101 Reply by chrisc

(4 replies, posted in wolfCrypt)

Hi Michael,

I don't have an exact answer for you regarding fastmath default configuration on Windows.  Ultimately, we leave the math library choice up to the end user.

user_settings.h is the best place for you to maintain your list of custom preprocessor defines and settings, as it is external to the library proper and can be more easily maintained by the user across wolfSSL version updates.

I'll look into the function calls needed for MakeCertReq() and get back to you shortly.

Best Regards,
Chris

Go to forum: wolfCrypt

102 Reply by chrisc

(3 replies, posted in wolfSSL)

Hi earlenceferns,

Although not in the example client usage, the "-W" parameter requires an argument.  Using your above command, to connect to mozilla.org:443 using OCSP Stapling V2, you would want to do:

$ cd wolfssl-3.9.6
$ ./configure --enable-ocspstapling2
$ make
$ ./examples/client/client -h mozilla.org -p 443 - A DigiCert_High_Assurance_EV_Root_CA.pem -W 2

Best Regards,
Chris

Go to forum: wolfSSL

103 Reply by chrisc

(3 replies, posted in wolfSSL)

Hi Michael,

It sounds like this issue has been fixed, can you confirm?

Thanks,
Chris

Go to forum: wolfSSL

104 Reply by chrisc

(2 replies, posted in wolfSSL)

Hi athorel-asi,

Thanks for posting and letting us know you fixed your issue!

Best Regards,
Chris

Go to forum: wolfSSL

105 Reply by chrisc

(9 replies, posted in wolfSSL)

Hi,

Can you send me the output of your wolfSSL debug log for the case you think is odd/incorrect?  wolfSSL debugging can be enabled by compiling wolfSSL with DEBUG_WOLFSSL, then calling wolfSSL_Debugging_ON() as the first wolfSSL function call in your application code.

Thanks,
Chris

Go to forum: wolfSSL

106 Reply by chrisc

(6 replies, posted in wolfSSL)

Hi sfefanoss1019,

If you want to import an ECC key in DER format into an ecc_key structure, you will want to use the following function.  If you are importing an ECC generated by OpenSSL, you will want to compile wolfSSL with ECC_DECODE_EXTRA defined.

#include <wolfssl/wolfcrypt/asn_public.h>
int wc_EccPublicKeyDecode(const byte* input, word32* inOutIdx, ecc_key* key, word32 inSz);

If you instead want to import an ECC key into a WOLFSSL_CTX structure, for use in an SSL/TLS connection, you can use the following function.  Again, you will need to compile wolfSSL with ECC_DECODE_EXTRA if loading an ECC key generated by OpenSSL:

#include <wolfssl/ssl.h>
int wolfSSL_CTX_use_PrivateKey_file(WOLFSSL_CTX* ctx, const char* file, int format);

The "format" parameter in the above function should be either SSL_FILETYPE_PEM if the key is PEM formatted or SSL_FILETYPE_ASN1 for a DER formatted key.

Best Regards,
Chris

Go to forum: wolfSSL

107 Reply by chrisc

(4 replies, posted in wolfCrypt)

To answer your question about fastmath as the default, we do enable it as the default on Unix/Linux 64-bit platforms.

On some 32-bit platforms users will get an error about a missing register being available because of PIC.  We have a few workarounds for this issue listed in the README, but for out-of-the-box compilation we have opted not to enable it by default on 32-bit platforms.

In general, fastmath is more commonly used over the normal big integer library - both on embedded platforms and desktop/enterprise ones.  It is quite a bit faster on most platforms.

Best Regards,
Chris

Go to forum: wolfCrypt

108 Reply by chrisc

(4 replies, posted in wolfCrypt)

Hi Michael,

I verified that the wolfCrypt test's certificate request generation successfully generates "certreq.pem" using both the normal and fastmath libraries, on my development machine (OSX).

To address your header question, can you first verify that wolfSSL and your application are being compiled with the exact same preprocessor defines?  If these differ it's very possible that you could be seeing problems.  That was the issue the the post you linked to.

Thanks,
Chris

Go to forum: wolfCrypt

109 Reply by chrisc

(11 replies, posted in wolfSSL)

Hi StrToLower,

The main source and header directories of the wolfSSL package are:

./wolfssl - All wolfSSL and wolfCrypt headers, this directory structure needs to remain intact (ie: ./wolfssl, ./wolfssl/wolfcrypt, etc.).

