You are not logged in. Please login or register.
Please post questions or comments you have about wolfSSL products here. It is helpful to be as descriptive as possible when asking your questions.
ReferenceswolfSSL - Embedded SSL Library → Posts by anthony
Nevermind. Connected you and him via private email.
Warm regards, Anthony
Yes! Of course I will give you Jim's email contact. However, I am not willing to post his email address on a public forum. Please send a message to anthony@wolfssl.com and I will give it to you in a reply to that message.
Warm regards, Anthony
Hi jamest,
Lets protect your identity and confidentiality. Please send a message to support@wolfssl.com. There we can further discuss your use-case via a confidential channel. When you send that message, please reference this forum thread to link the context. Thank you.
Warm regards, Anthony
Hi,
Can I suggest starting with the simplest and known working examples and then moving to using PKCS11? Please have a look at these examples:
https://github.com/wolfSSL/wolfssl-exam … nt-tls13.c
https://github.com/wolfSSL/wolfssl-exam … er-tls13.c
Can you let us know a bit about yourself? We love learning about people that use our code.
- where are you located?
- what are your goals?
- is this out of personal, academic or professional interest?
- is there an organization associated with this work?
Warm regards, Anthony
Hi Chris,
How do you configure wolfSSL when you build it? Is there a place in your project where you can define macros? Do you have a user_settings.h file? You can define it in either of these places.
I'm so sorry for the delayed response here. Fortunately there is a place where we are far more responsive. Please send a message to support@wolfssl.com to get an official support ticket opened.
Unfortunately, no Jim is no longer part of the wolfSSL Team. If you would like to reach him, I can send him your email address. Open a support ticket and that will give us your email address and I can send it to him.
Warm regards, Anthony
handling this via support@wolfssl.com
Hi chrisj7903,
This is Anthony again. I remember helping you with a related issue early in 2025. I'm not sure of the root cause of this issue you are having.
Are you using AES on its own? As a quick workaround, you can build with the following macro defined to get around this:
WOLFCRYPT_ONLY
This should be okay for you as you are not using TLS. I remember that from our conversations last year.
Warm regards, Anthony
Hi,
my name is Anthony and I am a member of the wolfSSL team. I think these should helpful to you:
/* SNI received callback type */
typedef int (*CallbackSniRecv)(WOLFSSL *ssl, int *ret, void* exArg);
WOLFSSL_API void wolfSSL_CTX_set_servername_callback(WOLFSSL_CTX* ctx,
CallbackSniRecv cb);
WOLFSSL_API int wolfSSL_CTX_set_servername_arg(WOLFSSL_CTX* ctx, void* arg);Let me know if you need further clarifications.
Warm regards, Anthony
Hi DA.
Not exactly sure what kind of information you are looking to find out once its triggered. If you build in debug mode, once you see the return code in your application, you get turn on debug logging by calling wolfSSL_Debugging_ON().
Let me know if that suggestion is helpful.
Warm regards, Anthony
I think
#define HAVE_KYBER
and
#define HAVE_ML_KEM
Are incompatible. Please remove HAVE_KYBER
Hi,
My name is Anthony and I am a member of the wolfSSL team.
Do you need to include an options.h file or a user_settings.h file?
Can you tell us a bit more about your project? What are your goals?
Warm regards, Anthony
Hi David,
I noticed you've had past tickets on our support system. Can you please send the same message to support@wolfssl.com ?
Warm regards, Anthony
I concur. You can use our APIs to output what algorithms are used. But the gold standard is to have a packet sniffer (wireshark for example) confirm that you are actually doing a quantum-safe connection.
Hello SunnySunday and matemagico13,
my name is Anthony and I am a member of the wolfSSL team.
I built wolfSSL with the following configure line:
./configure --enable-dtls --enable-dtls13 --enable-mlkem --enable-dtls-frag-chThen I ran the example server and client as shown and got the output as shown:
$ ./examples/server/server -u -v 4 --pqc ML_KEM_1024
Using Post-Quantum KEM: ML_KEM_1024
SSL version is DTLSv1.3
SSL cipher suite is TLS_AES_256_GCM_SHA384
SSL curve name is ML_KEM_1024
Client message: hello wolfssl $ ./examples/client/client -u -v 4
SSL version is DTLSv1.3
SSL cipher suite is TLS_AES_256_GCM_SHA384
SSL curve name is ML_KEM_1024
I hear you fa shizzle!Note that the use of ML-KEM is clearly shown. I made no modifications to the code. Please let me know if you have further questions.
Warm regards, Anthony .
Hello SunnySunday,
My name is Anthony and I am a member of the wolfSSL team. I am not surprised by your results. Have you tried running our bench-marking application? You'll notice that ML-KEM is actually much faster than ECDHE. So while the processing time is faster, your transmission might be slower because of the increase in data going over the wire. As such, they will balance out and you get the results that you are seeing.
Warm regards, Anthony
These should be sufficient:
#define WOLFSSL_HAVE_MLKEM
#define WOLFSSL_WC_MLKEM
#define WOLFSSL_SHAKE128
#define WOLFSSL_SHAKE256
You will need shake 128 and 256
Hi Sunnysunday,
Did you mean ML-KEM?
You can use
WOLFSSL_API int wolfSSL_UseKeyShare(WOLFSSL* ssl, word16 group);The following values for group are good:
WOLFSSL_ML_KEM_512
WOLFSSL_ML_KEM_768
WOLFSSL_ML_KEM_1024
WOLFSSL_SECP256R1MLKEM768
WOLFSSL_X25519MLKEM768
WOLFSSL_SECP384R1MLKEM1024
WOLFSSL_SECP256R1MLKEM512
WOLFSSL_SECP384R1MLKEM768
WOLFSSL_SECP521R1MLKEM1024
WOLFSSL_X25519MLKEM512
WOLFSSL_X448MLKEM768
Warm regards, Anthony
I think you might find this useful:
https://github.com/wolfSSL/wolfssl/tree/master/Docker
Let me know if you have further questions.
Can you tell us about your project and goals?
Warm regards, Anthony
if "native", then gcc would be sufficient. Just about any C89 compliant compiler would be sufficient.
Perhaps you would prefer a secure and confidential communication channel. If so, please start the conversation by sending a message to support@wolfssl.com.
Can you let us know what build tools or toolchain you have available?
If you would like to try such a project, we would be happy to entertain a contribution. Let us know if you try to do it.
Warm regards, Anthony
Bryce,
in future, please direct questions to support@wolfssl.com .
Warm regards, Anthony
Hi ,
wc_AesGcmEncrypt() is what is known as a "one-shot" API; the whole AES algorithm is run in a single API call.
The file encryption example does not use that API. It uses wc_AesGcmEncryptInit(), wc_AesGcmEncryptUpdate(), and wc_AesGcmEncryptFinal(); this is known as a streaming API which allows the data to be encrypted to be fed in as chunks. This is useful if you are getting dtata in chunks and don't have the full content in a buffer before hand.
Warm regards, Anthony
wolfSSL - Embedded SSL Library → Posts by anthony
Powered by PunBB, supported by Informer Technologies, Inc.
Generated in 0.010 seconds (57% PHP - 43% DB) with 5 queries