Topic: WolfSSL on TI-RTOS Error -308

Hi,
I'm using TI-RTOS example whith wolfssl 8.0

In the example all you have to do is add the hostname and its certificate.

The Hostname I'm using is https://ev-root.chain-demos.digicert.com from where you can also get the Certificate.
I was getting this error Error! code = 400, desc = httpsTask: cannot get status

I enabled the debug in wolfSSL and here's the result of it. I don't understand why I'm getting this error.

Can anyone help me with this?

s in flash
Starting the HTTPS GET example
System provider is set to SysMin. Halt the target to view any SysMin contents in ROV.
Service Status: DHCPC    : Enabled  :          : 000
Service Status: DHCPC    : Enabled  : Running  : 000
Network Added: If-1:192.168.10.69
Service Status: DHCPC    : Enabled  : Running  : 017
Current time: Thu Jun 13 19:11:25 2019

Sending a HTTPS GET request to 'https://ev-root.chain-demos.digicert.com'
wolfSSL Entering WOLFSSL_CTX_new
wolfSSL Entering wolfSSL_Init
wolfSSL Entering wolfSSL_CertManagerNew
wolfSSL Leaving WOLFSSL_CTX_new, return 0
wolfSSL Entering wolfSSL_CTX_load_verify_buffer
Adding a CA
wolfSSL Entering GetExplicitVersion
wolfSSL Entering GetMyVersion
Got Cert Header
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Algo ID
Getting Cert Name
Getting Cert Name
Got Subject Name
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Key
Parsed Past Key
wolfSSL Entering DecodeCertExtensions
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeKeyUsage
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeBasicCaConstraint
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeSubjKeyId
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeAuthKeyId
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
    Parsed new CA
    Freeing Parsed CA
    Freeing der CA
        OK Freeing der CA
wolfSSL Leaving AddCA, return 0
wolfSSL Entering SSL_new
wolfSSL Leaving SSL_new, return 0
wolfSSL Entering SSL_set_fd
wolfSSL Leaving SSL_set_fd, return 1
wolfSSL Entering wolfSSL_send()
wolfSSL Entering SSL_write()
handshake not complete, trying to finish
wolfSSL Entering wolfSSL_negotiate
wolfSSL Entering SSL_connect()
growing output buffer

Shrinking output buffer

connect state: CLIENT_HELLO_SENT
growing input buffer

received record layer msg
wolfSSL Entering DoHandShakeMsg()
wolfSSL Entering DoHandShakeMsgType
processing server hello
wolfSSL Entering VerifyClientSuite
wolfSSL Leaving DoHandShakeMsgType(), return 0
wolfSSL Leaving DoHandShakeMsg(), return 0
growing input buffer

received record layer msg
wolfSSL Entering DoHandShakeMsg()
wolfSSL Entering DoHandShakeMsgType
processing certificate
Loading peer's cert chain
    Put another cert into chain
    Put another cert into chain
wolfSSL Entering GetExplicitVersion
wolfSSL Entering GetMyVersion
Got Cert Header
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Algo ID
Getting Cert Name
Getting Cert Name
Got Subject Name
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Key
Parsed Past Key
wolfSSL Entering DecodeCertExtensions
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeBasicCaConstraint
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeKeyUsage
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeExtKeyUsage
wolfSSL Entering GetObjectId()
wolfSSL Entering GetObjectId()
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeAuthInfo
wolfSSL Entering GetObjectId()
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeCrlDist
wolfSSL Entering GetObjectId()
Certificate Policy extension not supported yet.
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeSubjKeyId
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeAuthKeyId
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
About to verify certificate signature
Adding CA from chain
Adding a CA
wolfSSL Entering GetExplicitVersion
wolfSSL Entering GetMyVersion
Got Cert Header
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Algo ID
Getting Cert Name
Getting Cert Name
Got Subject Name
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Key
Parsed Past Key
wolfSSL Entering DecodeCertExtensions
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeBasicCaConstraint
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeKeyUsage
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeExtKeyUsage
wolfSSL Entering GetObjectId()
wolfSSL Entering GetObjectId()
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeAuthInfo
wolfSSL Entering GetObjectId()
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeCrlDist
wolfSSL Entering GetObjectId()
Certificate Policy extension not supported yet.
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeSubjKeyId
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeAuthKeyId
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
    Parsed new CA
    Freeing Parsed CA
    Freeing der CA
        OK Freeing der CA
wolfSSL Leaving AddCA, return 0
Verifying Peer's cert
wolfSSL Entering GetExplicitVersion
wolfSSL Entering GetMyVersion
Got Cert Header
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Algo ID
Getting Cert Name
Getting Cert Name
Got Subject Name
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Key
Parsed Past Key
wolfSSL Entering DecodeCertExtensions
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeAuthKeyId
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeSubjKeyId
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeAltNames
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeKeyUsage
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeExtKeyUsage
wolfSSL Entering GetObjectId()
wolfSSL Entering GetObjectId()
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeCrlDist
    There are more CRL Distribution Point records, but we only use the first one.
wolfSSL Entering GetObjectId()
Certificate Policy extension not supported yet.
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeAuthInfo
wolfSSL Entering GetObjectId()
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeBasicCaConstraint
wolfSSL Entering GetObjectId()
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
About to verify certificate signature
Verified Peer's cert
wolfSSL Leaving DoHandShakeMsgType(), return 0
wolfSSL Leaving DoHandShakeMsg(), return 0
received record layer msg
wolfSSL Entering DoHandShakeMsg()
wolfSSL Entering DoHandShakeMsgType
processing server key exchange
wolfSSL Leaving DoHandShakeMsgType(), return 0
wolfSSL Leaving DoHandShakeMsg(), return 0
received record layer msg
wolfSSL Entering DoHandShakeMsg()
wolfSSL Entering DoHandShakeMsgType
processing server hello done
wolfSSL Leaving DoHandShakeMsgType(), return 0
wolfSSL Leaving DoHandShakeMsg(), return 0
connect state: HELLO_AGAIN
connect state: HELLO_AGAIN_REPLY
connect state: FIRST_REPLY_DONE
connect state: FIRST_REPLY_FIRST
growing output buffer