./wolfcrypt - This directory holds the sources files for the underlying wolfCrypt crypto module.  Normally you can include all source files from this directory.  Features are excluded through the use of preprocessor defines (ex: NO_DES3)

./src - This directory holds the source files for the wolfSSL SSL/TLS layer.  All files in this directory should be compiled as well.

Best Regards,
Chris

Go to forum: wolfSSL

110 Reply by chrisc

(3 replies, posted in wolfCrypt)

Hi Colin,

Great! Glad that fixed your problem.

Best Regards,
Chris

Go to forum: wolfCrypt

111 Reply by chrisc

(3 replies, posted in wolfCrypt)

Hi,

Have you compiled your application using the same preprocessor defines that were used when compiling wolfSSL?

When using the Autoconf system (./configure), the easiest way to make sure this happens is to include the <wolfssl/options.h> header as the first wolfSSL include in your application:

#include <wolfssl/options.h>
#include <wolfssl/ssl.h>
...

Best Regards,
Chris

Go to forum: wolfCrypt

112 Reply by chrisc

(3 replies, posted in wolfCrypt)

Hi,

In order to use DH with TLS, you will need to load your DH parameter file into the server.  If using wolfSSL, that is done with the wolfSSL_SetTmpDH() function.  You can see an example of this in the wolfSSL example server (./examples/server/server.c).

Unless you have disabled DH support when compiling wolfSSL, DH cipher suites will be available.  If you want to set a specific cipher list, you can do this with the wolfSSL_CTX_set_cipher_list() function.

To have the server authenticate the client, you will want to enable peer verification on the server side by calling wolfSSL_CTX_set_verify.  For example:

SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT),0);

Best Regards,
Chris

Go to forum: wolfCrypt

113 Reply by chrisc

(3 replies, posted in wolfCrypt)

Hi,

Are you interested in using Diffie-Hellman standalone, or in the context of SSL/TLS?  If using DH in SSL/TLS, the TLS protocol takes care of transporting the DH parameters and public keys.

If using DH in a standalone use case, your application will need a way to transfer the DH parameters and public keys to the other party.  Using the dh_test() function in test.c as an example, both the client and server will load the DH parameters into a DhKey structure using one of the two functions:

wc_DhSetKey() - used with individual "p" and "g" parameters
wc_DhKeyDecode() - used with a DH "key" that contains the "p" and "g" parameters

Each side (client and server) will generate their own private and public keys using:

wc_DhGenerateKeyPair()

The public keys from the wc_DhGenerateKeyPair() operations will need to be transferred to the other peer.  The final shared secret will then be derived by each side using:

wc_DhAgree()

Best Regards,
Chris

Go to forum: wolfCrypt

114 Reply by chrisc

(9 replies, posted in wolfSSL)

Hi,

By default wolfSSL does all certificate verification internally.  The user can inspect and do custom verification using the wolfSSL verify callback.  The callback can be registered by passing it as the third argument to the wolfSSL_CTX_set_verify() function.  Ex:

void wolfSSL_CTX_set_verify(WOLFSSL_CTX* ctx, int mode, VerifyCallback vc);
typedef int (*VerifyCallback)(int preverify, WOLFSSL_X509_STORE_CTX* store);

Normally, the verify callback is only called upon verification failure.  If you define WOLFSSL_ALWAYS_VERIFY_CB, the callback will always be called.  In this case, if "preverify" is equal to "1", wolfSSL has already successfully verified the peer certificate.  We provide this option for those users who wish to do custom inspection of certificate elements past normal certificate verification measures.

We have an example verify callback that overrides date errors.  It is called "myDateCb()", located in <wolfssl/test.h>.

Best Regards,
Chris

Go to forum: wolfSSL

115 Reply by chrisc

(14 replies, posted in wolfSSL)

Hi,

The OCSP callback (registered with wolfSSL_CTX_SetOCSP_Cb()) is meant to allow your application to have control over connecting to the OCSP Responder and parsing/verifying the response.  wolfSSL uses an internal OCSP callback (EmbedOcspLookup() in ./src/io.c) to do this by default, but when you override our internal callback with wolSSL_CTX_SetOCSP_Cb(), your application needs to handle this yourself within your callback.  Your callback should return 0 on success or -1 on error.

