Hi,

First, I run my routine to connect a mqtt server, and it ends with the server send me an Alert(-313). Then i search the internet and add an another OPTION "WOLFSSL_STATIC_RSA".  Now the error becomes  “KeyUse Digital Sig not set”(-383). What's more, I set my routine not verify the server's certificate.

The log pasted below:

wolfSSL Entering SSL_new
wolfSSL Leaving SSL_new, return 0
wolfSSL Entering SSL_set_fd
wolfSSL Entering SSL_set_read_fd
wolfSSL Leaving SSL_set_read_fd, return 1
wolfSSL Entering SSL_set_write_fd
wolfSSL Leaving SSL_set_write_fd, return 1
wolfSSL Entering wolfSSL_set_verify
wolfSSL Entering SSL_connect()
Adding signature algorithms extension
growing output buffer

Signature Algorithms extension to write
Point Formats extension to write
Elliptic Curves extension to write
[WOLFSSL]Sent data len = 220
Shrinking output buffer

connect state: CLIENT_HELLO_SENT
wolfSSL error occurred, error = -323
wolfSSL Entering SSL_get_error
wolfSSL Leaving SSL_get_error, return -323
[WOLFSSL]Error in wolfSSL_connect,ret = -1, err = 2 
// WANT_READ
wolfSSL Entering SSL_connect()
[WOLFSSL]Request recv len = 5, recvd data len = 5
growing input buffer


[WOLFSSL]Request recv len = 82, recvd data len = 82
received record layer msg
wolfSSL Entering DoHandShakeMsg()
wolfSSL Entering DoHandShakeMsgType
processing server hello
Point Formats extension received
wolfSSL Entering VerifyClientSuite
wolfSSL Leaving DoHandShakeMsgType(), return 0
wolfSSL Leaving DoHandShakeMsg(), return 0

[WOLFSSL]Request recv len = 5, recvd data len = 5
growing input buffer


[WOLFSSL]Request recv len = 772, recvd data len = 772
received record layer msg
wolfSSL Entering DoHandShakeMsg()
wolfSSL Entering DoHandShakeMsgType
processing certificate
wolfSSL Entering ProcessPeerCerts
Loading peer's cert chain
    Put another cert into chain
Verifying Peer's cert
wolfSSL Entering GetExplicitVersion
wolfSSL Entering GetSerialNumber
Got Cert Header
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Algo ID
Getting Cert Name
Date BEFORE check failed
Getting Cert Name
Got Subject Name
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Key
Parsed Past Key
wolfSSL Entering DecodeCertExtensions
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeBasicCaConstraint
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeKeyUsage
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeExtKeyUsage
wolfSSL Entering GetObjectId()
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Verified Peer's cert
KeyUse Digital Sig not set
wolfSSL Leaving ProcessPeerCerts, return -383
wolfSSL Leaving DoHandShakeMsgType(), return -383
wolfSSL Leaving DoHandShakeMsg(), return -383
wolfSSL error occurred, error = -383
wolfSSL Entering SSL_get_error
wolfSSL Leaving SSL_get_error, return -383
[WOLFSSL]Error in wolfSSL_connect,ret = -1, err = -383 

The code segment return the error(internal.c:8755):

                #if defined(OPENSSL_EXTRA)
                  /* when compatibility layer is turned on and no verify is
                   * set then ignore the certificate key extension */
                    if (args->dCert->extKeyUsageSet &&
                          args->dCert->extKeyUsageCrit == 0 &&
                          ssl->options.verifyNone) {
                        WOLFSSL_MSG("Not verifying certificate key usage");
                    }
                    else
                #endif
                if (args->dCert->extKeyUsageSet) {
                    if ((ssl->specs.kea == rsa_kea) &&
                        (ssl->options.side == WOLFSSL_CLIENT_END) &&
                        (args->dCert->extKeyUsage & KEYUSE_KEY_ENCIPHER) == 0) {
                        ret = KEYUSE_ENCIPHER_E;
                    }
                    if ((ssl->specs.sig_algo == rsa_sa_algo ||
                            (ssl->specs.sig_algo == ecc_dsa_sa_algo &&
                                 !ssl->specs.static_ecdh)) &&
                        (args->dCert->extKeyUsage & KEYUSE_DIGITAL_SIG) == 0) {
                        WOLFSSL_MSG("KeyUse Digital Sig not set");
                        ret = KEYUSE_SIGNATURE_E;
                    }
                }

The demo client in SDK can connect to the server successfully, but its flow is in the OPENSSL_EXTRA.

