Topic: error -131 with cyassl 1.4.0 (openwrt lua nixio)

Hi

I'm using cyassl 1.4.0 through a lua library called nixio in openwrt
I'm trying to have an https client validating the server private certificate authority.

the program calls set_verify to "peer" then set_verify_locations with my CAfile before connecting.
The CA is private and was generated with openssl.
After having had some problems with dates, I now have problems with error -131

RSA_BUFFER_E       = -131,  /* RSA buffer error, output too small or input too large */

What can I do about this?

Thanks for your help

Share

Re: error -131 with cyassl 1.4.0 (openwrt lua nixio)

Hi,

Have you tried our most current version of CyaSSL (CyaSSL 2.0) to see if you still get the same error?  You can download it from here: http://yassl.com/yaSSL/Download.html.

Regards,
Chris

Re: error -131 with cyassl 1.4.0 (openwrt lua nixio)

Thanks for your response.

I'm not sure if it will be easy to cross compile to openwrt, as there are some patches to be applied.
Would you have a makefile for openwrt?

Share

Re: error -131 with cyassl 1.4.0 (openwrt lua nixio)

Could you tell me what RSA key size you are using?  Also, is your CA file you are loading a single certificate, or a cert chain?

Thanks,
Chris

Re: error -131 with cyassl 1.4.0 (openwrt lua nixio)

The server certificate rsa public key is 4096 bit.
This is the default value on my system. I don't even know how to change it...

What size should I choose?

It is also a single certificate in the ca file.

Share

Re: error -131 with cyassl 1.4.0 (openwrt lua nixio)

Changing the key size to 2048 solved the problem.

Thanks for your help.

Share

Re: error -131 with cyassl 1.4.0 (openwrt lua nixio)

Glad to hear you got it figured out.  One of the items on our task list is to update our embedded SSL library in OpenWrt to 2.0.

- Chris