You are not logged in. Please login or register.
Please post questions or comments you have about wolfSSL products here. It is helpful to be as descriptive as possible when asking your questions.
ReferenceswolfSSL - Embedded SSL Library → Posts by embhorn
Hi nvbolhuis,
Thanks for contacting wolfSSL Support. We would be interested in learning more about this issue, and perhaps offering some optimizations for your configuration. I'd suggest sending an email to support@wolfssl.com to get started.
Thanks,
Eric - wolfSSL Support
Hello Mika,
Which version of wolfSSL are you building? Here is an example config used to run the PQC benchmarks on an STM32F439ZI
https://github.com/wolfSSL/wolfssl/blob … tm32f439zi
Could you tell us a bit about your project using wolfSSL?
Kind regards,
Eric - wolfSSL Support
Hi Neil,
Please open a support ticket by emailing support@wolfssl.com
From there we can better assist you.
Thanks,
Eric - wolfSSL Support
You can set the cipher list like this:
#define CIPHER_LIST "ECDHE-ECDSA-CHACHA20-POLY1305"
/* Set cipher list */
if ((ret = wolfSSL_CTX_set_cipher_list(ctx, CIPHER_LIST))
!= WOLFSSL_SUCCESS) {
fprintf(stderr, "ERROR: failed to set cipher list\n");
goto exit;
}You can print the available ciphers like this:
static void ShowCiphers(void)
{
static char ciphers[WOLFSSL_CIPHER_LIST_MAX_SIZE];
int ret = wolfSSL_get_ciphers(ciphers, (int)sizeof(ciphers));
if (ret == WOLFSSL_SUCCESS) {
printf("%s\n", ciphers);
}
}Hello Neil,
Yes those ciphers are supported wolfSSL v3.9.0. Do you have a packet capture and / or wolfSSL debug log of the succeeding and failing connections?
The server ultimately chooses the cipher suite based on the list sent during the client hello message of the TLS handshake.
Please feel free to open a support ticket by emailing support@wolfssl.com to get more detailed help.
Kind regards,
Eric - wolfSSL Support
Also, it's best to only use one config method, i.e. if you are trying to configure with user settings, do not supply the the other config options in the configure command, add those as defines in the user_settings.h file.
Hi Robert,
Welcome to the wolfSSL Forums.
That is strange. Could you share the user_settings.h that reproduces this? Which version of wolfSSL are you building?
It might be easier to open a support ticket by emailing support@wolfssl.com
Kind regards,
Eric - wolfSSL Support
Hi ethanhawkins,
Welcome to the wolfSSL Forums.
QoS 2 requires more round trips between the client and broker. On a lossy network, this could cause problems, but I would expect you'd also see issues with QoS 1 if that were the issue.
Are you using multiple threads? Or non-blocking sockets? Please share some details about the wolfMQTT configuration and the underlying TCP layer.
Could you tell us a bit about your project using wolfMQTT and where you are located for our support records? Feel free to open a support ticket by emailing support@wolfssl.com
Kind regards,
Eric - wolfSSL Support
Hello Mika,
Welcome to the wolfSSL Forums.
wolfSSL has native support for LwIP, so you do not need to set up the IO callbacks. I think that is where your issue is coming from. We actually have an excellent LwIP example that you'll find useful:
https://github.com/wolfSSL/wolfssl-exam … aster/lwip
For LwIP native tcp sockets, define `WOLFSSL_LWIP_NATIVE`
For LwIP sockets API, just use `WOLFSSL_LWIP`
Could you tell us a bit about your project using wolfSSL and where you are from for our support records?
Kind regards,
Eric - wolfSSL Support
Hello akr,
Welcome to the wolfSSL Forums.
There are a few ways to accomplish a reduction in the available ciphers. You can configure the library with `--enable-harden-tls`
Alternatively, you can specify the cipher list at run-time using the API `wolfSSL_CTX_set_cipher_list`
Here is an example:
https://github.com/wolfSSL/wolfssl-exam … ls-ecdhe.c
Could you tell us a bit about your project and where you are located for our support records? Please feel free to email us at support@wolfssl.com if you'd prefer to keep that private.
Kind regards,
Eric - wolfSSL
Hello mallenbach,
Welcome to the wolfSSL Forums!
Thanks for reaching out. Could you tell us a bit about your wolfBoot project and where you are located for our support statistics?
