Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Wolfssl FIPS (library) hash update issue #8203

Open
volga629-1 opened this issue Nov 20, 2024 · 90 comments
Open

Wolfssl FIPS (library) hash update issue #8203

volga629-1 opened this issue Nov 20, 2024 · 90 comments
Assignees

Comments

@volga629-1
Copy link

volga629-1 commented Nov 20, 2024

Version

5.7.4 FIPS

Description

Configure

 ./configure --host=x86_64-w64-mingw32 --enable-reproducible-build --enable-keygen --enable-rsapss \
			--enable-secure-renegotiation --enable-fastmath \
			--enable-ed25519 --enable-curve25519 \
			--enable-debug \
			--enable-fips=ready \
			--enable-opensslall \
			--enable-ecc \
			--enable-ocsp \
			--enable-crl \
			--enable-psk \
			--disable-fpecc \
			--disable-aligndata \
			--disable-jni \
			--disable-crl-monitor\
			--disable-examples \
			LDFLAGS="-lws2_32 -lcrypt32 -Wl,-s -Wl,--gc-sections"

Issue

I follow the process and compiled wolfssl fips multiply times with different variations on windows and library not working correctly . When I tried to start strongswan it generate error -203

Here forum thread which provide full information what was done before

https://www.wolfssl.com/forums/post8085.html#p8085

Strongswan Start up with wolfssl dynamic library

$ ldd charon-svc.exe
        ntdll.dll => /c/Windows/SYSTEM32/ntdll.dll (0x7ffb75230000)
        KERNEL32.DLL => /c/Windows/System32/KERNEL32.DLL (0x7ffb73c10000)
        KERNELBASE.dll => /c/Windows/System32/KERNELBASE.dll (0x7ffb726b0000)
        ADVAPI32.dll => /c/Windows/System32/ADVAPI32.dll (0x7ffb73890000)
        msvcrt.dll => /c/Windows/System32/msvcrt.dll (0x7ffb73e70000)
        sechost.dll => /c/Windows/System32/sechost.dll (0x7ffb73530000)
        bcrypt.dll => /c/Windows/System32/bcrypt.dll (0x7ffb72c10000)
        RPCRT4.dll => /c/Windows/System32/RPCRT4.dll (0x7ffb73720000)
        WS2_32.dll => /c/Windows/System32/WS2_32.dll (0x7ffb739b0000)
        fwpuclnt.dll => /c/Windows/SYSTEM32/fwpuclnt.dll (0x7ffb6f0e0000)
        IPHLPAPI.DLL => /c/Windows/SYSTEM32/IPHLPAPI.DLL (0x7ffb70d10000)
        libwolfssl-42.dll => /home/volga629/strongswan-5.9.14/strongswan-sec/libwolfssl-42.dll (0x7ffb148f0000)
        CRYPT32.dll => /c/Windows/System32/CRYPT32.dll (0x7ffb72540000)
        ucrtbase.dll => /c/Windows/System32/ucrtbase.dll (0x7ffb72d00000)
        WINHTTP.dll => /c/Windows/SYSTEM32/WINHTTP.dll (0x7ffb6e9c0000)
        libgcc_s_seh-1.dll => /mingw64/bin/libgcc_s_seh-1.dll (0x7ffb485b0000)
        libdl.dll => /mingw64/bin/libdl.dll (0x7ffb4b4d0000)
        libunbound-8.dll => /mingw64/bin/libunbound-8.dll (0x7ffb14050000)
        libldns-3.dll => /mingw64/bin/libldns-3.dll (0x7ffb335f0000)
        libwinpthread-1.dll => /mingw64/bin/libwinpthread-1.dll (0x7ffb43380000)
        libssl-3-x64.dll => /mingw64/bin/libssl-3-x64.dll (0x7ffb21d30000)
        libcrypto-3-x64.dll => /mingw64/bin/libcrypto-3-x64.dll (0x26be2410000)
        libcrypto-3-x64.dll => /mingw64/bin/libcrypto-3-x64.dll (0x26be28f0000)
        libcrypto-3-x64.dll => /mingw64/bin/libcrypto-3-x64.dll (0x7ffb05a80000)
        USER32.dll => /c/Windows/System32/USER32.dll (0x7ffb73a30000)
        win32u.dll => /c/Windows/System32/win32u.dll (0x7ffb72e20000)
        GDI32.dll => /c/Windows/System32/GDI32.dll (0x7ffb73be0000)
        gdi32full.dll => /c/Windows/System32/gdi32full.dll (0x7ffb72af0000)
        msvcp_win.dll => /c/Windows/System32/msvcp_win.dll (0x7ffb72ec0000)

