1.
      ngustavson

      [Avatar]
      2006-09-26 14:42:41 MDT
      I'm cross-compiling yassl for a uClinux system.
      I built wput against it's static library and brought it in.

      I can't get it to establish a connection yet.
      By adding some debug statements I found out that the key exchange was failing in
      cyassl_inc.c at:

      SendClientKeyExchange(SSL* ssl)

      in:

      ret = RsaPublicEncrypt(ssl->preMasterSecret, SECRET_LEN, encSecret,
      sizeof(encSecret), &key, &ssl->rng);

      This happened because
      key->n was larger than sizeof(encSecret)

      specifically
      key->n - 128
      sizof(encSecret) - 96

      As these numbers just so happen to be the byte length of the common 1024 and 768 bit keys respectively, I figured that wolfssl was probably just not providing enough memory for keys > 768 bits.

      Hacking things around, I changed SECRET_LEN to 64 to bump it up to 1024 bits.
      This allowed the key exchange to pass but causes a mac error, so I'm figuring there's another number or table in there that needs to change alongside of SECRET_LEN.

      Am I on the right track?
      Is there an established way to add support for larger keys?
      Am I completely off?

      thx,
      NZG

   2.
      touskaProject Admin

      [Avatar]
      2006-09-26 15:26:09 MDT
      SECRET_LEN needs to stay at 48, per the standard. The bug is the length of encSecret, it shouldn't depend on SECRET_LEN. I just increased it to 256 to handle up to 2048 bit RSA. Thanks for the report.
   3.
      ngustavson

      [Avatar]
      2006-09-26 17:00:21 MDT
      Thank you sir.
      That little tip got my app working.
      More testing is required but it certainly makes for a better nights sleep.
      :-)

      thx,
      NZG