Topic: [SOLVED] BAD_STATE error when verifying SSL buffer

I'm running WolfSSL 3.12 compiled with keygen and fortress. Harden is disabled.

I am getting BAD_STATE_E (-192) every once in a while. I've never seen this when using the same code in 3.9.6. The sample code is:

#include "wolfssl/options.h"
#include "wolfssl/wolfcrypt/rsa.h"
#include "wolfssl/wolfcrypt/asn.h"
#include "wolfssl/wolfcrypt/aes.h"
#include "wolfssl/wolfcrypt/hmac.h"
#include "wolfssl/wolfcrypt/integer.h"


int rval;
RsaKey rsaKey;
rval = wc_RsaPublicKeyDecodeRaw(n, nLen, e, eLen, &rsaKey);
if (rval < 0) printf(...);

rval = wc_RsaSSL_Verify(pIn, inLen, pOut, outLen, &rsaKey);
if (rval < 0) printf(...);

The wc_RsaSSL_Verify call seems to fail about 50% of the time.

I've added the line ( = NULL) between the two wc_* functions which hasn't helped.
I added rsaKey.state = 0 in between the two functions, which seems to make the routine work 100% of the time.
I've seen the state variable be 32767, 32765, and 0.

Is there some other way I'm supposed to initialize the rsaKey variable? Is there maybe a configuration issue? It seems like the state isn't getting modified in the PublicKeyDecodeRaw function at all.


Re: [SOLVED] BAD_STATE error when verifying SSL buffer

Hi Colin,

For setting up the RSA key a call to wc_InitRsaKey(RsaKey* rsa, void* heap) should be made before the call to wc_RsaPublicKeyDecodeRaw. This will initialize the RSA structure values to there default for future use. My guess on the reason this worked in an earlier version and not in the more recent version is because of added elements in the RSA structure for additional features that have been added since the earlier wolfSSL version 3.9.6. Let us know if adding the wc_InitRsaKey function call does not resolve the issue.

Kind Regards,


Re: [SOLVED] BAD_STATE error when verifying SSL buffer


Thank you. That solves the issue.