volg629@Desktop1 MSYS ~/strongswan-5.9.14/strongswan-sec
$ ./charon-svc.exe
Starting Power On Self Test
Pre-Operational Self Test FAILURE
00[DMN] Starting IKE service charon-svc (strongSwan 5.9.14, Windows Client 10.0.22621 (SP 0.0))
00[LIB] wolfssl FIPS mode unavailable (-203)
00[LIB] plugin 'wolfssl': failed to load - wolfssl_plugin_create returned NULL
00[LIB] feature CUSTOM:libcharon in critical plugin 'charon-svc' has unmet dependency: NONCE_GEN
00[LIB] feature CUSTOM:libcharon-receiver in critical plugin 'charon-svc' has unmet dependency: HASHER:HASH_SHA1
00[LIB] feature CUSTOM:libcharon-sa-managers in critical plugin 'charon-svc' has unmet dependency: HASHER:HASH_SHA1
00[CFG] failed to read the resolver config: error reading file (No such file or directory)
00[CFG] failed to create a DNS resolver instance
00[LIB] failed to load 3 critical plugin features

Wolfssl crypt produce error when try generate hash

$ ./wolfcrypt/test/testwolfcrypt
------------------------------------------------------------------------------
 wolfSSL version 5.7.4
------------------------------------------------------------------------------
FIPS module version in use: wolfCrypt v7.0.0
error    test passed!
wolfSSL Entering memory_test
MEMORY   test passed!
wolfSSL Entering base64_test
Bad Base64 Decode data, too small
Bad Base64 Decode data, too small
Bad Base64 Decode data, too big
Bad Base64 Decode data, too small
Bad Base64 Decode data, too big
Bad Base64 Decode data, too small
Bad Base64 Decode data, too big
Bad Base64 Decode data, too small
Bad Base64 Decode data, too big
Bad Base64 Decode data, too small
Bad Base64 Decode data, too small
Bad Base64 Decode data, too small
Bad Base64 Decode data, too small
Bad Base64 Decode data, too small
Bad Base64 Decode data, too small
Bad Base64 Decode data, too small
Bad Base64 Decode data, too small
Bad Base64 Decode data, too small
Bad Base64 Decode data, too small
Bad Base64 Decode data, too small
Bad Base64 Decode data, too small
Bad end of line in Base64 Decode
Bad Base64 Decode data, too big
Bad Base64 Decode data, too big
Bad Base64 Decode data, too big
Bad Base64 Decode data, too big
Bad Base64 Decode data, too big
Bad Base64 Decode data, too big
Bad Base64 Decode data, too big
Escape buffer max too small
base64   test passed!
wolfSSL Entering base16_test
base16   test passed!
wolfSSL Entering asn_test
asn      test passed!
wolfSSL Entering random_test
in my Fips callback, ok = 0, err = -197
message = FIPS mode not allowed error
hash =
RANDOM   test failed!
 error L=17866 code=-197 (FIPS mode not allowed error)
 [fiducial line numbers: 9103 28041 46740 59294]
wolfSSL Entering wolfCrypt_Cleanup
Exiting main with return code: -1

