• Registered: 2023-07-17
  • Posts: 4

Topic: wc_InitRng(&rng) returns -199

As part of an bigger project I have problems using wolfcrypt in my sketch for my EPS32-S3.
Following is the sketch (a minimal extract from my entire project - but complete to run reproducible standalone):

#include <wolfssl.h>
#include <wolfssl/wolfcrypt/random.h>
#include <wolfssl/wolfcrypt/wc_port.h>
#include <wolfssl/wolfcrypt/rsa.h>

void setup() {
  int ret;
  RNG rng;

  Serial.begin(115200);
  while (!Serial) {
    delay(100);
  }
  Serial.println("We start ..."); Serial.flush();
  delay(10000);

  // initialize wolfCrypt
  Serial.println("Initializing wolfCrypt ..."); Serial.flush();
  ret = wolfCrypt_Init();
  Serial.println("wolfCrpyt_Init:"); Serial.flush();
  Serial.println(ret); Serial.flush();
  if (ret != 0) {
    Serial.println(String("wolfCrypt initialization failed with error " + ret)); Serial.flush();
    return;
  }
  Serial.println("wolfCrypt initialization successful."); Serial.flush();
  Serial.println("... initialized wolfCrypt."); Serial.flush();
  delay(10000);

  // initialize RNG
  Serial.println("Initializing Random Number Generator ..."); Serial.flush();
  ret = wc_FreeRng(&rng);
  Serial.println("wc_FreeRng:"); Serial.flush();
  Serial.println(ret); Serial.flush();
  delay(3000);

  ret = wc_InitRng(&rng);
  Serial.println("wc_InitRng:"); Serial.flush();
  Serial.println(ret); Serial.flush();
  if (ret != 0) {
    Serial.println(String("RNG initialization failed with error " + ret)); Serial.flush();
    wolfCrypt_Cleanup();
    return;
  }
  Serial.println("RNG initialization successful."); Serial.flush();
  Serial.println("... initialized Random Number Generator."); Serial.flush();
}

void loop() {
  Serial.println("Empty Sketch - Loop function");
  delay(10000);
}

The output in the Serial Monitor is as follows:
<code>
22:15:07.278 -> ESP-ROM:esp32s3-20210327
22:15:07.278 -> Build:Mar 27 2021
22:15:07.278 -> rst:0x1 (POWERON),boot:0x8 (SPI_FAST_FLASH_BOOT)
22:15:07.278 -> SPIWP:0xee
22:15:07.278 -> mode:DIO, clock div:1
22:15:07.278 -> load:0x3fce3808,len:0x3ac
22:15:07.278 -> load:0x403c9700,len:0x9b4
22:15:07.278 -> load:0x403cc700,len:0x28d8
22:15:07.278 -> entry 0x403c98bc
22:15:07.378 -> We start ...
22:15:17.360 -> Initializing wolfCrypt ...
22:15:17.360 -> wolfCrpyt_Init:
22:15:17.360 -> 0
22:15:17.360 -> wolfCrypt initialization successful.
22:15:17.360 -> ... initialized wolfCrypt.
22:15:27.373 -> Initializing Random Number Generator ...
22:15:27.373 -> wc_FreeRng:
22:15:27.373 -> 0
22:15:30.382 -> wc_InitRng:
22:15:30.382 -> -199
22:15:30.382 -> Crypt ...
22:15:30.382 -> Empty Sketch - Loop function
22:15:40.405 -> Empty Sketch - Loop function
22:15:50.380 -> Empty Sketch - Loop function
22:16:00.398 -> Empty Sketch - Loop function
....
</code>

What am I doing wrong? What other info is need to dig into this problem?

As alternative I removed the "wc_FreeRng(...)" call prior to the "wc_InitRng(...)" call. But no reveal.
And declaring "rng" as "WC_RNG" instead of "RNG" dir not help.
What I can see is, that the follwing "Serial.println(...);" statement only shows corrupted output, which looks to me as some memory overwrite! e.g.
<code>
22:26:36.125 -> Initializing Random Number Generator ...
22:26:36.125 -> wc_FreeRng:
22:26:36.125 -> 0
22:26:39.134 -> wc_InitRng:
22:26:39.134 -> -199
22:26:39.134 -> Crypt ...
22:26:39.134 -> Empty Sketch - Loop function
...
</code>

Actually I need the RNG for a later call to "wc_RsaSSL_Sign(..., &rng)".

Share

  • Registered: 2021-07-06
  • Posts: 102

Re: wc_InitRng(&rng) returns -199

Hi OptiZle,

Thanks for reaching out to us.

-199 is RNG_FAILURE_E, which means we had an issue initializing your RNG.
What version of wolfSSL are you using, and what settings are you using to build wolfSSL?  Have you tried using our Espressif example found here: https://github.com/wolfSSL/wolfssl/tree … if/ESP-IDF ?  If not, I would recommend using it.  Make sure you're using our latest version, 5.6.3.