I am looping in a colleague to help with your question.
Kind regards,
Eric - wolfSSL Support
Also, could you please tell us a bit about your wolfMQTT project? We are always interested to hear about how its being used.
Thanks,
Eric
Hi Alice,
Thanks for contacting wolfSSL Support. Are you publishing from multiple threads? If so you'll need to enable mutex support with the multithread config option
--enable-mt (or define WOLFMQTT_MULTITHREAD)
Could you share the full configuration?
It might be easier for you to submit a support ticket by emailing support@wolfssl.com
Thanks,
Eric
Hi, welcome to the wolfSSL Forums!
That sounds like a feasible approach for managing the cert store. wolfSSL does include a cert manager component:
https://www.wolfssl.com/documentation/m … nager.html
If you have further questions, please feel free to use our support portal by emailing support@wolfssl.com
Kind regards,
Eric - wolfSSL Support
Hello krcenov,
Welcome to the wolfSSL Forums!
I see you are specifying `-DWOLFSSL_USER_SETTINGS` in the CFLAGS. But you are also adding settings using ./configure. These could be conflicting. We recommend using either the `user_settings.h` header, or `./configure` and generating the options.h header.
Are you including the settings header before any other wolfSSL includes?
Check out our examples repository:
https://github.com/wolfSSL/wolfssl-examples
Specifically:
https://github.com/wolfSSL/wolfssl-exam … callback.c
Can you tell us a bit about yourself and the project you are working on for our support records? Feel free to send an email to support@wolfssl.com for a more private correspondence.
Thanks,
Eric - wolfSSL Support
Hi bettylim
Welcome to the wolfSSL forums.
Are you using TLS? Which TCP stack are you using? wolfMQTT does not consume much in the way of resources.
Higher QoS increases the number of round trips required, but does not increase memory usage significantly.
The buffer sizes used should correlate with the average data payload size to optimize memory use. For large payloads, it would be optimal to set it to the TCP driver buffer size.
It would be helpful to discuss your specific project in more detail. Feel free to open a support ticket by emailing support@wolfssl.com
Thanks,
Eric - wolfSSL Support
Hi Sunny,
Cert creation form Dilthium keys is not currently supported in wolfCLU. We are working on some PQC cert functionality in wolfCLU. If you'd like to get this specific functionality developed, please send an email to support@wolfssl.com to make a formal feature request.
Thanks,
Eric
I'll need to confirm that wolfCLU can handle generating certs with PQC keys
Please try adding a define for `WOLFSSL_WC_DILITHIUM`
Hello Alex,
Thanks for contacting wolfSSL Support. Can you tell us a bit about your project using wolfBoot? Is this a personal or commercial effort?
I am requesting a review of this topic by our engineers.
Kind regards,
Eric - wolfSSL Support
Hi Ajith,
Is this related to a commercial effort which you have a support contract? If so, please send an email to support@wolfssl.com to open a proper support request.
Thanks,
Eric - wolfSSL Support
Hi Rick,
Thanks for joining the wolfSSL Forums. If this is for a commercial project, I suggest contacting our standard support channel by emailing support@wolfssl.com
First off, I would suggest testing a more recent version of the library, as v4.4.0 is quite dated and the issue you are seeing may have been resolved.
Kind regards,
Eric - wolfSSL Support
Hi Bryce,
Please send an email to support@wolfssl.com
This forum is not our preferred communication channel for customers.
Thanks,
Eric
Hi Bryce,
If you are using fast math, then you need to define FP_MAX_BITS to double the largest key size you intend to use.
So for using RSA 1024 bit keys, define FP_MAX_BITS to 2048
Let us know if that helps.
Thanks,
Eric - wolfSSL Support
Hi Jay,
Welcome to the wolfSSL Forums! Could you tell us a bit about your project using wolfMQTT?
I'd recommend starting with building the mqttclient example in VS. We did not create a VS project for the mqttsimple example.
The project settings for the example need to have the right pre-proccessor macros and include path set up. You can review the existing example projects to see the required settings.
Thanks,
Eric - wolfSSL Support
wolfSSL - Embedded SSL Library → Posts by embhorn
Powered by PunBB, supported by Informer Technologies, Inc.
Generated in 0.011 seconds (55% PHP - 45% DB) with 5 queries