or this

Escape buffer max too small
base64   test passed!
wolfSSL Entering base16_test
base16   test passed!
wolfSSL Entering asn_test
asn      test passed!
wolfSSL Entering random_test
in my Fips callback, ok = 0, err = -203
message = In Core Integrity check FIPS error
hash = 11FC92013108BCB799AF1141F7BE8EB3E314240A8985736469BBDC33D5A94A0C
In core integrity hash check failure, copy above hash
into verifyCore[] in fips_test.c and rebuild
RANDOM   test failed!
 error L=17866 code=-197 (FIPS mode not allowed error)
 [fiducial line numbers: 9103 28041 46740 59294]
wolfSSL Entering wolfCrypt_Cleanup
Exiting main with return code: -1
@anhu anhu self-assigned this Nov 20, 2024
@anhu
Copy link
Member

anhu commented Nov 20, 2024

Hi @volga629-1 ,

This is the procedure:

unzip wolfssl-5.7.2-gplv3-fips-ready.zip
cd wolfssl-5.7.2-gplv3-fips-ready
./configure --enable-fips=ready
make
./fips_hash.sh
make
make check 

You should probably try it on Linux as a sanity check. Then once you have it working with strongswan on linux, move to windows.

Here at wolfSSL we love knowing how people are using our software source code. Can you let us know a bit about yourself and this project? For example:

  • where are you located?
  • what are your goals?
  • is this out of personal, academic or professional interest?

Please do let us know.

Warm regards, Anthony

@volga629-1
Copy link
Author

volga629-1 commented Nov 20, 2024

I can reproduce same problem on Linux Fedora 39
I compiled same way just generated RPM's.


[root@canldev01-fedora39 ~]# systemctl status strongswan
× strongswan.service - strongSwan IPsec IKEv1/IKEv2 daemon using swanctl
     Loaded: loaded (/usr/lib/systemd/system/strongswan.service; disabled; preset: disabled)
    Drop-In: /usr/lib/systemd/system/service.d
             └─10-timeout-abort.conf
     Active: failed (Result: exit-code) since Wed 2024-11-20 13:40:13 EST; 7s ago
    Process: 1614492 ExecStart=/usr/sbin/charon-systemd (code=exited, status=66)
   Main PID: 1614492 (code=exited, status=66)
     Status: "charon initialization failed"
        CPU: 22ms

Nov 20 13:40:13 canldev01-fedora39.networklab.prod charon-systemd[1614492]: wolfssl FIPS mode unavailable (-203)
Nov 20 13:40:13 canldev01-fedora39.networklab.prod charon-systemd[1614492]: plugin 'wolfssl': failed to load - wolfssl_plugin_create returned NULL
Nov 20 13:40:13 canldev01-fedora39.networklab.prod charon-systemd[1614492]: created TUN device: ipsec0
Nov 20 13:40:13 canldev01-fedora39.networklab.prod charon-systemd[1614492]: feature CUSTOM:libcharon in critical plugin 'charon-systemd' has unmet dependency: NONCE_GEN
Nov 20 13:40:13 canldev01-fedora39.networklab.prod charon-systemd[1614492]: feature CUSTOM:libcharon-receiver in critical plugin 'charon-systemd' has unmet dependency: HASHER:HASH_SHA1
Nov 20 13:40:13 canldev01-fedora39.networklab.prod charon-systemd[1614492]: feature CUSTOM:libcharon-sa-managers in critical plugin 'charon-systemd' has unmet dependency: HASHER:HASH_SHA1
Nov 20 13:40:13 canldev01-fedora39.networklab.prod charon-systemd[1614492]: failed to load 3 critical plugin features
Nov 20 13:40:13 canldev01-fedora39.networklab.prod systemd[1]: strongswan.service: Main process exited, code=exited, status=66/NOINPUT
Nov 20 13:40:13 canldev01-fedora39.networklab.prod systemd[1]: strongswan.service: Failed with result 'exit-code'.
Nov 20 13:40:13 canldev01-fedora39.networklab.prod systemd[1]: Failed to start strongswan.service - strongSwan IPsec IKEv1/IKEv2 daemon using swanctl.
[root@canldev01-fedora39 ~]# 

