Welcome to the wolfSSL Forums!

2022-09-12 09:27:13

Thanks.

Replied

2022-09-11 08:08:22

Hello,

I compiled wolfssl with openssl extra and custom curves all but when i run this

#define ECQV_EC_CURVE NID_secp256k1
const EC_GROUP *group = EC_GROUP_new_by_curve_name(ECQV_EC_CURVE);
i get:
wolfSSL Entering NIDToEccEnum()
NID not found

I will include complete debug log from wolfssl. I am trying to load pem key from file, get public key, transform it to hex and print.

wolfSSL Entering wolfSSL_EC_GROUP_new_by_curve_name
wolfSSL Entering NIDToEccEnum()
wolfSSL Entering wolfSSL_EC_POINT_new
wolfSSL Entering wolfSSL_PEM_read_PrivateKey
wolfSSL Entering wolfSSL_BIO_s_file
wolfSSL Entering wolfSSL_BIO_new
wolfSSL Entering wolfSSL_BIO_set_fp
wolfSSL Entering wolfSSL_PEM_read_bio_PrivateKey
wolfSSL Entering wolfSSL_BIO_read
wolfSSL Entering wolfSSL_BIO_read
wolfSSL Entering wolfSSL_BIO_read
wolfSSL Entering wolfSSL_BIO_read
wolfSSL Entering PemToDer
wolfSSL Entering GetAlgoId
wolfSSL Entering wolfSSL_d2i_PrivateKey
wolfSSL Entering GetAlgoId
wolfSSL Entering wolfSSL_EVP_PKEY_new_ex
wolfSSL Entering wolfSSL_EC_KEY_new
wolfSSL Entering wolfSSL_EC_GROUP_new_by_curve_name
wolfSSL Entering NIDToEccEnum()
NID not found
wolfSSL Entering wolfSSL_EC_POINT_new
wolfSSL Entering wolfSSL_EC_KEY_LoadDer
wolfSSL Entering GetAlgoId
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
wolfSSL Entering SetECKeyExternal
wolfSSL Entering EccEnumToNID()
wolfSSL Entering SetECPointExternal
wolfSSL Leaving wolfSSL_PEM_read_bio_PrivateKey, return 0
wolfSSL Entering wolfSSL_BIO_free
wolfSSL Entering wolfSSL_EVP_PKEY_get1_EC_KEY
wolfSSL Entering wolfSSL_EVP_PKEY_free
wolfSSL Entering wolfSSL_EC_KEY_free
wolfSSL Entering wolfSSL_EC_KEY_get0_public_key
wolfSSL Entering wolfSSL_EC_POINT_copy
No ECPoint internal set, do it
wolfSSL Entering SetECPointInternal
Entering SetIndividualInternal
Entering SetIndividualInternal
Entering SetIndividualInternal
wolfSSL Entering SetECPointExternal
wolfSSL Entering wolfSSL_EC_KEY_free
wolfSSL Entering wolfSSL_EC_POINT_free
wolfSSL Entering wolfSSL_EC_GROUP_free
pk : 0400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
wolfSSL_OPENSSL_free

the public key printed here is completely wrong. The code in openssl returns correct.

What can be the issue here?

Thanks

2022-09-05 15:16:44

Hello kareem,

Thanks for all the help.

Since I don't have the access to the EC_GROUP_get0_generator function I wanted to load the generator point from a fixed structure. I saw that wolfssl has the support for only wolfSSL_EC_POINT_oct2point so I used Openssl and saved the generator point as an octet and tried to use the following code to load it into EC_POINT and print coordinates

        EC_POINT *G;
    unsigned char buf[] = {0x02, 0x79, 0xbe, 0x66, 0x7e, 0xf9, 0xdc, 0xbb, 0xac, 0x55, 0xa0, 0x62, 0x95, 0xce, 0x87, 0x0b, 0x07, 0x02, 0x9b, 0xfc, 0xdb, 0x2d, 0xce, 0x28, 0xd9, 0x59, 0xf2, 0x81, 0x5b, 0x16, 0xf8, 0x17, 0x98};
    size_t octets_len = 33;
    G = EC_POINT_new(group);
    EC_POINT_oct2point(group, G, buf, octets_len, ctx);
    if (!G) {
        fprintf(stderr, "Failed to get the generator from octet.\n");
    }      
    BIGNUM *x = BN_new();
    BIGNUM *y = BN_new();
    EC_POINT_get_affine_coordinates_GFp(group, G, x, y, NULL);
    BN_print_fp(stdout, x);
    putc('\n', stdout);
    BN_print_fp(stdout, y);
    putc('\n', stdout);

