You are not logged in. Please login or register.
Please post questions or comments you have about wolfSSL products here. It is helpful to be as descriptive as possible when asking your questions.
ReferenceswolfSSL - Embedded SSL Library → Posts by embhorn
You can use the configuration define
WOLFSSL_ALT_CERT_CHAINSExcellent, we'll continue the conversation there!
Hi vschiavoni,
Thanks for joining the wolfSSL Forums. Yes, we are still gathering requirements for the project. Please send an email to
facts@wolfssl.comand we can have a discussion about your use case.
Kind regards,
Eric - wolfSSL Support
Hi muataz.m
Thanks for joining the wolfSSL Forums. Perhaps this will be useful:
https://learn.microsoft.com/en-us/xamar … tform/cpp/
If you're interested in having us create a Xamarin Forms port of wolfSSL, please send an email to
facts@wolfssl.comwhere we can create a feature request for you.
Thanks,
Eric - wolfSSL Support
Hi mrdebug,
Thanks for joining the wolfSSL Forums. Try enabling alternate cert chains with
--enable-altcertchains
./examples/client/client -h www.google.com -p 443 -g -v 3 -A google.crt
SSL version is TLSv1.2
SSL cipher suite is TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
SSL curve name is SECP256R1
Alternate cert chain used
SSL connect ok, sending GET...
HTTP/1.0 200 OK
Date: Wed, 15 Mar 2023 13:34:58 GMT
Expires: -1
Cache-Control: private, max-age=0
Content-Type: text/html; charset=ISO-8859-1
P3P: CP="This is not a P3P policy! See g.co/p3phelp for more info."
Server: gws
X-XSS-Protection: 0
X-FraHi Shammon,
Thanks for joining the wolfSSL Forums. Please try including the wolfSSL config header before any other wolfSSL includes:
#ifndef WOLFSSL_USER_SETTINGS
#include <wolfssl/options.h>
#endif
#include <wolfssl/wolfcrypt/settings.h>Thanks,
Eric - wolfSSL Support
It seems like we have the same conversation happening on two forums:
https://stackoverflow.com/questions/755 … to-sp-init
Let's just keep the conversation going here.
Thanks,
Eric - wolfSSL Support
Hi wangzihao,
Thanks for joining the wolfSSL Forums. Could you share the "./config" command you used?
Are you trying to use the math library directly in your application? If so you'll need to define "WOLFSSL_PUBLIC_MP" in the configuration. You should use the "mp_*" API instead of the direct "sp_*" functions.
Let us know if there are still questions.
Thanks,
Eric - wolfSSL Support
The RNG is required for resistance to timing attacks. If you are only doing this as research, you can disable the timing attack resistance by undefining
ECC_TIMING_RESISTANTHello kingutoran98,
We have an example that you might find useful:
https://github.com/wolfSSL/wolfssl-exam … ate_secret
Also this example is a good demonstration of using the x963 API:
https://github.com/wolfSSL/wolfssl-exam … glentest.c
What configuration settings are you building wolfSSL with?
Could you tell us about about your project?
Thanks,
Eric @ wolfSSL Support
Hi asigrijenny,
Welcome to the forums. The solution was posted here:
https://www.wolfssl.com/forums/post6393.html#p6393
Thanks,
Eric - wolfSSL Support
Hello Anika,
Yes, releases are always tagged as stable:
https://github.com/wolfSSL/wolfssl/rele … 5.4-stable
Thanks,
Eric - wolfSSL Support
Hi m_u_h
You could try simply setting the FIPS hash to an invalid value.
