You are not logged in. Please login or register.
Please post questions or comments you have about wolfSSL products here. It is helpful to be as descriptive as possible when asking your questions.
ReferenceswolfSSL - Embedded SSL Library → Posts by m_u_h
Pages 1
Hi Kareem,
Thanks for the clarification. We will give it a try.
Best Regards,
Hi,
I can manually trigger the POST in-core memory failure by modifying wolfengine library (as suggested by embhorn in a previous post). How can I manually trigger POST KAT failure ? Will removing symbolic link to wolfengine library from OpenSSL/engines directory a valid way of doing this test i.e. OpenSSL will not be able to load engine and run POST KAT tests ?
Thanks,
Hi Anthony,
Thanks a-lot for your quick reply and the very useful pointer. We are using Apache Web Server. I have now found out that Apache Web Server will have to be rebuild and re-configured to use external crypto engine e.g. wolfCrypt with OpenSSL i.e. "https://serverfault.com/questions/10594 … che-server".
Thanks Again for your help.
Best Regards,
Hi,
We are loading wolfCrypt Engine from OpenSSL configuration file. We have also enabled debug for wolfCrypt Engine. The wolfCrypt Engine is generating debug messages for SSH connection and other cryptographic operations.
However, wolfCrypt Engine is not generating debug messages for TLS handshake/connection (TLS connection is succeeding). Will OpenSSL use wolfCrypt Engine for TLS connections by default or some configuration is needed for this ?
Thanks,
Hi Kareem,
Thanks a-lot for quick reply and clarification.
Best Regards,
Hi,
We are using FIPS validated version of WolfCrypt with WolfEngine. We are loading WolfEngine from OpenSSL configuration.We have build cURL with OpenSSL. Do we also need to build cURL with WolfCrypt FIPS 140-2 ?
Thanks,
Hi Chris,
Thanks for your detailed reply. Yes, we are using FIPS validated version of wolfCrypt with wolfEngine. Does that mean that we don't have to set this option in configuration file ?
Best Regards,
Hi,
It is possible to enable wolfEngine FIPS checks by setting "enable_fips_checks" to 1. What is effect of enabling FIPS check ?
Thanks,
Thanks for the clarification. I will give it a go.
Best Regards,
Hi,
We are using wolengine with OpenSSL. We want to manually trigger wolfengine failure for testing power-up/self-tests behavior. What would be best way to do this ? Do wolfengine provide any API for this purpose ?
Thanks,
Hi Eric,
Thanks for the clarification. We will send support ticket to "support@wolfssl.com" for further clarification.
Best Regards,
Hi,
We have successfully build wolfengine with fips i.e. "--enable-fips=v2" and debug i.e. "--enable-debug" support on Linux machine. The OpenSSL configuration file has been updated to use wolfengine.
The OpenSSL is using the wolfengine by default. However, wolfengine is not blocking un-supported FIPS algorithms and it is still possible to use non-fips supported algorithms as shown below. Do we need to configure some parameter to enable fips for wolfengine ?
=========================================
Output of "openssl dgst -md4 test.txt" Command
==========================================
wolfEngine Leaving wolfengine_ctrl, return 1
wolfEngine Entering we_ciphers
wolfEngine Leaving we_ciphers, return 18
wolfEngine Entering we_digests
wolfEngine Leaving we_digests, return 6
wolfEngine Entering we_pkey
Returning 11 supported public key NIDs
wolfEngine Leaving we_pkey, return 11
MD4(test.txt)= 9a2a5dcb1fb54b8a97bd3c4d73a111e4 <========================
wolfEngine Entering we_pkey
Returning 11 supported public key NIDs
wolfEngine Leaving we_pkey, return 11
wolfEngine Entering we_pkey
wolfEngine Leaving we_pkey, return 1
wolfEngine Entering we_pkey
wolfEngine Leaving we_pkey, return 1
wolfEngine Entering we_pkey
wolfEngine Leaving we_pkey, return 1
wolfEngine Entering we_pkey
wolfEngine Leaving we_pkey, return 1
wolfEngine Entering we_pkey
wolfEngine Leaving we_pkey, return 1
wolfEngine Entering we_pkey
wolfEngine Leaving we_pkey, return 1
wolfEngine Entering we_pkey
wolfEngine Leaving we_pkey, return 1