Shrinking output buffer

sent: client key exchange
connect state: FIRST_REPLY_SECOND
connect state: FIRST_REPLY_THIRD
growing output buffer

Shrinking output buffer

sent: change cipher spec
connect state: FIRST_REPLY_FOURTH
growing output buffer

Shrinking output buffer

sent: finished
connect state: FINISHED_DONE
received record layer msg
got CHANGE CIPHER SPEC
received record layer msg
wolfSSL Entering DoHandShakeMsg()
wolfSSL Entering DoHandShakeMsgType
processing finished
wolfSSL Leaving DoHandShakeMsgType(), return 0
wolfSSL Leaving DoHandShakeMsg(), return 0
connect state: SECOND_REPLY_DONE
Shrinking input buffer

wolfSSL Leaving SSL_connect(), return 1
wolfSSL Leaving wolfSSL_negotiate, return 1
growing output buffer

Shrinking output buffer

wolfSSL Leaving SSL_write(), return 16
wolfSSL Leaving wolfSSL_send(), return 16
wolfSSL Entering wolfSSL_send()
wolfSSL Entering SSL_write()
growing output buffer

Shrinking output buffer

wolfSSL Leaving SSL_write(), return 48
wolfSSL Leaving wolfSSL_send(), return 48
wolfSSL Entering wolfSSL_send()
wolfSSL Entering SSL_write()
growing output buffer

Shrinking output buffer

wolfSSL Leaving SSL_write(), return 36
wolfSSL Leaving wolfSSL_send(), return 36
wolfSSL Entering wolfSSL_send()
wolfSSL Entering SSL_write()
growing output buffer

Embed Send error
    Connection reset
wolfSSL error occured, error = -308
wolfSSL Leaving SSL_write(), return 0
wolfSSL Leaving wolfSSL_send(), return 0
wolfSSL Entering wolfSSL_send()
wolfSSL Entering SSL_write()
output buffer was full, trying to send again
Embed Send error
    General error
wolfSSL error occured, error = -308
wolfSSL Leaving SSL_write(), return 0
wolfSSL Leaving wolfSSL_send(), return 0
wolfSSL Entering wolfSSL_send()
wolfSSL Entering SSL_write()
output buffer was full, trying to send again

After this it keeps on printing the same last 8 lines and doesn't stop.

Share

Re: WolfSSL on TI-RTOS Error -308

Hi dpkrai93,

Can you tell us a bit about yourself and which organization you represent? Can you tell us about the project you are working on involving TI and what is driving these questions? If you do not wish to disclose such details on a public forum please contact us at support@wolfssl.com for a more private venue.

The most common cause of oddly looping code is stack and heap collisions or corruption. Can you check that your stack and heap are set appropriately large enough to handle the TLS handshake?

Warm Regards,

K

3 (edited by dpkrai93 2019-06-13 13:45:10)

Re: WolfSSL on TI-RTOS Error -308

Hi Kaleb,

I'm working on a TI example for HTTPSGET which is an example provided by TI in TI_RTOS package.

As this code is provided by them I don't exactly know how to check the stack and heap  and I'm new to SSl.

But i can see in the code that #define HTTPTASKSTACKSIZE 32768 has been used.

i'm using CCS v7 and In project properties
Set C system stack size value is 512
Heap Size for C/C++ dynamic memory allocation is set to 0.

do i need to change it?


what else can be a reason for this?

Embed Send error
    Connection reset
wolfSSL error occured, error = -308



Regards,
Deepak

Share

Re: WolfSSL on TI-RTOS Error -308

Hi dpkrai93,

-308 is a socket error, it's a pretty standard result when the peer rejects the connection for one reason or another. This can be caused by a missing extension that the peer expects to see or a mismatch of cipher suites, etc.

Can you capture a wireshark trace of the test connection for review?

Warm Regards,

KH