1 Reply by subale255

(3 replies, posted in wolfSSL)

hello kaleb,

Thanks for your reply.I came to know that my organization has recently purchased commercial wolfssl 4.0.0 license and they already requested to include this API.

Thanks,
Surekha

Go to forum: wolfSSL

2 Topic by subale255

(3 replies, posted in wolfSSL)

hello all,

  I am porting openssl API's to wolfssl in my application.My existing openssl application has PEM_read_bio_DHparams() to read DHparams and I found its replacement in wolfssl.But, I didn't find any replacement for PEM_write_DHparams().Is there any API in wolfssl for this and if no,is there any plan to implement it in near future?

Thanks & Regards,
Surekha

Go to forum: wolfSSL

3 Reply by subale255

(3 replies, posted in wolfSSL)

hello Kaleb,
   
       Thanks for help.I am able to solve this issue.

Thanks & Regards,
Surekha

Go to forum: wolfSSL

4 Topic by subale255

(3 replies, posted in wolfSSL)

hello all,

I am using following code for generating selfsigned certificate.
but i am getting following error:
PEM_read_bio_X509_AUX("/cert/server.pem") failed (SSL: error:0906D06C:PEM routines:PEM_read_bio:no start line:Expecting: TRUSTED CERTIFICATE)
I checked certificate type, permission and header


EVP_PKEY *pk = NULL;
  Cert newCert = { 0 };
  WC_RNG rng = { 0 };
  ecc_key newKey = { 0 };
  byte* derBuf   = NULL;
  byte* derKeyBuf   = NULL;
  int derBufSz = 0;
  int derKeyBufSz = 0;

  derBuf = (byte*) XMALLOC(FOURK_SZ, NULL, DYNAMIC_TYPE_TMP_BUFFER);
  derKeyBuf = (byte*) XMALLOC(FOURK_SZ, NULL, DYNAMIC_TYPE_TMP_BUFFER);

/* Generate new ecc key */
  int ret = wc_InitRng(&rng);
  if (ret != 0)
  {
      //("wc_InitRng() failed");
    }
 

  ret = wc_ecc_init(&newKey);
  if (ret != 0)
  {
      //("wc_ecc_init() failed");
}


  ret = wc_ecc_make_key(&rng, 32, &newKey);
  if (ret != 0)
  {
     //("wc_ecc_make_key() failed()"));
}
 
  /* Setup Certificate */
  wc_InitCert(&newCert);
  newCert.daysValid = days;
  newCert.isCA    = 0;
  newCert.sigType = CTC_SHA256wECDSA;
  strncpy(newCert.subject.commonName, (const char *)commonName, CTC_NAME_SIZE);


  /* Make an New x509 ECC Certificate  */
  ret = wc_MakeCert(&newCert, derBuf, FOURK_SZ, NULL, &newKey, &rng);
  if (ret < 0)
  {
      //(wc_ecc_make_key() failed()");
  }

  //Sign certificate using ecc key
  derBufSz = wc_SignCert(newCert.bodySz, newCert.sigType, derBuf, FOURK_SZ, NULL, &newKey, &rng);
  if (derBufSz < 0)
  {
      //("SignCert failed derBufSz%d"), derBufSz);
   }


  /* DER formatted certificate into WOLFSSL_X509 structure */
  WOLFSSL_X509* newX509;

  newX509 = wolfSSL_X509_d2i(&newX509 ,derBuf, derBufSz);
  if(newX509 == NULL)
  {
      //("wolfssl_X509_d2i() failed\n");
  }


  /* PEM formatted PrivateKey into DER formatted PrivateKey */
  derKeyBufSz = wc_EccKeyToDer(&newKey, derKeyBuf, FOURK_SZ);
  if(derKeyBufSz < 0)
  {
      //("wc_EccPrivateKeyToDer() failed");
  }


  /* This function converts DER formatted ECC PrivateKey into wolfSSL_EVP_PKEY structure */
  pk = wolfSSL_d2i_PrivateKey_EVP( NULL, &derKeyBuf, derKeyBufSz);
  if(pk == NULL)
  {
      //("wolfSSL_d2i_PrivateKey_EVP() failed");
   
  }



  // Successful exit, return pointers to cert and private key
  *x509p = newX509;
  *pkeyp = pk;

is there anything i am doing wrong in this code which i am not able to understand?

please, can any one help in this issue?

Go to forum: wolfSSL

5 Topic by subale255

(1 replies, posted in wolfSSL)

hello,

  I am using EC_key in my application.
  To sign the certificate with the private key there is function X509_sign() present in openssl but I cant find its equivalent
  replacement in wolfssl.
   Please help me.

Go to forum: wolfSSL