this particular piece of code works with openssl but here it just prints
00
00
for x and y.
the debug log shows the following:

wolfSSL Entering wolfSSL_EC_POINT_oct2point
wolfSSL Entering wolfSSL_ECPoint_d2i
wc_ecc_import_point_der_ex failed

Does this needs some additional enabling of options?

2022-09-04 13:11:20

kareem_wolfssl wrote:

Hello,
Your ECC key is using a Koblitz curve which we do not enable support for by default.
Please add --enable-ecccustcurves=all to your configure line, rebuild wolfSSL and let me know if you still see any issues.
Thanks,
Kareem

It works now. Thank you very much.

2022-08-29 13:36:03

kareem_wolfssl wrote:

Happy to help.
What error code is wolfSSL_PEM_read_PrivateKey returning? Can you provide the private key you are trying to load, and the code you are using? Feel free to email us at support [AT] wolfssl [DOT] com if this is sensitive info.
Thanks,
Kareem

Hi Kareem. I am still having an issue with reading PEM file using function PEM_read_PrivateKey. I went through the source code and used that like this:

    int err = 0;
    WOLFSSL_EVP_PKEY* ret = NULL;
    WOLFSSL_BIO* bio = NULL;
    bio = wolfSSL_BIO_new(wolfSSL_BIO_s_file());
    err = bio == NULL;
    if(err == 0) {
        printf("step 1 \n");
    }
    if (err == 0) {
        err = wolfSSL_BIO_set_fp(bio, file, BIO_NOCLOSE) != WOLFSSL_SUCCESS;
        printf("step 2 \n");
    }
    if (err == 0) {
        ret = wolfSSL_PEM_read_bio_PrivateKey(bio, NULL, NULL, NULL);
        printf("step 3 \n");
    }

    if (bio != NULL) {
        wolfSSL_BIO_free(bio);
    }
    printf("final step");

    if (!ret) {
        //ERR_dump_errors_fp(stdout);
        fprintf(stderr, "Error reading private key file.\n");
        return NULL;
    }

So this is the source code of wolfSSL_PEM_read_PrivateKey and i get to final step print but I still have nothing in ret variable.
Is there something I am doing wrong here? This code works fine with openssl. the pem file is provided in above message. Can you help with this?
Thank you

2022-07-25 12:43:51

Hello,

I am not able to see any errors. What i am doing is the following:

    EVP_PKEY *pk = wolfSSL_PEM_read_PrivateKey(file, NULL, NULL, NULL);

    if (!pk) {
        fprintf(stderr, "Error reading private key file.\n");
        return NULL;
    }

I uploaded the file i am using. I generated the file using this CLI command:
openssl ecparam -name secp256k1 -genkey -noout -out ca_key.pem

As i said when i use the file server-key.pem that i found in /certs directory of wolfssl github it works fine. I can upload that one as well if needed.

Thanks

2022-07-24 05:33:26

Thanks for the help.

I am having issues with the wolfSSL_PEM_read_PrivateKey function. I am unable to load EC Private key. I see that tests in source code load "./certs/server-key.pem" which is RSA private key in Pem format. And this works but EC private key doesnt. Is it possible to load EC Private key?

I would also add that these two lines of code do not work for me. There has to be something i am doing wrong

if(NULL == (ca_key = EC_KEY_new_by_curve_name(NID_secp256k1)))
        goto ERROR;

    if(1 != EC_KEY_generate_key(ca_key)) goto ERROR;

EC_KEY_generate_key returns 0. I have no errors printed to console.

thanks

2022-07-20 15:30:21

Thanks for your help.

I installed and compiled this one wolfssl-5.4.0.zip .

