• Registered: 2024-09-29
  • Posts: 8

Topic: Looking to enable specific PSK Cipher Suites

I have a DTLS client using wolfssl on Zephyr and a server on debian on which I have used the ./configure script to build wolfssl, with these options:   

./configure --enable-debug --enable-dtls --enable-dtls13 --enable-dtlscid --enable-debug --enable-dtls --enable-dtls13 --enable-dtlscid --enable-opensslextra --enable-psk

Some cipher suites I see are only available on the client side (I check via wolfSSL_get_ciphers()), so I know wolfssl supports them, but are not enabled on the server side.
What ./configure option should I use to enable the following ciphers:
PSK-AES128-GCM-SHA256
PSK-AES128-CBC-SHA256

Thank you.

Share

  • Registered: 2021-07-06
  • Posts: 152

Re: Looking to enable specific PSK Cipher Suites

Hello Sunnysunday,

Those cipher suites require WOLFSSL_STATIC_PSK defined and PSK, AES/AES-CBC, TLS and SHA256 enabled.  It looks like your config is only missing WOLFSSL_STATIC_PSK, you will need to manually add this flag as it is not supported with a configure argument currently: "CFLAGS=-DWOLFSSL_STATIC_PSK" ./configure ...

Thanks,
Kareem

Share

  • Registered: 2024-09-29
  • Posts: 8

Re: Looking to enable specific PSK Cipher Suites

Great, thank you.

Share