You are not logged in. Please login or register.
Please post questions or comments you have about wolfSSL products here. It is helpful to be as descriptive as possible when asking your questions.
ReferenceswolfSSL - Embedded SSL Library → Posts by miglesias
Pages 1
Thank you, that worked 
I just assumed that forcing PSK-AES128-CCM-8 would activate the use of pre shared keys (-s) and ECDHE-ECDSA-AES128-CCM-8 would load the certificates from the default location with no need to add the options to the execute command (-c -A -k).
Thank you for your answer.
I'm working on this for my master's thesis.
I enabled PSK like you told me and when I run the example client I get both PSK-AES128-CCM-8 and ECDHE-ECDSA-AES128-CCM-8 are available.
I run the server
./examples/server/server -u -v 3 -iand the client
./examples/client/client -u -v 3and it works just fine, but with TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 suite. If I try to force the use of a certain cipher with -l option
./examples/client/client -u -v 3 -l PSK-AES128-CCM-8or
./examples/client/client -u -v 3 -l ECDHE-ECDSA-AES128-CCM-8 I get an error on the server side.
error = -501, can't match cipher suite
wolfSSL error: SSL_accept failedEven if I add the same option on the server
./examples/server/server -u -v 3 -i -l PSK-AES128-CCM-8:ECDHE-ECDSA-AES128-CCM-8Hello,
First of all, I'm new to criptography and security, so please, go easy on me
I'm doing some research on IoT protocols. I've a working tinydtls+libcoap example, and I'm trying to change the tinydtls part to wolfssl. To do that, first I want to connect a tinydtls client with a wolfssl server and vice versa. For that, I need to enable TLS_PSK_WITH_AES_128_CCM_8 and/or TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 suites, as they are the only ones that tinydtls support for now.
In the manual, https://www.wolfssl.com/wolfSSL/Docs-wo … tures.html, it says that both of them are supported in the AES-CCM cipher suites part.
AES-CCM cipher suites
TLS_RSA_WITH_AES_128_CCM_8_SHA256
TLS_RSA_WITH_AES_256_CCM_8_SHA384
TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8
TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8
TLS_PSK_WITH_AES_128_CCM
TLS_PSK_WITH_AES_256_CCM
TLS_PSK_WITH_AES_128_CCM_8
TLS_PSK_WITH_AES_256_CCM_8
I'm using version 3.8.1 of wolfssl and I don't se how can I enable these suites. If I configure (probably enabling more features than needed)
./configure --enable-dtls --enable-debug --enable-psk --enable-aesccm --enable-sslv3 --enable-ecc --enable-pwdbased --enable-tlsxand after compiling I run
./examples/client/client -eI get that the available suites are:
DHE-RSA-AES128-SHA
DHE-RSA-AES256-SHA
DHE-PSK-AES128-GCM-SHA256
DHE-PSK-AES128-CBC-SHA256
DHE-PSK-AES128-CCM
DHE-PSK-AES256-CCM
ECDHE-ECDSA-AES128-CCM-8
ECDHE-ECDSA-AES256-CCM-8
ECDHE-RSA-AES128-SHA
ECDHE-RSA-AES256-SHA
ECDHE-ECDSA-AES128-SHA
ECDHE-ECDSA-AES256-SHA
ECDHE-RSA-DES-CBC3-SHA
ECDHE-ECDSA-DES-CBC3-SHA
DHE-RSA-AES128-SHA256
DHE-RSA-AES256-SHA256
DHE-RSA-AES128-GCM-SHA256
ECDHE-RSA-AES128-GCM-SHA256
ECDHE-ECDSA-AES128-GCM-SHA256
ECDHE-RSA-AES128-SHA256
ECDHE-ECDSA-AES128-SHA256
ECDHE-RSA-CHACHA20-POLY1305
ECDHE-ECDSA-CHACHA20-POLY1305
DHE-RSA-CHACHA20-POLY1305
ECDHE-RSA-CHACHA20-POLY1305-OLD
ECDHE-ECDSA-CHACHA20-POLY1305-OLD
DHE-RSA-CHACHA20-POLY1305-OLD
ECDHE-PSK-AES128-CBC-SHA256
PSK-CHACHA20-POLY1305
ECDHE-PSK-CHACHA20-POLY1305
DHE-PSK-CHACHA20-POLY1305
In the README file of the source, it says:
wolfSSL as of 3.6.6 no longer enables SSLv3 by default. wolfSSL also no
longer supports static key cipher suites with PSK, RSA, or ECDH.
Does that mean that I can't use TLS_PSK_WITH_AES_128_CCM_8 and/or TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 with the 3.8.1 version or am I missing something?
Thank you in advance,
Markel
Pages 1
wolfSSL - Embedded SSL Library → Posts by miglesias
Powered by PunBB, supported by Informer Technologies, Inc.
Generated in 0.016 seconds (96% PHP - 4% DB) with 4 queries