Hi Hodge,
Check out the project instructions from the readme:
https://github.com/wolfSSL/wolfssl/tree … om-scratch
In particular, confirm that the preprocessor macro "WOLFSSL_USER_SETTINGS" is set, per step 15
Thanks,
Eric
Hi Hodge,
Is "versal" defined? Otherwise it looks like "WOLFSSL_ARMASM" is being defined at the end:
#if !defined(WOLFSSL_XILINX_CRYPT_VERSAL)
/* Enable ARMv8 (Aarch64) assembly speedups - SHA256 / AESGCM */
/* Note: Requires CFLAGS="-mcpu=generic+crypto -mstrict-align" */
#define WOLFSSL_ARMASM
#endifHi senergy,
Thanks for joining the wolfSSL Forums. Using VS Code to build wolfSSL is pretty straightforward. Since you are trying to build for the RPi, you will need to have the right tools to cross compile. VS Code makes setting the target easy. Here is a tutorial that you might find useful:
https://enes-ozturk.medium.com/cross-co … ca4976fdd1
Since you also contacted our support email, we will follow up from there.
Thanks,
Eric - wolfSSL Support
Hello Hodge,
Thanks for joining the wolfSSL Forums. In your configuration, please ensure that either WOLFSSL_ARMASM or WOLFSSL_XILINX_CRYPT is defined, but not both.
Thanks,
Eric - wolfSSL Support
Hi wangzihao,
Thanks for joining the wolfSSL Forums. How did you configure wolfSSL? Have you reviewed the ECC examples in our repository?
https://github.com/wolfSSL/wolfssl-exam … master/ecc
Thanks,
Eric - wolfSSL Support
Hello m_u_h
It is the responsibility of the application making a claim to be using FIPS validated cryptography to only use FIPS validated cryptography.
Please submit a support ticket by emailing support@wolfssl.com for further clarification.
Kind regards,
Eric, wolfSSL Support
Are you setting up the callback? Here is an example:
https://github.com/wolfSSL/wolfssl-exam … cryptocb.c
What is the return value from the call to wc_CryptoCb_RegisterDevice ?
Thanks,
Eric @ wolfSSL Support
Hello linxiong2
Thanks for joining the wolfSSL forums. The error is due to the IO callbacks being configured but not set:
Your IO Send callback is null, please set
For LWIP we support their socket interface by default if you add `WOLFSSL_LWIP` to the generated configuration file `wolfSSL.I-CUBE-wolfSSL_conf.h`.
The documentation or the Cube pack is here:
https://github.com/wolfSSL/wolfssl/tree … /STM32Cube
Thanks,
Eric - wolfSSL Support
Hi Sijo,
Thanks for joining the wolfSSL Forums. I'd recommend checking out the wolfSSL example:
https://github.com/wolfSSL/wolfssl/tree/master/tirtos
In particular, you can follow the directions in:
https://github.com/wolfSSL/wolfssl-exam … /README.md
Let us know if there are questions.
Thanks,
Eric, wolfSSL Support
Hi khalesiakram,
Could you tell us a bit about your project?
Please check out the STM32 Cube Pack which we provide:
https://github.com/wolfSSL/wolfssl/tree … /STM32Cube
Let us know if there are any questions. You can also email support@wolfssl.com with any questions.
Thanks,
Eric, wolfSSL Support
Hello alex23,
Yes, certainly larger keys would take longer to break using brute force.
I recommend trying out the benchmarking utility to help determine the most performant key size / algorithm for your application.
https://github.com/wolfSSL/wolfssl/tree … /benchmark
Thanks,
Eric @ wolfSSL Support
Hi Alvaro,
Thanks for your kind words. This sounds like a very cool project!
We have examples of setting up wolfTPM to establish a TLS connection:
https://github.com/wolfSSL/wolfTPM/tree … amples/tls
wolfMQTT would then be able to use that connection natively:
https://github.com/wolfSSL/wolfMQTT/tre … mqttclient
I'd recommend sending an email to our support channel. This will allow us to better prioritize any questions you might have.
support@wolfssl.com
Kind regards,
Eric @ wolfSSL Support
wolfSSL - Embedded SSL Library → Posts by embhorn
Powered by PunBB, supported by Informer Technologies, Inc.
Generated in 0.025 seconds (85% PHP - 15% DB) with 4 queries