I used the following command ./configure --enable-opensslextra

and this is my Makefile:

CFLAGS=-c -g -O0 -Wextra -Wall -pedantic -std=gnu99 -lwolfssl
LDFLAGS=-lwolfssl
SOURCES=$(wildcard *.c)
OBJECTS=$(SOURCES:.c=.o)
EXEC=ecqv
CC=gcc

all: $(SOURCES) $(EXEC)

$(EXEC): $(OBJECTS)
    $(CC) -o $@ $(OBJECTS) $(LDFLAGS)

.c.o:
    $(CC) $(CFLAGS) $< -o $@

clean:
    rm -f *.o $(EXEC)

And this was my openssl one:

CFLAGS=-c -g -O0 -Wextra -Wall -pedantic -std=gnu99 `pkg-config --cflags openssl`
LDFLAGS=`pkg-config --libs openssl`
SOURCES=$(wildcard *.c)
OBJECTS=$(SOURCES:.c=.o)
EXEC=ecqv
CC=gcc

all: $(SOURCES) $(EXEC)

$(EXEC): $(OBJECTS)
    $(CC) -o $@ $(OBJECTS) $(LDFLAGS)

.c.o:
    $(CC) $(CFLAGS) $< -o $@

clean:
    rm -f *.o $(EXEC)

I am using Ubuntu 20.04.4 LTS but as a subsytem on Windows.

Thanks

2022-07-20 10:41:53

Hello all,

I am begginer user with wolfssl. I already have my openssl app that works and i wanted to port it to wolfssl. I am having issues with a couple of things that i am having troubles with. Building my code gives me the following errors:

undefined reference to `wolfSSL_EC_KEY_dup'
undefined reference to `EC_GROUP_get0_generator'
undefined reference to `wolfSSL_EC_POINT_is_on_curve'
undefined reference to `PEM_write_PrivateKey'

I assume these without wolfSSL prefix do not exist?
Also some of these warning seem strange to me. Like this:

note: expected ‘WOLFSSL_EC_GROUP *’ {aka ‘struct WOLFSSL_EC_GROUP *’} but argument is of type ‘const EC_GROUP *’ {aka ‘const struct WOLFSSL_EC_GROUP *’}
  217 | int wolfSSL_EC_KEY_set_group(WOLFSSL_EC_KEY *key, WOLFSSL_EC_GROUP *group);

My includes are setup like this:
#include <stdio.h>
#include <string.h>
#include <unistd.h>
#include <errno.h>
#include <wolfssl/options.h>
#include <wolfssl/openssl/ssl.h>
#include <wolfssl/openssl/ec.h>
#include <wolfssl/openssl/bn.h>
#include <wolfssl/openssl/bio.h>
#include <wolfssl/openssl/ecdh.h>
#include <wolfssl/openssl/objects.h>
#include <wolfssl/openssl/rand.h>
#include <wolfssl/openssl/pem.h>
#include <wolfssl/openssl/evp.h>

Do you have any advice on how to proceed?
Thank you

Welcome to the wolfSSL Forums!

Search options

Posts found: 9

1 Reply by juvebogdan 2022-09-12 09:27:13

Re: EC_GROUP_new_by_curve_name (2 replies, posted in wolfSSL)

2 Topic by juvebogdan 2022-09-11 08:08:22

Topic: EC_GROUP_new_by_curve_name (2 replies, posted in wolfSSL)

3 Reply by juvebogdan 2022-09-05 15:16:44

Re: OpenSSL compatibility (10 replies, posted in wolfSSL)

4 Reply by juvebogdan 2022-09-04 13:11:20

Re: OpenSSL compatibility (10 replies, posted in wolfSSL)

5 Reply by juvebogdan 2022-08-29 13:36:03

Re: OpenSSL compatibility (10 replies, posted in wolfSSL)

6 Reply by juvebogdan 2022-07-25 12:43:51

Re: OpenSSL compatibility (10 replies, posted in wolfSSL)

7 Reply by juvebogdan 2022-07-24 05:33:26

Re: OpenSSL compatibility (10 replies, posted in wolfSSL)

8 Reply by juvebogdan 2022-07-20 15:30:21

Re: OpenSSL compatibility (10 replies, posted in wolfSSL)

9 Topic by juvebogdan 2022-07-20 10:41:53

Topic: OpenSSL compatibility (10 replies, posted in wolfSSL)

Posts found: 9