Wish someone can help me to solve the problem.

Thanks.

Hi Kaleb,

Thank you for your support, i finally find out the reason that there is something wrong with the OPTION:

#defined USE_FAST_MATH

I don't what actually happened, but now it's ok, this is it.

Thank you again.

Best Regards,

Elyhance

Hi Kaleb,

The value of ret is the same with title " -201: RsaUnPad error", and the log of crypt test put below:

[WOLFSSL]wolfSSL Entering wolfSSL_Init
[WOLFSSL]error    test passed!

[WOLFSSL]Bad end of line in Base64 Decode
[WOLFSSL]Bad Base64 Decode data, too small
[WOLFSSL]Bad Base64 Decode data, too big
[WOLFSSL]Bad Base64 Decode data, too small
[WOLFSSL]Bad Base64 Decode data, too big
[WOLFSSL]Bad Base64 Decode data, too small
[WOLFSSL]Bad Base64 Decode data, too big
[WOLFSSL]Bad Base64 Decode data, too small
[WOLFSSL]Bad Base64 Decode data, too big
[WOLFSSL]Escape buffer max too small
[WOLFSSL]base64   test passed!

[WOLFSSL]asn      test passed!

[WOLFSSL]MD5      test passed!

[WOLFSSL]MD4      test passed!

[WOLFSSL]SHA      test passed!

[WOLFSSL]SHA-256  test passed!

[WOLFSSL]SHA-384  test passed!

[WOLFSSL]SHA-512  test passed!

[WOLFSSL]Hash     test passed!

[WOLFSSL]HMAC-MD5 test passed!

[WOLFSSL]HMAC-SHA test passed!

[WOLFSSL]HMAC-SHA256 test passed!

[WOLFSSL]HMAC-SHA384 test passed!

[WOLFSSL]HMAC-SHA512 test passed!

[WOLFSSL]GMAC     test passed!

[WOLFSSL]ARC4     test passed!

[WOLFSSL]HC-128   test passed!

[WOLFSSL]Rabbit   test passed!

[WOLFSSL]Chacha   test passed!

[WOLFSSL]POLY1305 test passed!

[WOLFSSL]ChaCha20-Poly1305 AEAD test passed!

[WOLFSSL]DES      test passed!

[WOLFSSL]DES3     test passed!

[WOLFSSL]AES      test passed!

[WOLFSSL]AES192   test passed!

[WOLFSSL]AES256   test passed!

[WOLFSSL]AES-GCM  test passed!

[WOLFSSL]AES-CCM  test passed!

[WOLFSSL]RANDOM   test passed!

[WOLFSSL]GetLength value exceeds buffer length
[WOLFSSL]GetLength value exceeds buffer length
[WOLFSSL]GetLength value exceeds buffer length
[WOLFSSL]wc_SignatureGetSize: Invalid RsaKey key size
[WOLFSSL]RsaUnPad error, bad formatting
[WOLFSSL]ret = -201
[WOLFSSL]RSA      test failed!
 error = -5358

Warm Regards,

Elyhance

Hi Kaleb,

I ported the function

wolfcrypt_test()

to test Crypto Engines, and it show that Rsa test is failed, return error code is -5358.

[WOLFSSL]RSA      test failed!
 error = -5358

Maybe there is something go wrong when i port this library, such as the length of data types and so on. How to find out this "bug"?

Best Regards,

Elyhance

Hi Kaleb,

Thank you for your quickly reply again.

I just use it on an IoT device to encrypt the socket. The size of RSA key is 1024 bytes actually, and the Key is a temporary self-signed certificate as usually, anyway, a small key is not necessary. The demo client can connect to the server, which used the same certificate, thus i think the size of RSA key doesn't matter.

BTW, a 2048 bytes key generated to do a test, nothing has changed.

Best Regards,

Elyhance

Hi Kaleb,

Thanks U for your reply.
The length of RSA key is about 800 bytes. So it seems not

#define FP_MAX_BITS 8192

cause this error. And i try to add this option, it is also not work. The same options except OPENSSL_EXTATA were set in the demo client(under the examples directory),  witch was works well when I ran it on the visual studio 2015. I put the log for each:
Demo client:

Received data length = 799
received record layer msg
wolfSSL Entering DoHandShakeMsg()
wolfSSL Entering DoHandShakeMsgType
processing server hello
wolfSSL Entering VerifyClientSuite
wolfSSL Leaving DoHandShakeMsgType(), return 0
wolfSSL Leaving DoHandShakeMsg(), return 0
More messages in record
received record layer msg
wolfSSL Entering DoHandShakeMsg()
wolfSSL Entering DoHandShakeMsgType
processing certificate
wolfSSL Entering ProcessPeerCerts
Loading peer's cert chain
        Put another cert into chain
wolfSSL Entering GetExplicitVersion
wolfSSL Entering GetSerialNumber
Got Cert Header
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Algo ID
Getting Cert Name
Getting Cert Name
Got Subject Name
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Key
Parsed Past Key
wolfSSL Entering DecodeCertExtensions
wolfSSL Entering GetObjectId()
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Verifying Peer's cert
wolfSSL Entering GetExplicitVersion
wolfSSL Entering GetSerialNumber
Got Cert Header
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Algo ID
Getting Cert Name
Getting Cert Name
Got Subject Name
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Key
Parsed Past Key
wolfSSL Entering DecodeCertExtensions
wolfSSL Entering GetObjectId()
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Verified Peer's cert
wolfSSL Leaving ProcessPeerCerts, return 0
wolfSSL Leaving DoHandShakeMsgType(), return 0
wolfSSL Leaving DoHandShakeMsg(), return 0
More messages in record
received record layer msg
wolfSSL Entering DoHandShakeMsg()
wolfSSL Entering DoHandShakeMsgType
processing server key exchange
wolfSSL Entering DoServerKeyExchange
wolfSSL Entering RsaVerify
wolfSSL Leaving RsaVerify, return 35
wolfSSL Leaving DoServerKeyExchange, return 0
wolfSSL Leaving DoHandShakeMsgType(), return 0
wolfSSL Leaving DoHandShakeMsg(), return 0
More messages in record
received record layer msg
wolfSSL Entering DoHandShakeMsg()
wolfSSL Entering DoHandShakeMsgType
processing server hello done
wolfSSL Leaving DoHandShakeMsgType(), return 0
wolfSSL Leaving DoHandShakeMsg(), return 0
connect state: HELLO_AGAIN
connect state: HELLO_AGAIN_REPLY
connect state: FIRST_REPLY_DONE
connect state: FIRST_REPLY_FIRST
wolfSSL Entering SendClientKeyExchange
wolfSSL Entering EccMakeKey
wolfSSL Leaving EccMakeKey, return 0
wolfSSL Entering EccSharedSecret
wolfSSL Leaving EccSharedSecret, return 0
growing output buffer

Shrinking output buffer

wolfSSL Leaving SendClientKeyExchange, return 0
sent: client key exchange
connect state: FIRST_REPLY_SECOND
connect state: FIRST_REPLY_THIRD
growing output buffer

Shrinking output buffer

sent: change cipher spec
connect state: FIRST_REPLY_FOURTH
growing output buffer

wolfSSL Entering BuildMessage
wolfSSL Leaving BuildMessage, return 0
Shrinking output buffer

sent: finished
connect state: FINISHED_DONE
Received data length = 5
Received data length = 1
received record layer msg
got CHANGE CIPHER SPEC
Received data length = 5
Received data length = 96
received record layer msg
wolfSSL Entering DoHandShakeMsg()
wolfSSL Entering DoHandShakeMsgType
processing finished
wolfSSL Leaving DoHandShakeMsgType(), return 0
wolfSSL Leaving DoHandShakeMsg(), return 0
connect state: SECOND_REPLY_DONE
Shrinking input buffer

wolfSSL Leaving SSL_connect(), return 1
wolfSSL Entering SSL_get_peer_certificate
wolfSSL Entering X509_get_issuer_name
wolfSSL Entering wolfSSL_X509_NAME_oneline
wolfSSL Entering wolfSSL_X509_get_subject_name
wolfSSL Entering wolfSSL_X509_NAME_oneline
peer's cert info:
 issuer : /CNlocalhost
 subject: /CNlocalhost
wolfSSL Entering wolfSSL_X509_get_next_altname
wolfSSL Entering wolfSSL_X509_get_serial_number
 serial number:e7:6f:53:ed:7f:3a:7c:b4:47:8c:f6:13:31:88:f8:a3
wolfSSL Entering wolfSSL_FreeX509
wolfSSL Entering ExternalFreeX509
free called on non dynamic object, not freeing
wolfSSL Entering SSL_get_version
SSL version is TLSv1.2
wolfSSL Entering SSL_get_current_cipher
wolfSSL Entering SSL_CIPHER_get_name
wolfSSL Entering wolfSSL_get_cipher_name_from_suite
SSL cipher suite is TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
Client Random : A981EE2936288049300FA454B8601C84331C1248A09877373110462B852632CD

wolfSSL Entering SSL_write()
growing output buffer

wolfSSL Entering BuildMessage
wolfSSL Leaving BuildMessage, return 0
Shrinking output buffer

wolfSSL Leaving SSL_write(), return 14
wolfSSL Entering wolfSSL_read()
wolfSSL Entering wolfSSL_read_internal()
wolfSSL Entering ReceiveData()

my client:

