1 Reply by carie

(1 replies, posted in wolfSSL)

Hi @y.vandongen,

Thanks for reaching out to wolfSSL. The "Buffer Queue error" received during ssl connection appears to be a WANT_READ error, which is expected, so it doesn't seem that would be related to the failing connection.

Have you tried building wolfSSL with debug enabled? Try defining DEBUG_WOLFSSL and call wolfSSL_Debugging_ON() at the start of the program. We would be happy to take a look at the output for you if you want to attach the debug log.

Best,

Carie Pointer
www.wolfssl.com

Go to forum: wolfSSL

2 Reply by carie

(1 replies, posted in wolfSSL)

Hi Alfonso,

We don't currently provide a generic DTLS negotiation option. The function wolfSSLv23_server_method will negotiate for a TLS version, but at the moment we don't have the same support for DTLS. However, if you would like to submit a feature request, feel free to send an email to support@wolfssl.com.

Thanks!

Carie

Go to forum: wolfSSL

3 Reply by carie

(3 replies, posted in wolfCrypt)

Hi @sryan,

There are several additional configuration options that can be disabled to help reduce footprint size. If you plan on using only SHA-256, we suggest disabling SHA-1 and SHA-384 in addition to SHA-512 and SHA-3.

Combined with your current configure options, I’ve listed some configure suggestions below that may be useful:
--disable-sha
--disable-sha384
--disable-sha512
--disable-aes
--disable-aesgcm
--disable-dh
--disable-asm

Is footprint size the main concern for your application? A couple of tradeoffs to consider: decreasing footprint size will generally slow down performance and stronger security typically involves a larger footprint and reduced performance. If performance isn’t an issue, then another suggestion is to define USE_SLOW_SHA256 and NO_INLINE in your CFLAGS.

Best,

Carie

Go to forum: wolfCrypt