Our application sends datagrams, some of which are unreliable and may be dropped at any time. Therefore I think we can't easily use TLS.

I'll see if I can figure out what to change to remove the HelloVerifyRequest myself... if I get it working should I submit a patch or something?

-Ken

The usual DTLS handshake requires 3 round trips (from RFC 4347):

    Client                    Server

    ClientHello -------->

    <------- HelloVerifyRequest

    ClientHello -------->

                   ServerHello
                   Certificate*
                   ServerKeyExchange*
                   CertificateRequest*
     <-------- ServerHelloDone

    Certificate*
    ClientKeyExchange
    CertificateVerify*
    [ChangeCipherSpec]
    Finished  -------->

                  [ChangeCipherSpec]
    <-------- Finished


However, in certain cases, it is desirable to reduce the number of round trips for connection. For example, when doing satellite communications, round trip time can be 4+ seconds. In these cases, it is nice to be able to disable the HelloVerifyRequest portion of the handshake (the first two steps), so that only 2 round trips are required.

Is there any way to do this with wolfSSL?

-Ken

I have set up wolfSSL to do an asynchronous connect/accept. The idea is that SSL data is sent immediately, and there is no blocking to receive; instead, the SSL data from the other side is handled when it arrives. This is working well; the only thing I had to work out was what happens after the connection is set up, but before any application data has been received. In this case, the last call to SSL_read() finished the connection handshake, and then (since there was no more data), the ssl->error is set to WANT_READ. Now if I call SSL_write, it will succeed, (it returns the number of bytes written, rather than a negative error number). However, when I call SSL_get_error(ssl, result), it still returns SSL_ERROR_WANT_READ (rather than the SSL_ERROR_NONE which would be returned by OpenSSL).

This is not really a bug so much as a difference between wolfSSL and OpenSSL, so I'm not sure if you want to fix it or not. I can just check the return value from SSL_write() and only call SSL_get_error() if SSL_write returns <= 0. Another option is to change the SSL_get_error(ssl, result) function so that it returns SSL_ERROR_NONE if result is > 0.

-Ken

4

(5 replies, posted in wolfSSL)

OK, I got it to work. I had to change MAX_UDP_SIZE in addition to MAX_MTU.

-Ken

5

(1 replies, posted in wolfSSL)

With gcc warnings turned up to "irritating" (-Wall -Wextra), there are a couple of build warnings in wolfSSL:

cyassl_int.c:171: warning: ‘inline’ is not at beginning of declaration
cyassl_int.c: In function ‘DoCertificateVerify’:
cyassl_int.c:4903: warning: comparison between signed and unsigned
ssl.c: In function ‘ProcessFile’:
ssl.c:663: warning: comparison between signed and unsigned
tls.c:242: warning: ‘inline’ is not at beginning of declaration

not really important, I just noticed because we build with -Werror.

6

(5 replies, posted in wolfSSL)

OK, thanks. I will give it a try. We have also tried Mocana (http://www.mocana.com/nanodtls.html) but it looks like wolfSSL embedded SSL could be better in many respects.

The reason we use DTLS is that we have a datagram-oriented system which works over many different protocols. We support both reliable and unreliable data, so one requirement is that data can be dropped. It seemed to me that DTLS was a better fit for these requirements than TLS.

On a separate note, I noticed that there are some defines and stub files for ECC, but the implementation is not present. Is there a separate download for the ECC implementation, or is that planned for the future?

-Ken

7

(5 replies, posted in wolfSSL)

I am interested in using wolfSSL for DTLS over arbitrary protocols (eg serial, bluetooth, ... not just UDP). Currently we do this with OpenSSL by setting up the read and write BIOs to be memory BIOs. Then when we send data, we call SSL_write() and then read the encrypted data out of the write BIO to send over whatever the protocol is; when we receive data from the remote side, we write it into the read BIO and then call SSL_read().

Is there a way to do something similar with the wolfSSL API? It seems like maybe the CBIORecv/CBIOSend function pointers could be set up in the SSL context to do what I want; is this correct?

I am also wondering if there is a way to set the MTU so that we can read/write chunks larger than 1500 bytes.