal.c), in case wolfssl_aes_gcm which calls  function wc_AesGcmDecrypt() returning VERIFY_MAC_ERROR -305

Above function is called from ProcessReply() which will return DECRYPT_ERROR  -312 ; which in turns is called by wolfSSL_read() from mqtt_packet_read() function.

Here is the debug info printed when using #define DEBUG_WOLFSSL option in settings.

wolfSSL Entering AesGcmDecrypt
.....SendAlert.....2 20
growing output buffer

wolfSSL Entering AesGcmEncrypt
Shrinking output buffer

Decrypt failed
wolfSSL error occurred, error = -305
wolfSSL error occurred, error = -312
wolfSSL Leaving wolfSSL_read_internal(), return -312
wolfSSL Entering SSL_get_error
wolfSSL Leaving SSL_get_error, return -312
wolfSSL Entering wolfSSL_read()
wolfSSL Entering wolfSSL_read_internal()
wolfSSL Entering ReceiveData()
User calling wolfSSL_read in error state, not allowed
wolfSSL Leaving wolfSSL_read_internal(), return -312

Additionally, from this point on, the publishing is not longer working as the stack remains in an internal error state, so it basically blocks the device for further communication. (I see the publishing messages being sent - also see tcp packes in wireshark - but it seems the server discards these messages as they probably have something wrong...)

My questions are:
1) what could cause this error? I tried with different messages and I can't see a relation with a message type.
2) in case I can't avoid this error; how I can recover from this situation? What should I do to lose the received packet but continue with rest of tasks?

Thanks in advance
Regards;
Gus

16

(6 replies, posted in wolfSSL)

Hello Kaleb:

The is only one place in code where that function is called and it seems to be Ok (no errors seen in the log);

       /* Since AWS IoT server was signed by the VeriSign root CA, this root CA certificate should be loaded to WolfSSL to verify AWS
                        ioT.   */
       ret = wolfSSL_CTX_load_verify_buffer(kit->tls.context, AWS_IOT_ROOT_CERT, sizeof(AWS_IOT_ROOT_CERT),
                                  SSL_FILETYPE_PEM);
       if (ret != SSL_SUCCESS) {
        AWS_ERROR("Failed to set root cert!");
        break;
       }

I ckecked the AWS_IOT_ROOT_CERT is defined (I copied from the working example)

I'm confused as it seems the CA is processed twice; before sending the CLIENT_HELLO and after receiving the SERVER_HELLO. Is this the case?

The first time seems to be Ok, according the log;

wolfSSL Entering wolfSSL_Init
wolfSSL Entering WOLFSSL_CTX_new
wolfSSL Entering wolfSSL_CertManagerNew
wolfSSL Leaving WOLFSSL_CTX_new, return 0
wolfSSL Entering wolfSSL_CTX_set_cipher_list
wolfSSL Entering wolfSSL_CTX_load_verify_buffer
Processing CA PEM file
wolfSSL Entering PemToDer
Adding a CA
wolfSSL Entering GetExplicitVersion
wolfSSL Entering GetMyVersion
Got Cert Header
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Algo ID
Getting Cert Name
Getting Cert Name
Got Subject Name
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Key
Parsed Past Key
wolfSSL Entering DecodeCertExtensions
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeBasicCaConstraint
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeKeyUsage
wolfSSL Entering GetObjectId()
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeSubjKeyId
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
    Parsed new CA
    Freeing Parsed CA
    Freeing der CA
        OK Freeing der CA
wolfSSL Leaving AddCA, return 0
   Processed a CA
Processed at least one valid CA. Other stuff OK

wolfSSL Entering wolfSSL_CTX_use_certificate_chain_buffer
wolfSSL Entering PemToDer
Growing Tmp Chain Buffer
Processing Cert Chain
wolfSSL Entering PemToDer
   Consumed another Cert in Chain
Finished Processing Cert Chain

But the second time is when it fails;

processing certificate
Loading peer's cert chain
    Put another cert into chain
    Put another cert into chain
wolfSSL Entering GetExplicitVersion
wolfSSL Entering GetMyVersion
Got Cert Header
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Algo ID
Getting Cert Name
Getting Cert Name
Failed to verify CA from chain
Verifying Peer's cert
wolfSSL Entering GetExplicitVersion
wolfSSL Entering GetMyVersion
Got Cert Header
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Algo ID
Getting Cert Name
Getting Cert Name
Got Subject Name
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
wolfSSL Entering GetObjectId()
Got Key
Parsed Past Key
wolfSSL Entering DecodeCertExtensions
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeAltNames
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeBasicCaConstraint
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeKeyUsage
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeExtKeyUsage
wolfSSL Entering GetObjectId()
wolfSSL Entering GetObjectId()
wolfSSL Entering GetObjectId()
Certificate Policy extension not supported yet.
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeAuthKeyId
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeCrlDist
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeAuthInfo
wolfSSL Entering GetObjectId()
wolfSSL Entering GetObjectId()
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
About to verify certificate signature
No CA signer to verify with
Failed to verify Peer's cert
        No callback override available, fatal

wolfSSL Leaving DoHandShakeMsgType(), return -188
wolfSSL Leaving DoHandShakeMsg(), return -188
wolfSSL error occurred, error = -188
ERROR: aws_client_mqtt_connect L#193 Error(8) : Failed to TLS connect!