One option that would allow you to inspect the OCSP response would be to:

1.  Write and register your own OCSP callback with wolSSL_CTX_SetOCSP_Cb()
2.  Have your callback just call our default callback (EmbedOcspLookup()).  This is a public API function exposed through <wolfssl/ssl.h>
3.  After our internal callback returns, you should be able to look at the response data inside the "unsigned char** resp" output variable.

Best Regards,
Chris

Go to forum: wolfSSL

116 Reply by chrisc

(1 replies, posted in wolfSSL)

Hi,

Our understanding is that the memory exhausted error is a bug in some versions of binutils. The forum post you found[1] is the most current research we have done on this issue.

From user reports, adding "-g1" to C_EXTRA_FLAGS fixes the issue on Ubuntu, ie:

./configure <options> C_EXTRA_FLAGS="-g1"

What version of binutils are you using?  You can view this by executing "ld -v" from your terminal.  Are you able to update to a newer version of binutils?  This will also solve the issue.

Thanks,
Chris

[1] https://www.wolfssl.com/forums/topic493 … -flag.html

Go to forum: wolfSSL

117 Reply by chrisc

(1 replies, posted in wolfSSL)

Hi Henry,

The examples under the ./mqx directory of wolfSSL were written for CodeWarrior + wolfSSL + MQX.  Although this doesn't include an HTTPS example, it does include a library project, wolfCrypt test and benchmark projects, and wolfSSL client example.  Can you elaborate on how they were failing?

We don't currently have an HTTPS example for MQX/K64.  The closest one I can think of is the httpsrv_wolfssl_frdmk64f example project that ships with the Kinetis SDK (KSDK) 1.3.0.  This is available direct from the NXP website.

Best Regards,
Chris

Go to forum: wolfSSL

118 Reply by chrisc

(14 replies, posted in wolfSSL)

Hi,

Thanks for the additional details.  It looks like my attachment didn't work correctly last time.  Trying again here.

Thanks,
Chris

Go to forum: wolfSSL

119 Reply by chrisc

(3 replies, posted in wolfSSL)

Hi hstr,

If you are using the wolfSSL example client and server, you can use the "-a" option to use the anonymous cipher.  This option will cause both client and server to call the above two functions.  It sounds like your server didn't have the anonymous cipher enabled and thus couldn't find a common cipher suite.

$ cd wolfssl-3.9.6
$ ./configure --enable-anon
$ make
$ ./examples/server/server -a

$ ./examples/client/client -a

Best Regards,
Chris

Go to forum: wolfSSL

120 Reply by chrisc

(5 replies, posted in wolfSSL)

Hi,

--------- Server Random ----------

The server random value is sent during the ServerHello message of the SSL/TLS handshake.  This is later used to calculate the master secret.

wolfSSL exposes the following two functions when compiled with OPENSSL_EXTRA defined:

<wolfssl/ssl.h>

void wolfSSL_KeepArrays(WOLFSSL* ssl);
void wolfSSL_FreeArrays(WOLFSSL* ssl);
int wolfSSL_get_keys(WOLFSSL*,unsigned char** ms, unsigned int* msLen,
          unsigned char** sr, unsigned int* srLen,
          unsigned char** cr, unsigned int* crLen);

wolfSSL_get_keys() will give your application access to the master secret (ms), server random (sr), and client random (cr).  The pointers you pass in will point to those values held by wolfSSL internally.  The sizes of each are returned through msLen, srLen, and crLen.  This function must be called after the handshake completes.

Before the handshake starts, you need to call wolfSSL_KeepArrays() so these arrays remain available after the handshake finishes.  Your application can free the arrays by calling wolfSSL_FreeArrays(), or wait for the WOLFSSL object to be freed.