[root@canldev01-fedora39 ~]# rpm -ql wolfssl-fips
/usr/lib/.build-id
/usr/lib/.build-id/21
/usr/lib/.build-id/21/47f569a7fb46cb83bff3a052dfc46d3143bdfd
/usr/lib64/libwolfssl.so
/usr/lib64/libwolfssl.so.42
/usr/lib64/libwolfssl.so.42.3.0
/usr/share/doc/wolfssl-fips
/usr/share/doc/wolfssl-fips/AUTHORS
/usr/share/doc/wolfssl-fips/COPYING
/usr/share/doc/wolfssl-fips/ChangeLog.md
/usr/share/doc/wolfssl-fips/README
/usr/share/doc/wolfssl-fips/README.md
/usr/share/doc/wolfssl/QUIC.md
/usr/share/doc/wolfssl/README.txt
/usr/share/doc/wolfssl/example/async_client.c
/usr/share/doc/wolfssl/example/async_server.c
/usr/share/doc/wolfssl/example/client.c
/usr/share/doc/wolfssl/example/echoclient.c
/usr/share/doc/wolfssl/example/echoserver.c
/usr/share/doc/wolfssl/example/sctp-client-dtls.c
/usr/share/doc/wolfssl/example/sctp-client.c
/usr/share/doc/wolfssl/example/sctp-server-dtls.c
/usr/share/doc/wolfssl/example/sctp-server.c
/usr/share/doc/wolfssl/example/server.c
/usr/share/doc/wolfssl/example/tls_bench.c
/usr/share/doc/wolfssl/taoCert.txt

@anhu
Copy link
Member

anhu commented Nov 20, 2024

When you do that, is it running ./fips_hash.sh to regenerated the fips hash?

@anhu
Copy link
Member

anhu commented Nov 20, 2024

Can you please help us prioritize this request by telling us about yourself and your project?

@volga629-1
Copy link
Author

Yes, 100% , here are spec file

%build
# --enable-tlsv10
#--enable-wpas \
#--enable-all-crypto \
#--enable-writedup \
autoreconf -i
%configure --enable-all \
           --enable-reproducible-build \
           --enable-secure-renegotiation --enable-fastmath \
           --enable-ed25519 --enable-curve25519 \
           --enable-opensslall \
           --enable-ecc \
           --enable-ocsp \
           --disable-fpecc \
           --disable-aligndata \
           --disable-static \
           --disable-jni \
           --disable-crl-monitor\
           --disable-examples \
           --enable-opensslextra \
           --enable-all-crypto \
           --enable-tlsv10 \
           --enable-shared \
           --enable-secure-renegotiation \
%if %{build_fips}
           --enable-fips=ready \
%endif
           CFLAGS="-DWOLFSSL_STATIC_RSA" \
           C_EXTRA_FLAGS="-fPIC"

%if %{build_fips}
%{__make} %{?_smp_mflags}
if [ "no" = "yes" ]
then
echo Updating wolfSSL FIPS hash
bash -x  ./fips-hash.sh
%{__make} %{?_smp_mflags}
fi
%else
 %{__make} %{?_smp_mflags}
%endif

@anhu
Copy link
Member

anhu commented Nov 20, 2024

Can you first simply run the steps that I specified earlier:

unzip wolfssl-5.7.2-gplv3-fips-ready.zip
cd wolfssl-5.7.2-gplv3-fips-ready
./configure --enable-fips=ready
make
./fips_hash.sh
make
make check 

@volga629-1
Copy link
Author

Can you please help us prioritize this request by telling us about yourself and your project?

Yes, please provide email and I will provide you info.

@volga629-1
Copy link
Author

I will try to simplify, but I need to stick with RPM system, because I can't tell 100% if there are issue when I need to repoint build to non standard locations.

