1 Reply by embhorn

(2 replies, posted in wolfMQTT)

Hi bettylim

Welcome to the wolfSSL forums.

Are you using TLS? Which TCP stack are you using? wolfMQTT does not consume much in the way of resources.

Higher QoS increases the number of round trips required, but does not increase memory usage significantly.

The buffer sizes used should correlate with the average data payload size to optimize memory use. For large payloads, it would be optimal to set it to the TCP driver buffer size.

It would be helpful to discuss your specific project in more detail. Feel free to open a support ticket by emailing support@wolfssl.com

Thanks,
Eric - wolfSSL Support

Go to forum: wolfMQTT

2 Reply by embhorn

(4 replies, posted in wolfSSL)

Hi Sunny,

Cert creation form Dilthium keys is not currently supported in wolfCLU. We are working on some PQC cert functionality in wolfCLU. If you'd like to get this specific functionality developed, please send an email to support@wolfssl.com to make a formal feature request.

Thanks,
Eric

Go to forum: wolfSSL

3 Reply by embhorn

(4 replies, posted in wolfSSL)

I'll need to confirm that wolfCLU can handle generating certs with PQC keys

Go to forum: wolfSSL

4 Reply by embhorn

(4 replies, posted in wolfSSL)

Please try adding a define for `WOLFSSL_WC_DILITHIUM`

Go to forum: wolfSSL

5 Reply by embhorn

(3 replies, posted in wolfBoot)

Hello Alex,

Thanks for contacting wolfSSL Support. Can you tell us a bit about your project using wolfBoot? Is this a personal or commercial effort?

I am requesting a review of this topic by our engineers.

Kind regards,
Eric - wolfSSL Support

Go to forum: wolfBoot

6 Reply by embhorn

(1 replies, posted in wolfSSH)

Hi Ajith,

Is this related to a commercial effort which you have a support contract? If so, please send an email to support@wolfssl.com to open a proper support request.

Thanks,
Eric - wolfSSL Support

Go to forum: wolfSSH

7 Reply by embhorn

(1 replies, posted in General Inquiries)

Hi Rick,

Thanks for joining the wolfSSL Forums. If this is for a commercial project, I suggest contacting our standard support channel by emailing support@wolfssl.com

First off, I would suggest testing a more recent version of the library, as v4.4.0 is quite dated and the issue you are seeing may have been resolved.

Kind regards,
Eric - wolfSSL Support

Go to forum: General Inquiries

8 Reply by embhorn

(3 replies, posted in wolfCrypt)

Hi Bryce,

Please send an email to support@wolfssl.com

This forum is not our preferred communication channel for customers.

Thanks,
Eric

Go to forum: wolfCrypt

9 Reply by embhorn

(3 replies, posted in wolfCrypt)

Hi Bryce,

If you are using fast math, then you need to define FP_MAX_BITS to double the largest key size you intend to use.

So for using RSA 1024 bit keys, define FP_MAX_BITS to 2048

Let us know if that helps.

Thanks,
Eric - wolfSSL Support

Go to forum: wolfCrypt

10 Reply by embhorn

(2 replies, posted in wolfMQTT)

Hi Jay,

Welcome to the wolfSSL Forums! Could you tell us a bit about your project using wolfMQTT?

I'd recommend starting with building the mqttclient example in VS. We did not create a VS project for the mqttsimple example.

The project settings for the example need to have the right pre-proccessor macros and include path set up. You can review the existing example projects to see the required settings.

Thanks,
Eric - wolfSSL Support

Go to forum: wolfMQTT

11 Reply by embhorn

(3 replies, posted in wolfBoot)

Hi ClarkS,

Welcome to the wolfSSL Forums. Could you tell us a bit about your project using wolfBoot and where you are located for our support records?

Thanks,
Eric - wolfSSL Support

Go to forum: wolfBoot

12 Reply by embhorn

(1 replies, posted in wolfSSL)

Hi harlansisson745

Oftentimes this is a result of an invalid configuration or an include path issue. The OpenSSL compatibility layer API is enabled with

#define OPENSSL_EXTRA
#define OPENSSL_ALL

Can you let us know what version of wolfSSL you are using and the full configuration?

Can you tell us a bit about your project and where you are located for our support records?