[WOLFSSL]Request recv len = 799, recvd data len = 799
received record layer msg
wolfSSL Entering DoHandShakeMsg()
wolfSSL Entering DoHandShakeMsgType
processing server hello
wolfSSL Entering VerifyClientSuite
wolfSSL Leaving DoHandShakeMsgType(), return 0
wolfSSL Leaving DoHandShakeMsg(), return 0
More messages in record
received record layer msg
wolfSSL Entering DoHandShakeMsg()
wolfSSL Entering DoHandShakeMsgType
processing certificate
wolfSSL Entering ProcessPeerCerts
Loading peer's cert chain
    Put another cert into chain
Verifying Peer's cert
wolfSSL Entering GetExplicitVersion
wolfSSL Entering GetSerialNumber
Got Cert Header
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Algo ID
Getting Cert Name
Getting Cert Name
Got Subject Name
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Key
Parsed Past Key
wolfSSL Entering DecodeCertExtensions
wolfSSL Entering GetObjectId()
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Verified Peer's cert
wolfSSL Leaving ProcessPeerCerts, return 0
wolfSSL Leaving DoHandShakeMsgType(), return 0
wolfSSL Leaving DoHandShakeMsg(), return 0
More messages in record
received record layer msg
wolfSSL Entering DoHandShakeMsg()
wolfSSL Entering DoHandShakeMsgType
processing server key exchange
wolfSSL Entering DoServerKeyExchange
wolfSSL Entering RsaVerify
RsaUnPad error, bad formatting
wolfSSL Leaving RsaVerify, return -201
wolfSSL Leaving DoServerKeyExchange, return -201
wolfSSL Leaving DoHandShakeMsgType(), return -201
wolfSSL Leaving DoHandShakeMsg(), return -201
wolfSSL error occurred, error = -201
wolfSSL Entering SSL_get_error
    wolfSSL Leaving SSL_get_error, return -201
[WOLFSSL]error in wolfSSL_connect,ret = -1, err = -201 

wolfSSL Entering SSL_shutdown()
growing output buffer
Shrinking output buffer

wolfSSL Leaving SSL_shutdown(), return 2
wolfSSL Entering SSL_free
CTX ref count not 0 yet, no free
Shrinking input buffer

wolfSSL Leaving SSL_free, return 0

I'm so sad because it block me more than one week. It well be very nice if you can give me some more suggestions.
Best Regards.
Elyhance

What's more, I put my sample client's  log below:

wolfSSL Entering wolfSSL_Init
wolfSSL Entering wolfCrypt_Init
wolfSSL Entering WOLFSSL_CTX_new_ex
wolfSSL Entering wolfSSL_CertManagerNew
wolfSSL Leaving WOLFSSL_CTX_new, return 0
wolfSSL Entering wolfSSL_CTX_set_verify

/*after connecting to socket fd*/

wolfSSL Entering SSL_new
wolfSSL Leaving SSL_new, return 0
wolfSSL Entering SSL_set_fd
wolfSSL Entering SSL_set_read_fd
wolfSSL Leaving SSL_set_read_fd, return 1
wolfSSL Entering SSL_set_write_fd
wolfSSL Leaving SSL_set_write_fd, return 1
wolfSSL Entering wolfSSL_set_verify
wolfSSL Entering wolfSSL_SetHsDoneCb
wolfSSL Entering SSL_connect()
Adding signature algorithms extension
growing output buffer

Signature Algorithms extension to write
Point Formats extension to write
Elliptic Curves extension to write
Shrinking output buffer

connect state: CLIENT_HELLO_SENT
[Nu_recv] SOC READ WOULD BLOCK
wolfSSL error occurred, error = -323
wolfSSL Entering SSL_get_error
wolfSSL Leaving SSL_get_error, return -323