---------- umich.edu ----------

For connecting to "umich.edu", this server only supports static RSA cipher suites.  By default, wolfSSL has static RSA cipher suites disabled by default.  You can enable them at compile time by defining WOLFSSL_STATIC_RSA.  Adding that to your ./configure would be:

./configure --enable-tlsx --enable-supportedcurves --disable-fastmath C_EXTRA_FLAGS="-DWOLFSSL_STATIC_RSA"

After this, the example client will connect successfully to "umich.edu" using the attached root CA certificate:

./examples/client/client -h umich.edu -p 443 -v 1 -A addtrustexternalcaroot.crt

To determine the cipher suites and protocol version supported by "umich.edu", I used the "ssl-enum-ciphers" script provided by the nmap tool:

nmap --script ssl-enum-ciphers -p 443 umich.edu

Best Regards,
Chris

Go to forum: wolfSSL

121 Reply by chrisc

(14 replies, posted in wolfSSL)

Hi,

I have attached a PDF which should help explain wolfSSL's OCSP Stapling functionality.  Are you able to share any details of the project you are working on?

Thanks,
Chris

Go to forum: wolfSSL

122 Reply by chrisc

(5 replies, posted in wolfSSL)

Hi,

As of the wolfSSL 3.9.6 release, we now have a GetTime() API in <wolfssl/wolfcrypt/asn_public.h> that returns the seconds since the Unix epoch:

/* Time */
/* Returns seconds (Epoch/UTC)
 * timePtr: is "time_t", which is typically "long"
 * Example:
    long lTime;
    rc = wc_GetTime(&lTime, (word32)sizeof(lTime));
 */
WOLFSSL_API int wc_GetTime(void* timePtr, word32 timeSize);

./examples/client/client -h gmail.google.com -p 443 -d -g
But I get this error:
err = -313, revcd alert fatal error
wolfSSL error: SSL_connect failed

With recent changes to the google.com servers, wolfSSL now needs the TLS Supported Curves Extension enabled to successfully connect to gmail/google.com.  Can you try re-compiling wolfSSL using the "--enable-tlsx" (to enable all TLS Extensions) or "--enable-supportedcurves" option?

Thanks,
Chris

Go to forum: wolfSSL

123 Reply by chrisc

(3 replies, posted in wolfSSL)

Hi,

RsaSSL_Sign() does not do a hash operation on the input data before signing.  Your application will need to hash the input data before passing it in for signing.

wolfCrypt's hash functions are prototyped by the respective header file, ie:

<wolfssl/wolfcrypt/sha.h>
<wolfssl/wolfcrypt/sha256.h>
<wolfssl/wolfcrypt/sha512.h>

The heap usage doesn't look out of the expected range.  By default, wolfSSL and wolfCrypt use the normal big integer library for public key calculations and operations.  Alternatively, you can use the "fastmath" library instead.  The fastmath library puts more on the stack and less on the heap, whereas the big integer library uses more heap and less stack.  If you wanted to use less heap, you could enable the fastmath library by defining:

USE_FAST_MATH
TFM_TIMING_RESISTANT

Best Regards,
Chris

Go to forum: wolfSSL

124 Reply by chrisc

(3 replies, posted in wolfSSL)

Hi,

Can you double check to make sure your application is getting compiled with the same preprocessor defines that wolfSSL was compiled with?  Sometimes a mismatch in settings can cause seg fault issues with the math libraries.

Also, for reference, we have a sign/verify example available in the following location.  This includes an example of doing a sign/verify with both ECC and RSA:

https://github.com/wolfSSL/wolfssl-exam … /signature

Thanks,
Chris

Go to forum: wolfSSL

125 Reply by chrisc

(2 replies, posted in wolfSSL)

Hi hstr,

Typically when we do benchmarking, we benchmark the cryptography algorithms versus benchmarking a send or recv that would include I/O operations.  The underlying cryptography is going to be the most performance intensive operations of the SSL/TLS connection, where sending or receiving data over a network or transport medium is going to have many more factors in play than the SSL/TLS library.

We ship a crypto benchmark application with wolfSSL, located in the <wolfssl_root>/wolfcrypt/benchmark/benchmark.c file.  If you are compiling this on an embedded platform, you can define NO_MAIN_DRIVER to compile out the main() from benchmark.c if you have your own driver/main().  You can also define BENCH_EMBEDDED when compiling the library/benchmark.c to use less memory.  benchmark.c contains individual crypto benchmark functions (ex: bench_aes(), bench_rsa(), etc.) which can be called individually, or you can call benchmark_test() which will call all of the enabled crypto benchmarks.

Going back to your mentioned benchmark, do you know if both connections were using the same cipher suite, key length, and application code?

Thanks,
Chris

Go to forum: wolfSSL