Thanks,
Eric - wolfSSL Support

Go to forum: wolfSSL

13 Reply by embhorn

(2 replies, posted in wolfSSL)

Hello Max,

Welcome to the wolfSSL Forums. This is a great place to ask your questions. You are also welcome to use our support portal by emailing support@wolfssl.com

Are you building from the Zephyr folder?
https://github.com/wolfSSL/wolfssl/tree/master/zephyr

This uses the user_settings.h file for configuration.
https://github.com/wolfSSL/wolfssl/blob … settings.h

Zephyr should provide the RNG seed:
https://github.com/wolfSSL/wolfssl/blob … 3748-L3776

Thanks,
Eric - wolfSSL Support

Go to forum: wolfSSL

14 Reply by embhorn

(3 replies, posted in wolfSSL)

That's the gist of it. Basically enable crypto dev support, then call the the crypto operation with the device ID. Here are some more examples using the CAAM:
https://github.com/wolfSSL/wolfssl-exam … /caam/seco

Go to forum: wolfSSL

15 Reply by embhorn

(3 replies, posted in wolfSSL)

Hi fenster

Try enabling the ARM assembler support using `--enable-armasm`

If you need CAAM support, here is a guide:
https://www.wolfssl.com/documentation/m … r-nxp-caam

Thanks,
Eric - wolfSSL Support

Go to forum: wolfSSL

16 Reply by embhorn

(10 replies, posted in wolfSSL)

Hi Adam,

Thanks for contacting wolfSSL Support. I have requested a review of this topic by our engineers.

Kind regards,
Eric - wolfSSL Support

Go to forum: wolfSSL

17 Reply by embhorn

(2 replies, posted in wolfSSL)

Hi Happy,

Thanks for you interest in the wolfCLU project. Did you configure wolfSSL with --enable-crl ?

The CRL parser is capable of handling the command you mentioned:

./wolfssl crl -help
./wolfssl crl
-CAfile <ca file name>
-inform pem or der in format
-in the file to read from
-outform pem or der out format
-out output file to write to
-noout do not print output if set
-text output human readable text of CRL

Go to forum: wolfSSL

18 Reply by embhorn

(4 replies, posted in wolfMQTT)

Hi Robert,

Welcome to the wolfSSL Forums. Did you init the client structure?

https://github.com/wolfSSL/wolfMQTT/blo … #L211-L213

Could you tell us a bit about your project using wolfMQTT?

Thanks,
Eric - wolfSSL Support

Go to forum: wolfMQTT

19 Reply by embhorn

(1 replies, posted in wolfSSL)

Hi David,

Welcome to the wolfSSL Forums! Sounds like a very interesting project!

We do support SSL_set_session and SSL_get_session, and a quick look at the OpenSSL code shows that is the buik of the work being done in SSL_copy_session_id.

You could give it a shot at implementing the compatibility API, or if you'd like, you can email us at support@wolfssl.com to open a feature request.

Thanks,
Eric - wolfSSL Support

Go to forum: wolfSSL

20 Reply by embhorn

(4 replies, posted in cURL)

The "100Kb" footprint was achieved with a limited build only supporting pre-shared keys. In order to support certificates for normal TLS, you will need to adjust your footprint expectations. Is PSK a viable path forward for your project?

Go to forum: cURL

21 Reply by embhorn

(2 replies, posted in wolfSSL)

Hello Happy,

Do you have WOLFSSL_CRL_ALLOW_MISSING_CDP defined in the config, or are you using the callback to override the failure?

If you believe this to be a bug, please email support@wolfssl.com to create a ticket in our support system.

Thanks,
Eric - wolfSSL Support

Go to forum: wolfSSL

22 Reply by embhorn

(1 replies, posted in wolfBoot)

Hello sasitzar

Welcome to the wolfSSL forums. wolfHSM can utilize wolfCrypt to employ software versions of these PQC algorithms. I'll loop in an engineer for more insights.

Kind regards,
Eric - wolfSSL Support

Go to forum: wolfBoot

23 Reply by embhorn

(3 replies, posted in wolfSSL)

Since this is a commercial effort, I recommend creating a free presales support ticket by emailing support@wolfssl.com

From there we can help you determine why the broker is sending the alert.

Thanks,
Eric

Go to forum: wolfSSL

24 Reply by embhorn

(3 replies, posted in wolfSSL)

Hi tritdm

Welcome to the wolfSSL Forums. Could you tell us a bit about you project using wolfMQTT?

It seems like the broker is disconnecting during the TLS handshake? Is this a publicly available broker? You are using a non-standard port. Secure MQTT generally uses port 8883. It may be that the server requires an SNI extension. Here is an example of setting that up:
https://github.com/wolfSSL/wolfMQTT/blo … #L717-L725

Kind regards,
Eric - wolfSSL Support

Go to forum: wolfSSL

25 Reply by embhorn

(5 replies, posted in wolfSSL)

So if you are not using the autotools configure command, then you should be configuring with a file called user_settings.h and passing WOLFSSL_USER_SETTINGS to the project building wolfSSL. In this case there will not be an options.h file used.

Go to forum: wolfSSL