You are not logged in. Please login or register.
Please post questions or comments you have about wolfSSL products here. It is helpful to be as descriptive as possible when asking your questions.
ReferenceswolfSSL - Embedded SSL Library → Posts by burakkirazli
Pages 1
Hello,
I wonder how many bytes of stack is needed to enable fast math?
Thanks.
Hi Dgarske,
I found the actual reason of why my setup failed.
One of my configuration uses realloc. I did not implemented realloc and existing setup was using standart realloc. I implemented it and it works.
Thanks.
I changed my configuration to these:
#define SINGLE_THREADED
#define FREERTOS
#define NO_FILESYSTEM
#define WOLFSSL_NO_SOCK
#define WOLFSSL_USER_IO
#define NO_DEV_RANDOM
#define NO_WRITEV
#define WC_NO_HARDEN
#define HAVE_HASHDRBG
#define HAVE_HKDF
#define HAVE_AESCCM
#define HAVE_AESGCM
#define HAVE_CHACHA
#define HAVE_POLY1305
#define HAVE_ONE_TIME_AUTH
#define HAVE_CAMELLIA
#define HAVE_SRP
#define HAVE_ECC
#define HAVE_CURVE25519
#define HAVE_ED25519
#define WOLFSSL_TLS12
#define HAVE_TLS_EXTENSIONS
#define HAVE_SUPPORTED_CURVES
#define HAVE_HKDF
#define WC_RSA_PSS
#define NO_OLD_TLS
#define HAVE_SHA512
#define WOLFSSL_SHA512
#define WOLFSSL_STM32F4
#define NO_STM32_CRYPTO
#define NO_STM32_HASH
#define NO_INLINE
#define WOLFSSL_IGNORE_FILE_WARN
#define NO_ASN_TIME
#define DEBUG_WOLFSSL
wolfSSL Entering wolfSSL_Init
wolfSSL Entering wolfCrypt_Init
wolfSSL Entering TLSv1_2_client_method_ex
wolfSSL Entering wolfSSL_CTX_new_ex
wolfSSL Entering wolfSSL_CertManagerNew
wolfSSL Leaving WOLFSSL_CTX_new, return 0
wolfSSL Entering wolfSSL_CTX_load_verify_buffer_ex
Processing CA PEM file
wolfSSL Entering PemToDer
Adding a CA
wolfSSL Entering GetExplicitVersion
wolfSSL Entering GetSerialNumber
Got Cert Header
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Algo ID
Getting Cert Name
Getting Cert Name
Got Subject Name
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Key
Parsed Past Key
wolfSSL Entering DecodeCertExtensions
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeSubjKeyId
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeAuthKeyId
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeBasicCaConstraint
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Parsed new CA
Freeing Parsed CA
Freeing der CA
OK Freeing der CA
wolfSSL Leaving AddCA, return 0
Processed a CA
Processed at least one valid CA. Other stuff OK
wolfSSL Entering wolfSSL_CTX_load_verify_buffer_ex
Processing CA PEM file
wolfSSL Entering PemToDer
Adding a CA
wolfSSL Entering GetExplicitVersion
wolfSSL Entering GetSerialNumber
Got Cert Header
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Algo ID
Getting Cert Name
Getting Cert Name
Got Subject Name
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Key
Parsed Past Key
wolfSSL Entering DecodeCertExtensions
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeSubjKeyId
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeAuthKeyId
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeBasicCaConstraint
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Parsed new CA
Already have this CA, not adding again
Freeing Parsed CA
Freeing der CA
OK Freeing der CA
wolfSSL Leaving AddCA, return 0
Processed a CA
Processed at least one valid CA. Other stuff OK
wolfSSL Entering SSL_new
wolfSSL Leaving SSL_new, return 0
wolfSSL Entering SSL_connect()
wolfSSL Entering SendClientHello
Adding signature algorithms extension
growing output buffer
Signature Algorithms extension to write
Point Formats extension to write
Supported Groups extension to write
TASK.cpp: TLS Send Callback
DEBUG-asyncio 134 bytes transmit
Shrinking output buffer
wolfSSL Leaving SendClientHello, return 0
connect state: CLIENT_HELLO_SENT
wolfSSL error occurred, error = -323
DEBUG-asyncio 2337 bytes received
wolfSSL Entering SSL_connect()
wolfSSL error occurred, error = -323
wolfSSL Entering SSL_connect()
TASK.cpp: TLS data read 5 bytes.
growing input buffer
TASK.cpp: TLS data read 84 bytes.
