I have a same error on Ubuntu 14.04.
But I compiled OK on Ubuntu 10 without error.


Thanks Kaleb smile


Before I had used Openssl, I replace openssl to wolfssl except one.

My system use below commands to make a encrypted private key.

$> openssl rsa -aes256 -in ./res/my.key -out ./res/my.key.out -passout pass:5678

Does wolfssl support a similar utility like openssl ?

cat my.key.out

Proc-Type: 4,ENCRYPTED
DEK-Info: AES-256-CBC,4B3E3307407EAAB21B7E1BC1D6560F7C






( related manual page -  https://www.wolfssl.com/wolfSSL/Docs-wo … backs.html  )

I want to use wolfSSL_connect_ex() and wolfSSL_accept_ex().
But I don't know valid build option for enable CYASSL_CALLBACKS define.

Could you answer for that?


Thank you moises.guimaraes. smile
I understood current status for SRP feature.
I will use another key exchange method instead of SRP.


I have some questions for SRP of wolfssl.

1st question

How I can build the srp feature in master version ?
1.    #> git clone https://github.com/wolfSSL/wolfssl.git
2.    #> ./configure --enable-srp
3.    #> bash: ./configure: No such file or directory

I can’t find configure  in source code folder.

2nd question
Do you have SRP client / server sample code ?
I can find a just single side sample.

3rd question

How to share a SRP structure between server and client?
In case opensssl, srp_ctx is a part of SSL structure, so user can access srp information like username and etc in both(client/server) side.

I marked my questions in below sample source.

https://github.com/wolfSSL/wolfssl/blob … est/test.c

Int srp_test(void)
        Srp cli, srv;
        int r;

        byte clientPubKey[80]; /* A */
        byte serverPubKey[80]; /* B */
        word32 clientPubKeySz = 80;
        word32 serverPubKeySz = 80;
        byte clientProof[SRP_MAX_DIGEST_SIZE]; /* M1 */
        byte serverProof[SRP_MAX_DIGEST_SIZE]; /* M2 */
        word32 clientProofSz = SRP_MAX_DIGEST_SIZE;
        word32 serverProofSz = SRP_MAX_DIGEST_SIZE;

        byte username[] = "user";
        word32 usernameSz = 4;

        byte password[] = "password";
        word32 passwordSz = 8;
        /* client knows username and password.   */
        /* server knows N, g, salt and verifier. */

                r = wc_SrpInit(&cli, SRP_TYPE_SHA, SRP_CLIENT_SIDE);
        if (!r) r = wc_SrpSetUsername(&cli, username, usernameSz);

        /* client sends username to server */ sad  sad  How to send username ?

        if (!r) r = wc_SrpInit(&srv, SRP_TYPE_SHA, SRP_SERVER_SIDE);
        if (!r) r = wc_SrpSetUsername(&srv, username, usernameSz);
        if (!r) r = wc_SrpSetParams(&srv, N,    sizeof(N),
                                          g,    sizeof(g),
                                          salt, sizeof(salt));
        if (!r) r = wc_SrpSetVerifier(&srv, verifier, sizeof(verifier));
        if (!r) r = wc_SrpGetPublic(&srv, serverPubKey, &serverPubKeySz);

        /* server sends N, g, salt and B to client */ sad  sad  How to send N ?

        if (!r) r = wc_SrpSetParams(&cli, N,    sizeof(N),
                                          g,    sizeof(g),
                                          salt, sizeof(salt));
        if (!r) r = wc_SrpSetPassword(&cli, password, passwordSz);
        if (!r) r = wc_SrpGetPublic(&cli, clientPubKey, &clientPubKeySz);
        if (!r) r = wc_SrpComputeKey(&cli, clientPubKey, clientPubKeySz,
                                           serverPubKey, serverPubKeySz);
        if (!r) r = wc_SrpGetProof(&cli, clientProof, &clientProofSz);

        /* client sends A and M1 to server */ sad  sad  How to send A and M1 ?

        if (!r) r = wc_SrpComputeKey(&srv, clientPubKey, clientPubKeySz,
                                           serverPubKey, serverPubKeySz);
        if (!r) r = wc_SrpVerifyPeersProof(&srv, clientProof, clientProofSz);
        if (!r) r = wc_SrpGetProof(&srv, serverProof, &serverProofSz);

        /* server sends M2 to client */  How to send M2 ?

        if (!r) r = wc_SrpVerifyPeersProof(&cli, serverProof, serverProofSz);


        return r;

4th question.
What function can I use instead of the SSL_CTX_set_srp_username_callback of OpenSSL?
SSL_CTX_set_srp_username_callback is a very important to know valid timing.