FIPs hash update

CC       src/libwolfssl_la-tls13.lo
  CC       src/libwolfssl_la-ocsp.lo
  CC       src/libwolfssl_la-crl.lo
  CC       src/libwolfssl_la-quic.lo
  CC       src/libwolfssl_la-dtls.lo
  CC       wolfcrypt/test/test.o
  CCLD     src/libwolfssl.la
  CCLD     wolfcrypt/benchmark/benchmark
  CCLD     wolfcrypt/test/testwolfcrypt
make[2]: Leaving directory '/home/volga629/rpmbuild/BUILD/wolfssl-fips-5.7.4'
make[1]: Leaving directory '/home/volga629/rpmbuild/BUILD/wolfssl-fips-5.7.4'
+ echo Updating wolfSSL FIPS hash
Updating wolfSSL FIPS hash
+ bash -x ./fips-hash.sh
+ test '!' -x ./wolfcrypt/test/testwolfcrypt
+ test '!' -s ./wolfcrypt/src/fips_test.c
++ ./wolfcrypt/test/testwolfcrypt
++ sed -n 's/hash = \(.*\)/\1/p'
+ NEWHASH=E8231EC26852ADCAB614EC10A58EBBC00C766C87849B61872C32A33B831FCF3A
+ test -n E8231EC26852ADCAB614EC10A58EBBC00C766C87849B61872C32A33B831FCF3A
+ cp wolfcrypt/src/fips_test.c wolfcrypt/src/fips_test.c.bak
+ sed 's/^".*";/"E8231EC26852ADCAB614EC10A58EBBC00C766C87849B61872C32A33B831FCF3A";/' wolfcrypt/src/fips_test.c.bak
+ /usr/bin/make -j4
/usr/bin/make -j5  all-recursive
make[1]: Entering directory '/home/volga629/rpmbuild/BUILD/wolfssl-fips-5.7.4'
make[1]: warning: -j5 forced in submake: resetting jobserver mode.
make[2]: Entering directory '/home/volga629/rpmbuild/BUILD/wolfssl-fips-5.7.4'
make[2]: warning: -j5 forced in submake: resetting jobserver mode.
  CC       wolfcrypt/src/src_libwolfssl_la-fips_test.lo
  CCLD     src/libwolfssl.la
  CCLD     wolfcrypt/benchmark/benchmark
  CCLD     wolfcrypt/test/testwolfcrypt
make[2]: Leaving directory '/home/volga629/rpmbuild/BUILD/wolfssl-fips-5.7.4'
make[1]: Leaving directory '/home/volga629/rpmbuild/BUILD/wolfssl-fips-5.7.4'
+ RPM_EC=0
++ jobs -p
+ exit 0
Executing(%install): /bin/sh -e /var/tmp/rpm-tmp.Bu3s6T
+ umask 022
+ cd /home/volga629/rpmbuild/BUILD
+ '[' /home/volga629/rpmbuild/BUILDROOT/wolfssl-fips-5.7.4-3.fc39.x86_64 '!=' / ']'

@volga629-1
Copy link
Author

I recompiled again clean state and this time wolfssl loaded correctly.
Strongswan started with wolfssl fips.
I am not sure of possible to confirm which crypto engine is in use by strongswan

[root@canldev01-fedora39 charon]# swanctl --stats
plugin 'sqlite': failed to load - sqlite_plugin_create not found and no plugin file available
uptime: 56 seconds, since Nov 20 14:23:25 2024
worker threads: 16 total, 7 idle, working: 4/0/5/0
job queues: 0/0/0/0
jobs scheduled: 0
IKE_SAs: 0 total, 0 half-open
mallinfo: sbrk 2555904, mmap 266240, used 431488, free 2124416
loaded plugins: charon-systemd unbound sha2 nonce pubkey ipseckey wolfssl curve25519 kernel-libipsec kernel-netlink socket-default bypass-lan vici counters

@anhu
Copy link
Member

anhu commented Nov 20, 2024

@volga629-1 ,

Yes, please provide email and I will provide you info.

You can reach me at [email protected] . I look forward to your message.

