Thanks.
Replied
You are not logged in. Please login or register.
Please post questions or comments you have about wolfSSL products here. It is helpful to be as descriptive as possible when asking your questions.
ReferenceswolfSSL - Embedded SSL Library → Posts by juvebogdan
Pages 1
Hello,
I compiled wolfssl with openssl extra and custom curves all but when i run this
#define ECQV_EC_CURVE NID_secp256k1
const EC_GROUP *group = EC_GROUP_new_by_curve_name(ECQV_EC_CURVE);
i get:
wolfSSL Entering NIDToEccEnum()
NID not found
I will include complete debug log from wolfssl. I am trying to load pem key from file, get public key, transform it to hex and print.
wolfSSL Entering wolfSSL_EC_GROUP_new_by_curve_name
wolfSSL Entering NIDToEccEnum()
wolfSSL Entering wolfSSL_EC_POINT_new
wolfSSL Entering wolfSSL_PEM_read_PrivateKey
wolfSSL Entering wolfSSL_BIO_s_file
wolfSSL Entering wolfSSL_BIO_new
wolfSSL Entering wolfSSL_BIO_set_fp
wolfSSL Entering wolfSSL_PEM_read_bio_PrivateKey
wolfSSL Entering wolfSSL_BIO_read
wolfSSL Entering wolfSSL_BIO_read
wolfSSL Entering wolfSSL_BIO_read
wolfSSL Entering wolfSSL_BIO_read
wolfSSL Entering PemToDer
wolfSSL Entering GetAlgoId
wolfSSL Entering wolfSSL_d2i_PrivateKey
wolfSSL Entering GetAlgoId
wolfSSL Entering wolfSSL_EVP_PKEY_new_ex
wolfSSL Entering wolfSSL_EC_KEY_new
wolfSSL Entering wolfSSL_EC_GROUP_new_by_curve_name
wolfSSL Entering NIDToEccEnum()
NID not found
wolfSSL Entering wolfSSL_EC_POINT_new
wolfSSL Entering wolfSSL_EC_KEY_LoadDer
wolfSSL Entering GetAlgoId
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
wolfSSL Entering SetECKeyExternal
wolfSSL Entering EccEnumToNID()
wolfSSL Entering SetECPointExternal
wolfSSL Leaving wolfSSL_PEM_read_bio_PrivateKey, return 0
wolfSSL Entering wolfSSL_BIO_free
wolfSSL Entering wolfSSL_EVP_PKEY_get1_EC_KEY
wolfSSL Entering wolfSSL_EVP_PKEY_free
wolfSSL Entering wolfSSL_EC_KEY_free
wolfSSL Entering wolfSSL_EC_KEY_get0_public_key
wolfSSL Entering wolfSSL_EC_POINT_copy
No ECPoint internal set, do it
wolfSSL Entering SetECPointInternal
Entering SetIndividualInternal
Entering SetIndividualInternal
Entering SetIndividualInternal
wolfSSL Entering SetECPointExternal
wolfSSL Entering wolfSSL_EC_KEY_free
wolfSSL Entering wolfSSL_EC_POINT_free
wolfSSL Entering wolfSSL_EC_GROUP_free
pk : 0400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
wolfSSL_OPENSSL_free
the public key printed here is completely wrong. The code in openssl returns correct.
What can be the issue here?
Thanks
Hello kareem,
Thanks for all the help.
Since I don't have the access to the EC_GROUP_get0_generator function I wanted to load the generator point from a fixed structure. I saw that wolfssl has the support for only wolfSSL_EC_POINT_oct2point so I used Openssl and saved the generator point as an octet and tried to use the following code to load it into EC_POINT and print coordinates
EC_POINT *G;
unsigned char buf[] = {0x02, 0x79, 0xbe, 0x66, 0x7e, 0xf9, 0xdc, 0xbb, 0xac, 0x55, 0xa0, 0x62, 0x95, 0xce, 0x87, 0x0b, 0x07, 0x02, 0x9b, 0xfc, 0xdb, 0x2d, 0xce, 0x28, 0xd9, 0x59, 0xf2, 0x81, 0x5b, 0x16, 0xf8, 0x17, 0x98};
size_t octets_len = 33;
G = EC_POINT_new(group);
EC_POINT_oct2point(group, G, buf, octets_len, ctx);
if (!G) {
fprintf(stderr, "Failed to get the generator from octet.\n");
}
BIGNUM *x = BN_new();
BIGNUM *y = BN_new();
EC_POINT_get_affine_coordinates_GFp(group, G, x, y, NULL);
BN_print_fp(stdout, x);
putc('\n', stdout);
BN_print_fp(stdout, y);
putc('\n', stdout);
this particular piece of code works with openssl but here it just prints
00
00
for x and y.
the debug log shows the following:
wolfSSL Entering wolfSSL_EC_POINT_oct2point
wolfSSL Entering wolfSSL_ECPoint_d2i
wc_ecc_import_point_der_ex failed
Does this needs some additional enabling of options?
Hello,
Your ECC key is using a Koblitz curve which we do not enable support for by default.
Please add --enable-ecccustcurves=all to your configure line, rebuild wolfSSL and let me know if you still see any issues.Thanks,
Kareem
It works now. Thank you very much.
Happy to help.
What error code is wolfSSL_PEM_read_PrivateKey returning? Can you provide the private key you are trying to load, and the code you are using? Feel free to email us at support [AT] wolfssl [DOT] com if this is sensitive info.