However, the CA is loaded only once at the beginning...
Am' I missing something? My background is not good at this point...

Thanks
Gus

17

(6 replies, posted in wolfSSL)

Hello Kaleb:

Many thanks for your support. I'm advancing a little bit but I'm still struggling to connect to AWS with mutual authentication. :-(

I revised the networking layers and now everything seems to be Ok; I send and receive all information (I was able to setup wireshark with a mirroring port so I can see what's is going on in the embedded device - ethernet interface).

So now, I have problems processing the SERVER_HELLO answer; it seems it's not able to verify certificate signature... Here is the log;

received record layer msg
wolfSSL Entering DoHandShakeMsg()
wolfSSL Entering DoHandShakeMsgType
processing server hello
wolfSSL Entering VerifyClientSuite
wolfSSL Leaving DoHandShakeMsgType(), return 0
wolfSSL Leaving DoHandShakeMsg(), return 0
More messages in record
received record layer msg
wolfSSL Entering DoHandShakeMsg()
wolfSSL Entering DoHandShakeMsgType
processing certificate
Loading peer's cert chain
    Put another cert into chain
    Put another cert into chain
wolfSSL Entering GetExplicitVersion
wolfSSL Entering GetMyVersion
Got Cert Header
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Algo ID
Getting Cert Name
Getting Cert Name
Failed to verify CA from chain
Verifying Peer's cert
wolfSSL Entering GetExplicitVersion
wolfSSL Entering GetMyVersion
Got Cert Header
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Algo ID
Getting Cert Name
Getting Cert Name
Got Subject Name
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
wolfSSL Entering GetObjectId()
Got Key
Parsed Past Key
wolfSSL Entering DecodeCertExtensions
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeAltNames
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeBasicCaConstraint
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeKeyUsage
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeExtKeyUsage
wolfSSL Entering GetObjectId()
wolfSSL Entering GetObjectId()
wolfSSL Entering GetObjectId()
Certificate Policy extension not supported yet.
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeAuthKeyId
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeCrlDist
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeAuthInfo
wolfSSL Entering GetObjectId()
wolfSSL Entering GetObjectId()
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
About to verify certificate signature
No CA signer to verify with
Failed to verify Peer's cert
        No callback override available, fatal
wolfSSL Leaving DoHandShakeMsgType(), return -188
wolfSSL Leaving DoHandShakeMsg(), return -188
wolfSSL error occurred, error = -188
ERROR: aws_client_mqtt_connect L#193 Error(8) : Failed to TLS connect!

wolfSSL Entering SSL_free
CTX ref count not 0 yet, no free
Shrinking input buffer

wolfSSL Leaving SSL_free, return 0
wolfSSL Entering SSL_CTX_free
CTX ref count down to 0, doing full free
wolfSSL Entering wolfSSL_CertManagerFree
wolfSSL Leaving SSL_CTX_free, return 0
wolfSSL Entering wolfSSL_Cleanup
ERROR: aws_client_init_mqtt_client L#122 Error(7) : Failed to connect to Host!

(Note: I can attach the complete log - with certificates and public keys if necessary...).

Could you please tell me what is wrong? Since I got all this code from a working example (with different processor), I would assume all certificates would be in place.

I would really appreciate your help.

Thanks
Gus

18

(6 replies, posted in wolfSSL)

I have to set the Date/Time as the error indicates the CA cert is expired.

Thanks

19

(6 replies, posted in wolfSSL)

Hello All:

I have wolfSSL working fine with the Atmel Zero touch AWS kit (http://www.atmel.com/applications/iot/a … b=overview). It has WINC1500 WiFi and CryptoAuthentication chip ATECC508.

Now, I'm trying to port it to my hardware with different network (ethernet) and I'm getting following error which I'm not sure if it's related to a network problem or something else.... I'm using the same Crypto chip that was provisioned in the other hardware so that should be Ok. But is seems it' has problem adding the CA certificate... I see the log shows a connection problem but I think it's part of the previous error, as I can see the connection with the host happens, although there is no Client HELLO message after that.