received record layer msg
wolfSSL Entering DoHandShakeMsg()
wolfSSL Entering DoHandShakeMsgType
processing server hello
wolfSSL Entering DoServerHello
Point Formats extension received
wolfSSL Entering VerifyClientSuite
wolfSSL Leaving DoServerHello, return 0
Shrinking input buffer
wolfSSL Leaving DoHandShakeMsgType(), return 0
wolfSSL Leaving DoHandShakeMsg(), return 0
TASK.cpp: TLS data read 5 bytes.
growing input buffer
TASK.cpp: TLS data read 1929 bytes.
received record layer msg
wolfSSL Entering DoHandShakeMsg()
wolfSSL Entering DoHandShakeMsgType
processing certificate
wolfSSL Entering DoCertificate
wolfSSL Entering ProcessPeerCerts
Loading peer's cert chain
Put another cert into chain
Put another cert into chain
wolfSSL Entering GetExplicitVersion
wolfSSL Entering GetSerialNumber
Got Cert Header
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Algo ID
Getting Cert Name
Getting Cert Name
Got Subject Name
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Key
Parsed Past Key
wolfSSL Entering DecodeCertExtensions
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeSubjKeyId
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeAuthKeyId
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeBasicCaConstraint
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
About to verify certificate signature
wolfSSL Entering ConfirmSignature
ASN Key decode error RSA
wolfSSL Leaving ConfirmSignature, return -142
Confirm signature failed
Failed to verify CA from chain
growing output buffer
TASK.cpp: TLS Send Callback
DEBUG-asyncio 7 bytes transmit
Shrinking output buffer
Verifying Peer's cert
wolfSSL Entering GetExplicitVersion
wolfSSL Entering GetSerialNumber
Got Cert Header
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Algo ID
Getting Cert Name
Getting Cert Name
Got Subject Name
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Key
Parsed Past Key
wolfSSL Entering DecodeCertExtensions
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeBasicCaConstraint
wolfSSL Entering GetObjectId()
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeKeyUsage
wolfSSL Entering GetObjectId()
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeSubjKeyId
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeAuthKeyId
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeAltNames
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
About to verify certificate signature
wolfSSL Entering ConfirmSignature
ASN Key decode error RSA
wolfSSL Leaving ConfirmSignature, return -142
Confirm signature failed
Failed to verify Peer's cert
No callback override available, fatal
wolfSSL Leaving ProcessPeerCerts, return -142
wolfSSL Leaving DoCertificate, return -142
wolfSSL Leaving DoHandShakeMsgType(), return -142
wolfSSL Leaving DoHandShakeMsg(), return -142
wolfSSL error occurred, error = -142
wolfSSL error occurred, error = -142
wolfSSL Entering SSL_connect()
ProcessReply retry in error state, not allowed
wolfSSL error occurred, error = -142
Hi David,
Chipher suite:
DHE-RSA-AES128-SHA:
DHE-RSA-AES256-SHA:
DHE-PSK-AES128-CBC-SHA256:
DHE-RSA-AES128-SHA256:
DHE-RSA-AES256-SHA256:
EDH-RSA-DES-CBC3-SHA
My configuration:
#define SINGLE_THREADED
#define FREERTOS
#define NO_FILESYSTEM
#define WOLFSSL_NO_SOCK
#define WOLFSSL_USER_IO
#define NO_DEV_RANDOM
#define NO_WRITEV
#define WC_NO_HARDEN
//#define HAVE_ECC
#define HAVE_DH
#define HAVE_ED25519
#define HAVE_SHA512
#define WOLFSSL_SHA512
#define WOLFSSL_STM32F4
#define NO_STM32_CRYPTO
#define NO_STM32_HASH
#define NO_INLINE
#define WOLFSSL_IGNORE_FILE_WARN
#define NO_ASN_TIME
I attached what is transmitted to the server as binary output. Unfortunately, i can not use wireshark at this platform.
I am trying to connect to a remote server. My trying is successful with bsd sockets on my linux machines, but not in my cortex-M.
The init code is like:
wolfSSL_Debugging_ON();
/*Init library.*/
wolfSSL_Init();
/*Init context.*/
auto& tls = m_ctx.client.tls;
tls.ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method());
/*Init verification buffer.*/
auto success = wolfSSL_CTX_load_verify_buffer(tls.ctx, (unsigned char*)cert_get(), cert_get_len(), SSL_FILETYPE_PEM);
ASSERT(success == WOLFSSL_SUCCESS);
/* Setup the async IO callbacks */
wolfSSL_CTX_SetIORecv(tls.ctx, tls_receive);
wolfSSL_CTX_SetIOSend(tls.ctx, tls_send);
/*Create TLS handle.*/
tls.ssl = wolfSSL_new(tls.ctx);
ASSERT(tls.ssl != nullptr);The loop code like:
auto rc = wolfSSL_connect(me->_ctx.client.tls.ssl);Debug output:
Getting Cert Name
Getting Cert Name
Got Subject Name
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Key
Parsed Past Key
wolfSSL Entering DecodeCertExtensions
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeSubjKeyId
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeAuthKeyId
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeBasicCaConstraint
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Parsed new CA
Freeing Parsed CA
Freeing der CA
OK Freeing der CA
wolfSSL Leaving AddCA, return 0
Processed a CA
Processed at least one valid CA. Other stuff OK
DEBUG: asyncio 72 bytes transmit
Shrinking output buffer
wolfSSL Leaving SendClientHello, return 0
connect state: CLIENT_HELLO_SENT
wolfSSL error occurred, error = -323
wolfSSL Entering SSL_connect()
DEBUG: asyncio 7 bytes received
wolfSSL Entering SSL_connect()
wolfSSL error occurred, error = -323
wolfSSL Entering SSL_connect()
mqtt_manager.cpp: TLS data read 5 bytes.