// Await asynchronous Read Message

wolfSSL Entering SSL_connect()
growing input buffer

received record layer msg
wolfSSL Entering DoHandShakeMsg()
wolfSSL Entering DoHandShakeMsgType
processing server hello
wolfSSL Entering VerifyClientSuite
wolfSSL Leaving DoHandShakeMsgType(), return 0
wolfSSL Leaving DoHandShakeMsg(), return 0
More messages in record
received record layer msg
wolfSSL Entering DoHandShakeMsg()
wolfSSL Entering DoHandShakeMsgType
processing certificate
wolfSSL Entering ProcessPeerCerts
Loading peer's cert chain
    Put another cert into chain
Verifying Peer's cert
wolfSSL Entering GetExplicitVersion
wolfSSL Entering GetSerialNumber
Got Cert Header
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Algo ID
Getting Cert Name
Getting Cert Name
Got Subject Name
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Key
Parsed Past Key
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Verified Peer's cert
wolfSSL Leaving ProcessPeerCerts, return 0
wolfSSL Leaving DoHandShakeMsgType(), return 0
wolfSSL Leaving DoHandShakeMsg(), return 0
More messages in record
received record layer msg
wolfSSL Entering DoHandShakeMsg()
wolfSSL Entering DoHandShakeMsgType
processing server key exchange
wolfSSL Entering DoServerKeyExchange
wolfSSL Entering RsaVerify
RsaUnPad error, bad formatting
wolfSSL Leaving RsaVerify, return -201
wolfSSL Leaving DoServerKeyExchange, return -201
wolfSSL Leaving DoHandShakeMsgType(), return -201
wolfSSL Leaving DoHandShakeMsg(), return -201
wolfSSL error occurred, error = -201
wolfSSL Entering SSL_get_error
wolfSSL Leaving SSL_get_error, return -201

wolfSSL Entering SSL_shutdown()
growing output buffer

Shrinking output buffer

wolfSSL Leaving SSL_shutdown(), return 2
wolfSSL Entering SSL_free
CTX ref count not 0 yet, no free
Shrinking input buffer

wolfSSL Leaving SSL_free, return 0

Thanks.

I'm having trouble on the wolfSSL_connect function, When DoServerKeyExchange,the server public key cannot be correctly parsed, and always return an error code -201.
I am setting the following in options in wolfcrypt/settings.h, and put them below the code

#ifdef WOLFSSL_USER_SETTINGS
    #include "user_settings.h"
#endif


#if defined(MY_NUCLEUS) 
    #define NO_MAIN_DRIVER
    #define SINGLE_THREADED

    #define XMALLOC_USER
    #define XMALLOC(sz, heap, type)         NU_MALLOC(sz)
    #define XREALLOC(p, nsz, heap, type)    NU_REALLOC(p, nsz)
    #define XFREE(p, heap, type)            NU_FREE(p)

    #define TIME_OVERRIDES
    #include <time.h>
    #define HAVE_TIME_T_TYPE
    #define HAVE_TM_TYPE
    #define XTIME(t)        NU_XTIME(t)
    #define XGMTIME(c, t)   NU_XGMTIME(c)

    #define DEBUG_WOLFSSL
    #define WOLFSSL_USER_LOG(s)    wolfssl_log_handler("[DEBUG MSG] = %s",s)

    #define SIZEOF_LONG_LONG 8
    #define BENCH_EMBEDDED
    #define NO_FILESYSTEM
    #define NO_WRITEV
    #define NO_WOLFSSL_SERVER
    #define NO_WOLFSSL_DIR
    #define NO_DEV_RANDOM           /* Different from CUSTOM_RAND_GENERATE_SEED ? */

    #define WOLFSSL_ALLOW_NO_SUITES
    #define WC_NO_HARDEN
    #define WC_RSA_BLINDING         /* No harden bulid warnning */

    #define HAVE_ECC
    #define ECC_TIMING_RESISTANT
    #define TFM_TIMING_RESISTANT    /* This will get rid of the large static arrays */
    #define HAVE_AESCCM
    #define HAVE_AESGCM
    #define USE_FAST_MATH  
    #define ALT_ECC_SIZE
    #define HAVE_CHACHA
    #define HAVE_POLY1305
    #define TFM_ECC192
    #define TFM_ECC224
    #define TFM_ECC256
    #define TFM_ECC384
    #define TFM_ECC521
    #define WOLFSSL_USER_IO
    #define WOLFSSL_SHA384
    #define WOLFSSL_SHA512
    #define RSA_DECODE_EXTRA
    #define HAVE_TLS_EXTENSIONS
    #define HAVE_SUPPORTED_CURVES
    #define WOLFSSL_DTLS
    #define HAVE_ONE_TIME_AUTH  /* Needed by CHACHA,POLY1305 */
    #define HAVE_FFDHE_2048     /* Added for DH */
#endif

I have no idea what's wrong,
I’d appreciate it if someone can help me.