Thanks,
Kareem
Hi Kareem. I am still having an issue with reading PEM file using function PEM_read_PrivateKey. I went through the source code and used that like this:
int err = 0;
WOLFSSL_EVP_PKEY* ret = NULL;
WOLFSSL_BIO* bio = NULL;
bio = wolfSSL_BIO_new(wolfSSL_BIO_s_file());
err = bio == NULL;
if(err == 0) {
printf("step 1 \n");
}
if (err == 0) {
err = wolfSSL_BIO_set_fp(bio, file, BIO_NOCLOSE) != WOLFSSL_SUCCESS;
printf("step 2 \n");
}
if (err == 0) {
ret = wolfSSL_PEM_read_bio_PrivateKey(bio, NULL, NULL, NULL);
printf("step 3 \n");
}
if (bio != NULL) {
wolfSSL_BIO_free(bio);
}
printf("final step");
if (!ret) {
//ERR_dump_errors_fp(stdout);
fprintf(stderr, "Error reading private key file.\n");
return NULL;
}
So this is the source code of wolfSSL_PEM_read_PrivateKey and i get to final step print but I still have nothing in ret variable.
Is there something I am doing wrong here? This code works fine with openssl. the pem file is provided in above message. Can you help with this?
Thank you
Hello,
I am not able to see any errors. What i am doing is the following:
EVP_PKEY *pk = wolfSSL_PEM_read_PrivateKey(file, NULL, NULL, NULL);
if (!pk) {
fprintf(stderr, "Error reading private key file.\n");
return NULL;
}
I uploaded the file i am using. I generated the file using this CLI command:
openssl ecparam -name secp256k1 -genkey -noout -out ca_key.pem
As i said when i use the file server-key.pem that i found in /certs directory of wolfssl github it works fine. I can upload that one as well if needed.
Thanks
Thanks for the help.
I am having issues with the wolfSSL_PEM_read_PrivateKey function. I am unable to load EC Private key. I see that tests in source code load "./certs/server-key.pem" which is RSA private key in Pem format. And this works but EC private key doesnt. Is it possible to load EC Private key?
I would also add that these two lines of code do not work for me. There has to be something i am doing wrong
if(NULL == (ca_key = EC_KEY_new_by_curve_name(NID_secp256k1)))
goto ERROR;
if(1 != EC_KEY_generate_key(ca_key)) goto ERROR;
EC_KEY_generate_key returns 0. I have no errors printed to console.
thanks
Thanks for your help.
I installed and compiled this one wolfssl-5.4.0.zip .
I used the following command ./configure --enable-opensslextra
and this is my Makefile:
CFLAGS=-c -g -O0 -Wextra -Wall -pedantic -std=gnu99 -lwolfssl
LDFLAGS=-lwolfssl
SOURCES=$(wildcard *.c)
OBJECTS=$(SOURCES:.c=.o)
EXEC=ecqv
CC=gcc
all: $(SOURCES) $(EXEC)
$(EXEC): $(OBJECTS)
$(CC) -o $@ $(OBJECTS) $(LDFLAGS)
.c.o:
$(CC) $(CFLAGS) $< -o $@
clean:
rm -f *.o $(EXEC)
And this was my openssl one:
CFLAGS=-c -g -O0 -Wextra -Wall -pedantic -std=gnu99 `pkg-config --cflags openssl`
LDFLAGS=`pkg-config --libs openssl`
SOURCES=$(wildcard *.c)
OBJECTS=$(SOURCES:.c=.o)
EXEC=ecqv
CC=gcc
all: $(SOURCES) $(EXEC)
$(EXEC): $(OBJECTS)
$(CC) -o $@ $(OBJECTS) $(LDFLAGS)
.c.o:
$(CC) $(CFLAGS) $< -o $@
clean:
rm -f *.o $(EXEC)
I am using Ubuntu 20.04.4 LTS but as a subsytem on Windows.
Thanks
Hello all,
I am begginer user with wolfssl. I already have my openssl app that works and i wanted to port it to wolfssl. I am having issues with a couple of things that i am having troubles with. Building my code gives me the following errors:
undefined reference to `wolfSSL_EC_KEY_dup'
undefined reference to `EC_GROUP_get0_generator'
undefined reference to `wolfSSL_EC_POINT_is_on_curve'
undefined reference to `PEM_write_PrivateKey'
I assume these without wolfSSL prefix do not exist?
Also some of these warning seem strange to me. Like this:
note: expected ‘WOLFSSL_EC_GROUP *’ {aka ‘struct WOLFSSL_EC_GROUP *’} but argument is of type ‘const EC_GROUP *’ {aka ‘const struct WOLFSSL_EC_GROUP *’}
217 | int wolfSSL_EC_KEY_set_group(WOLFSSL_EC_KEY *key, WOLFSSL_EC_GROUP *group);
My includes are setup like this:
#include <stdio.h>
#include <string.h>
#include <unistd.h>
#include <errno.h>
#include <wolfssl/options.h>
#include <wolfssl/openssl/ssl.h>
#include <wolfssl/openssl/ec.h>
#include <wolfssl/openssl/bn.h>
#include <wolfssl/openssl/bio.h>
#include <wolfssl/openssl/ecdh.h>
#include <wolfssl/openssl/objects.h>
#include <wolfssl/openssl/rand.h>
#include <wolfssl/openssl/pem.h>
#include <wolfssl/openssl/evp.h>
Do you have any advice on how to proceed?
Thank you
Pages 1
wolfSSL - Embedded SSL Library → Posts by juvebogdan
Powered by PunBB, supported by Informer Technologies, Inc.
Generated in 0.016 seconds (96% PHP - 4% DB) with 4 queries