Here is the log I have;

wolfSSL Entering WOLFSSL_CTX_new
wolfSSL Entering wolfSSL_CertManagerNew
wolfSSL Leaving WOLFSSL_CTX_new, return 0
wolfSSL Entering wolfSSL_CTX_set_cipher_list
wolfSSL Entering wolfSSL_CTX_load_verify_buffer
Processing CA PEM file
wolfSSL Entering PemToDer
Adding a CA
wolfSSL Entering GetExplicitVersion
wolfSSL Entering GetMyVersion
Got Cert Header
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Algo ID
Getting Cert Name
Getting Cert Name
Got Subject Name
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Key
Parsed Past Key
wolfSSL Entering DecodeCertExtensions
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeBasicCaConstraint
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeKeyUsage
wolfSSL Entering GetObjectId()
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeSubjKeyId
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
    Parsed new CA
    Freeing Parsed CA
    Freeing der CA
        OK Freeing der CA
wolfSSL Leaving AddCA, return -150
wolfSSL error occurred, error = -150
CA Parse failed, with progress in file.
Search for other certs in file
ERROR: aws_client_net_tls_cb L#355 Failed to set root cert!
wolfSSL Entering SSL_CTX_free
CTX ref count down to 0, doing full free
wolfSSL Entering wolfSSL_CertManagerFree
wolfSSL Leaving SSL_CTX_free, return 0
wolfSSL Entering wolfSSL_Cleanup
ERROR: aws_client_init_mqtt_client L#122 Error(7) : Failed to connect to Host!

What is this error exactly? Is this related with CA certificate? I would appreciate any help.

Thanks
Gus

20

(1 replies, posted in wolfSSL)

Hello All:

I'm trying to understand wolfSSL library and after reading user manual where it explains how to change an application to use it, and basically says the application should replace the read() and write() functions with wolfSSL_read() and wolfSSL_write() ; I'm wondering how those new functions are reaching the read() and write() functions that ultimately transmit/receive the data....  I mean, is there any callback that sets in initialization or how does it work?

Thanks
Gus

21

(5 replies, posted in wolfSSL)

Hello Kaleb:

Sorry for not replying before.
Actually I didn't know very well how to look at the information you requested, as I'm using Atmel Studio IDE (GCC tools) and I took an example ready for SAMD20 which was working fine but when porting to SAM4E I got these errors.

I was able to get rid of the errors, but I renamed the Aes y Gmac structures/definition in wolf and then renamed accordingly to correct subsequent errors in compilation. I'm not sure if it was a good idea but at least it compiles. I can revert this changes if necessary.

It's a good tip you give me in your last post so I will use it and learn more.

I will post if I get more errors or I have it working at some point.

Thanks
Gus

22

(5 replies, posted in wolfSSL)

Hello Kaleb:

Thanks for looking into this.

I now included #define SINGLE_THREADED and also created a project level #define WOLFSSL_LWIP but I still get the same "Conflicting types Aes" error.

(in my previous post I said including SINGLE_THREADED the project compiled, but I was including a function that call the wolfssl stack so the error was still there...).

If I don't include WOLFSSL_LWIP I get additional errors...

It seems Atmel port handles this issue as in wolfssl/wolfcrypt/src/port/atmel/atmel.c these lines remap those structures;

#include <wolfssl/wolfcrypt/settings.h>

#ifdef WOLFSSL_ATMEL

#include <wolfssl/wolfcrypt/memory.h>
#include <wolfssl/wolfcrypt/error-crypt.h>
#include <wolfssl/ssl.h>
#include <wolfssl/internal.h>

#define Aes Aes_Remap
#define Gmac Gmac_Remap
#include "asf.h"
#undef Aes
#undef Gmac

#include <wolfssl/wolfcrypt/port/atmel/atmel.h>

static bool mAtcaInitDone = 0;

#ifdef WOLFSSL_ATECC508A

/* List of available key slots */

.......

but it still fails...

I would appreciate any guide on this.

Thanks

Gus

23

(5 replies, posted in wolfSSL)

Hello:

I have a Wolfssl + ATECC508 example working on ATSAMD21 and I want to port it to ATSAM4E which already has AES hardware.
When compiling I get "Conflicting types for Aes" so I guess the error is because an Aes structure is defined both in Atmel files and WolfSSL as well.

In fact, the port compiled before but since I 'm using FreeRTOS, I commented out the line #define SINGLE_THREADED in user_settings.h for wolfssl. I also had to declare FREERTOS_TCP to match configuration in setting.h. From this configuration, I'm getting the error.

My question is how to proceed in this cases? Renaming one of them could impact other source files so I'm not sure what to do. Also, how to setup wolfssl to use AES hardware in this case?

Thanks
Gus