mqtt_manager.cpp: TLS data read 2 bytes.
received record layer msg
got ALERT!
Got alert
wolfSSL error occurred, error = 40
wolfSSL error occurred, error = -313
wolfSSL Entering SSL_connect()
ProcessReply retry in error state, not allowed
wolfSSL error occurred, error = -313
IO under wolfssl is running in an async manner.
All solutions work for me.
Thanks.
I am trying to validate a cert file from a buffer. I validated that cert file is true in my Linux machine. But when i try to validate it Cortex-M MCU, it stucks.
Configuration:
#define SINGLE_THREADED
#define FREERTOS
#define NO_FILESYSTEM
#define WOLFSSL_NO_SOCK
#define WOLFSSL_USER_IO
#define NO_DEV_RANDOM
#define WC_NO_HARDEN
#define NO_WRITEV
#define HAVE_DH
#define HAVE_ED25519
#define HAVE_SHA512
#define NO_SHA
#define NO_OLD_TLS
#define WOLFSSL_SHA512
#define WOLFSSL_STM32F4
#define NO_STM32_CRYPTO
#define NO_STM32_HASH
#define NO_INLINE
#define WOLFSSL_IGNORE_FILE_WARN
#define WOLFSSL_GMTIME
wolfSSL Entering TLSv1_2_client_method_ex
wolfSSL Entering wolfSSL_CTX_new_ex
wolfSSL Entering wolfSSL_Init
wolfSSL Entering wolfCrypt_Init
wolfSSL Entering wolfSSL_CertManagerNew
wolfSSL Leaving WOLFSSL_CTX_new, return 0
wolfSSL Entering wolfSSL_CTX_load_verify_buffer_ex
Processing CA PEM file
wolfSSL Entering PemToDer
Adding a CA
wolfSSL Entering GetExplicitVersion
wolfSSL Entering GetSerialNumber
Got Cert Header
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Algo ID
Getting Cert Name
Date BEFORE check failed
Getting Cert Name
Got Subject Name
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Key
Parsed Past Key
wolfSSL Entering DecodeCertExtensions
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeSubjKeyId
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeAuthKeyId
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeBasicCaConstraint
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Parsed new CA
Freeing Parsed CA
Freeing der CA
OK Freeing der CA
wolfSSL Leaving AddCA, return -150
wolfSSL error occurred, error = -150
CA Parse failed, with progress in file.
Search for other certs in file
Dear David,
Thanks for your quick response. There are no definitions for EWOULDBLOCK and EAGAIN in the errno.h file for the armclang 6.2 compiler.
Personally, I strongly recommend to change the EWOULDBLOCK and EAGAIN usages in the mqtt_socket file. Most of the time this definitions do not make any problem as long as the person does not use the armclang compiler.
Thanks.
Hi,
I am trying to understand design of the wolfmqtt library.
When i define WOLFMQTT_NONBLOCK, the library includes the <sys/errno.h>.
#ifdef WOLFMQTT_NONBLOCK
#include <sys/errno.h>
#endif
I am running on an arm clang compiler + KEIL environment. This compiler has the errno.h definition in the cpplibx/errno.h, not in the sys directory as gcc does.
Thanks.
Hi dgarkse,
As i understand, the tutorial i was trying to run is out of date. I could not make it run.
But, I am working with the examples you adviced to me, thanks. It does same thing.
Best Regards.
Hello everyone.
This is my second post, I removed the previous one.
What i am trying to do is to run minimal example. I want to understand basic API structure and library design of wolfssl, so i tried to run this minimal example:
https://www.wolfssl.com/docs/wolfssl-manual/ch11/
I attached the error with an SS.
Pages 1
wolfSSL - Embedded SSL Library → Posts by burakkirazli
Powered by PunBB, supported by Informer Technologies, Inc.
Generated in 0.015 seconds (95% PHP - 5% DB) with 4 queries