• Registered: Yesterday
  • Posts: 2

Topic: Getting -125 for the API wolfSSL_CTX_load_verify_buffer()

hi All,

I am using TM4C129X MCU + FreeRTOS TCP+ Wolfssll 5.8.4

i am facing -125 error for this api
wolfSSL_CTX_load_verify_buffer(ctx, (const unsigned char*)ca_cert_pem, strlen(ca_cert_pem), WOLFSSL_FILETYPE_PEM);

Her is my user-settings.h file
/*
* user_settings.h
*
*  Created on: 11-Feb-2026
*      Author: chira
*/
#ifndef WOLFSSL_USER_SETTINGS_H
#define WOLFSSL_USER_SETTINGS_H

#ifdef __cplusplus
extern "C" {
#endif

/* ===================================================== */
/* Platform */
/* ===================================================== */
#define FREERTOS_TCP
#define SINGLE_THREADED
#define WOLFSSL_SMALL_STACK
#define WOLFSSL_USER_IO

/* Required for TI CGT */
#define NO_INLINE

/* ===================================================== */
/* TLS Configuration */
/* ===================================================== */

#define WOLFSSL_TLS12
#define WOLFSSL_NO_TLS13

#define NO_OLD_TLS
#define NO_SESSION_CACHE
#define NO_WOLFSSL_SERVER   /* Client only */
#define HAVE_SNI

/* ===================================================== */
/* Disable Unused Crypto */
/* ===================================================== */

//#define NO_RSA
#define NO_DH
#define NO_DSA
#define NO_DES3
#define NO_RC4
#define NO_MD4
#define NO_PSK
#define NO_FILESYSTEM
#define NO_WRITEV

/* ===================================================== */
/* ECC (Only curve secp256r1) */
/* ===================================================== */

#define HAVE_ECC
#define ECC_USER_CURVES
#undef NO_ECC256

#define ECC_SHAMIR
#define ECC_TIMING_RESISTANT

/* ===================================================== */
/* AES */
/* ===================================================== */

#define HAVE_AES_CBC
#define HAVE_AESGCM
#define GCM_SMALL

/* ===================================================== */
/* Hash */
/* ===================================================== */

//#define NO_SHA
/* Keep SHA enabled */
#define NO_MD5
#define WOLFSSL_SHA256

/* ===================================================== */
/* Math */
/* ===================================================== */

#define USE_FAST_MATH
#define TFM_TIMING_RESISTANT
#define FP_MAX_BITS 4096

/* ===================================================== */
/* Memory */
/* ===================================================== */

//#define NO_WOLFSSL_MEMORY   /* use malloc/free */
// #define WOLFSSL_STATIC_MEMORY
// #define WOLFSSL_NO_MALLOC

/* ===================================================== */
/* RNG */
/* ===================================================== */

#define HAVE_HASHDRBG

//extern unsigned int my_rng_seed_gen(void);
//#define CUSTOM_RAND_GENERATE my_rng_seed_gen

/* ===================================================== */
/* Misc */
/* ===================================================== */

#define HAVE_TLS_EXTENSIONS
#define HAVE_SUPPORTED_CURVES

#define HAVE_CERTS
#define WOLFSSL_BASE64_ENCODE
#define WOLFSSL_ASN
#define HAVE_X509

#define WOLFSSL_USER_CURRTIME
#define XTIME time


#ifdef __cplusplus
}
#endif

#endif /* THIRD_PARTY_USER_SETTINGS_H_ */


please guide me where i am getting wrong and also i am attaching my code

Regards
Chiranth Murthy

Share

  • Registered: 2021-07-06
  • Posts: 193

Re: Getting -125 for the API wolfSSL_CTX_load_verify_buffer()

Hi Chiranth,

-125 is MEMORY_E, this means that malloc/your system's equivalent has returned some kind of failure, in most cases this means your system has run out of heap memory.
Note that verifying a certificate is a resource intensive operation.  Try defining WOLFSSL_SMALL_CERT_VERIFY and let me know if it helps, this will reduce the memory usage during cert verification.
If that doesn't work, please confirm how much heap memory you have available on your system.

Can you share some information on your project?  Are you working on a personal or commercial project?

Thanks,
Kareem

Share