Thanks,
Kareem

Share

3 Reply by OpitZle (edited by OpitZle 2023-07-18 05:37:30)

  • Registered: 2023-07-17
  • Posts: 4

Re: wc_InitRng(&rng) returns -199

Hi Kareem,

I'm using the Arduino IDE 1.8.19 and the latest available wolfSSL version available (managed by Arduinos Library Manager), which is 5.5.4 (provided by "onelife").
Are there significant enhancements in wolfSSL version 5.6.3 in my problem area? I like to stay with this official ofdered version.

To reduce the size of my sketch I have switched off (if 0 ....) some features in the user_settings_default.h file. Just so many that I get an error-/warning-free compilation. Is there any feature which is an absolutely must and should not be "if 0"-ed for what I want to achieve?
<Edit> I have undone all changes in user_settings_defaults.h (with one exception: not using my own malloc/mfree functions). Stll the same old ret=-199 problem with wc_InitRng().</Edit>

I downloaded all the examples you mentioned in your link, however none of hem uses the function in question: wc_InitRng(). So what I learn from them?

Share

  • Registered: 2021-07-06
  • Posts: 102

Re: wc_InitRng(&rng) returns -199

Hi OptiZle,

The examples include a user_settings.h which is tuned for the ESP32, I would recommend retrying with this.  Our generic user_settings_default.h file is meant as a reference, and is not suitable out of the box for the ESP32.

Yes, we've recently improved our ESP32 support and added support for the S3.  I don't believe this support was present in 5.5.4.  I would strongly recommend upgrading.

Thanks,
Kareem

Share

5 Reply by OpitZle (edited by OpitZle 2023-07-21 13:47:05)

  • Registered: 2023-07-17
  • Posts: 4

Re: wc_InitRng(&rng) returns -199

Hi Kareem,

I did as suggested:
1. Upgraded to wolfSSL version 5.6.3. Beause this verison is not (yet) supported by the Ardino 1.8.19 Library Manager (as of 07/21/2022) automatically, I did the installtion by hand. Replacing all files in \src, \wolfssl and \wolfcrypt sub-dirs by their newer versions (some additional files were copied, too).
2. Changed my inludes of the above sketch to:

#include <wolfssl.h>
#include <user_settings.h>
#include <wolfssl/wolfcrypt/rsa.h>

When starting the Arduino 1.8.19 IDE freshly, all sources are complied error-free. Some warnings are now new upcoming:
#warning "For timing resistance / side-channel attack prevention consider using harden options"     and
#warning ______.c does not need to be compiled separately from ssl.c
which were not there in v5.5.4, but i think they have nothing to do with my problem.

I still get -199 return code for the wc_Initrng() function

22:08:04.690 -> We start ...
22:08:07.676 -> Initializing wolfCrypt ...
22:08:07.676 -> wolfCrpyt_Init:
22:08:07.676 -> 0
22:08:07.676 -> wolfCrypt initialization successful.
22:08:07.676 -> ... initialized wolfCrypt.
22:08:10.705 -> Initializing Random Number Generator ...
22:08:10.705 -> wc_FreeRng:
22:08:10.705 -> 0
22:08:13.710 -> wc_InitRng:
22:08:13.710 -> -199
22:08:13.710 -> Crypt ...
22:08:13.710 -> wolfCrypt_Cleanup:
22:08:13.710 -> 0
22:08:13.710 -> Empty Sketch - Loop function
22:09:13.724 -> Empty Sketch - Loop function
22:10:13.714 -> Empty Sketch - Loop function
22:11:13.723 -> Empty Sketch - Loop function
...

What is wrong with my sketch? What does -199 mean exactly? Are there #includes mssing? Any other sequence of function calls necessary?

Share

  • Registered: 2023-07-17
  • Posts: 4

Re: wc_InitRng(&rng) returns -199

Hi kareem,

after a long night of investigation and debugging (many #Warning-statements), I found the one of the 76! spots, where the -199 is set and the reason why: I missed to uncomment in the \wolfcrypt\settings.h the section with my board.

/* Uncomment next line if building for using ESP-IDF */
#define WOLFSSL_ESPIDF

/* Uncomment next line if using Espressif ESP32-WROOM-32 */
#define WOLFSSL_ESPWROOM32

To get an error-free compilation I also added these three lines

#define WOLFSSL_ALLOW_NO_SUITES
#define WOLFSSL_IGNORE_FILE_WARN 
#define NO_ESP32WROOM32_CRYPT

As recommended I had done this uncommenting in the \IDE\Espessif\user_settings.h and included that on into my script. But not in the \wolfcrpyt\settings.h. Having two places to change to achieve one goal is a design flaw for me! As consequence the random.c file did not #ifdef-compile the correct wc_GenerateSeed() function and falls through to the generic wc_Generate() at the far end in random.c, which leads to nonsense in my ESP32S3 context.
A short compiler warning like "No board/OS/chip enabled - trying generic seed generation. Check settings.h" or so would have helped me much.

Thanks for your help (so far).

My small simple excerpt program is now running as expected.

Unfortunately my bigger entire program is now running into a "out of Stack in looptask" problem at the wolfCrypt_Init() call. The stack in the Arduino ESP32 context is only 8196 Bytes, which seems to be too few for a bigger program. But this is a different story not handled here.

From my point of view, we can close this post.

Share