wolfEngine Entering we_pkey
wolfEngine Leaving we_pkey, return 1
wolfEngine Entering we_pkey
wolfEngine Leaving we_pkey, return 1
wolfEngine Entering we_pkey
wolfEngine Leaving we_pkey, return 1
wolfEngine Entering we_pkey
wolfEngine Leaving we_pkey, return 1
wolfEngine Entering wolfengine_destroy
wolfEngine Entering we_final_random
wolfEngine Leaving we_final_random, return 1
wolfEngine Leaving wolfengine_destroy, return 1
===================================================
Output of openssl des -in test.txt -out encrypted.txt Command
================================ ===================
wolfEngine Leaving wolfengine_ctrl, return 1
wolfEngine Entering we_ciphers
wolfEngine Leaving we_ciphers, return 18
wolfEngine Entering we_digests
wolfEngine Leaving we_digests, return 6
wolfEngine Entering we_pkey
Returning 11 supported public key NIDs
wolfEngine Leaving we_pkey, return 11
enter des-cbc encryption password:
Verifying - enter des-cbc encryption password:
wolfEngine Entering we_rand_bytes
wolfEngine Entering we_rand_add_weak_entropy
wolfEngine Entering we_rand_mix_seed
wolfEngine Leaving we_rand_mix_seed, return 1
wolfEngine Leaving we_rand_add_weak_entropy, return 1
wolfEngine Leaving we_rand_bytes, return 1
wolfEngine Entering we_pkey
Returning 11 supported public key NIDs
wolfEngine Leaving we_pkey, return 11
wolfEngine Entering we_pkey
wolfEngine Leaving we_pkey, return 1
wolfEngine Entering we_pkey
wolfEngine Leaving we_pkey, return 1
wolfEngine Entering we_pkey
wolfEngine Leaving we_pkey, return 1
wolfEngine Entering we_pkey
wolfEngine Leaving we_pkey, return 1
wolfEngine Entering we_pkey
wolfEngine Leaving we_pkey, return 1
wolfEngine Entering we_pkey
wolfEngine Leaving we_pkey, return 1
wolfEngine Entering we_pkey
wolfEngine Leaving we_pkey, return 1
wolfEngine Entering we_pkey
wolfEngine Leaving we_pkey, return 1
wolfEngine Entering we_pkey
wolfEngine Leaving we_pkey, return 1
wolfEngine Entering we_pkey
wolfEngine Leaving we_pkey, return 1
wolfEngine Entering we_pkey
wolfEngine Leaving we_pkey, return 1
wolfEngine Entering wolfengine_destroy
wolfEngine Entering we_final_random
wolfEngine Leaving we_final_random, return 1
wolfEngine Leaving wolfengine_destroy, return 1
Thanks,
Hi Kareem,
Thanks for the clarification. We will re-try it after building it with ""--enable -debug" flag.
Best Regards,
Hi,
We are loading wolfEngine from an OpenSSL configuration file. The loading of engine is working. However, if we try to enable debug i.e. "enable_debug = 1" in configuration file then loading of engine fails and error messages are generated.
The error messages and relevant part of configuration is given below. What can be done to solve these error messages ?
==============
Error Messages
==============
Error configuring OpenSSL
139736640579472:error:260BC066:engine routines:INT_ENGINE_CONFIGURE:engine configuration error:eng_cnf.c:191:section=wolfssl_section, name=enable_debug, value=1
139736640579472:error:0E07606D:configuration file routines:MODULE_RUN:module initialization error:conf_mod.c:225:module=engines, value=engine_section, retcode=-1
====================
Part of Configuration
====================
openssl_conf = openssl_init
[openssl_init]
engines = engine_section
[engine_section]
wolfSSL = wolfssl_section
[wolfssl_section]
# If using OpenSSL <= 1.0.2, change engine_id to wolfengine (drop the "lib").
engine_id = wolfengine
dynamic_path = /path/libwolfengine.so
init = 1
# Use wolfEngine as the default for all algorithms it provides.
default_algorithms = ALL
# Only enable when debugging application - produces large amounts of output.
enable_debug = 1
Thanks,
Hi Kareem,
Thanks a-lot for quick reply and clarification.
Best Regards,
How can we view the results of Power on self–tests if wolfengine is reloaded on Linux system (wolfengine has already been build on it) ? Is it also possible to run this test on-demand without loading wolfengine ?
Pages 1
wolfSSL - Embedded SSL Library → Posts by m_u_h
Powered by PunBB, supported by Informer Technologies, Inc.
Generated in 0.018 seconds (95% PHP - 5% DB) with 5 queries