Warm regards, Anthony

@volga629-1
Copy link
Author

When I compile on Windows same think fips hash update empty

*** libtool will only create a static version of it.
  CCLD     wolfcrypt/benchmark/benchmark.exe
  CCLD     wolfcrypt/test/testwolfcrypt.exe
make[2]: Leaving directory '/home/slava.bendersky/strongswan-5.9.14/wolfssl-5.7.4-gplv3-fips-ready'
make[1]: Leaving directory '/home/slava.bendersky/strongswan-5.9.14/wolfssl-5.7.4-gplv3-fips-ready'

slava.bendersky@VDT-SlavaB MSYS ~/strongswan-5.9.14/wolfssl-5.7.4-gplv3-fips-ready
$ bash -x ./fips-hash.sh
+ test '!' -x ./wolfcrypt/test/testwolfcrypt
+ test '!' -s ./wolfcrypt/src/fips_test.c
++ ./wolfcrypt/test/testwolfcrypt
++ sed -n 's/hash = \(.*\)/\1/p'
+ NEWHASH=
+ test -n ''

@anhu
Copy link
Member

anhu commented Nov 20, 2024

Please look in the fips-hash.sh script to see what it is doing. Basically it, run the tests, and lets them fail and the fail message will give you the new hash. Are you getting the fail message with the new hash?

@volga629-1
Copy link
Author

I rebuilt Windows version one time and still fips hash is not updating properly.
I see that new hash is generated and updates the right file, but strongswan on load always get -203

$ ./wolfcrypt/test/testwolfcrypt
------------------------------------------------------------------------------
 wolfSSL version 5.7.4
------------------------------------------------------------------------------
FIPS module version in use: wolfCrypt v7.0.0
error    test passed!
MEMORY   test passed!
base64   test passed!
base16   test passed!
asn      test passed!
in my Fips callback, ok = 0, err = -203
message = In Core Integrity check FIPS error
hash = 2CFD1B08B615068E2AD24A0E8CD9B00423414684111A76F1C0DA241068119C34
In core integrity hash check failure, copy above hash
into verifyCore[] in fips_test.c and rebuild
RANDOM   test failed!
 error L=17866 code=-197 (FIPS mode not allowed error)
 [fiducial line numbers: 9103 28041 46740 59294]
Exiting main with return code: -1

@volga629-1
Copy link
Author

Can you please post dependency for windows ?
I want to validate that I am not missing anything.
I sent you email with details.

@volga629-1
Copy link
Author

volga629-1 commented Nov 21, 2024

@anhu Should I try downgrade wolfssl ? I so that you use 5.7.2

I think might be related

			--build=x86_64-w64-mingw32 \
			--host=x86_64-w64-mingw32 \

@anhu
Copy link
Member

anhu commented Nov 21, 2024

No need, 5.7.4 is fine. There are no dependencies for windows. However, it would be better if you used visual studio. Can you do that? Our visual studio solution is very simple.

@anhu
Copy link
Member

anhu commented Nov 21, 2024

5.7.2 is what I had on hand.

@volga629-1
Copy link
Author

I can't use visual studio, because need customize options for strongswan support, unless need adjust user_options.h.
I tried before and had similar issue.

@anhu
Copy link
Member

anhu commented Nov 21, 2024

Yes, that is how you would do it. First you build on linux and make sure strongswan works there. Then you look at the options.h that is generated on linux and use that as a guide to figure out what kind of changes you need to make in user_settings.h on windows.

@anhu
Copy link
Member

anhu commented Nov 21, 2024

Lets take your fips hash problems out of the equation first. You can do this: --enable-fips=disabled

@anhu
Copy link
Member

anhu commented Nov 21, 2024

Please also note that you're rpm never executes the fips_hash.sh

@volga629-1
Copy link
Author

RPM process execute fips_hash.sh and strongswan is loading the wolfssl fips library not issue

CC       src/libwolfssl_la-ssl.lo
  CC       src/libwolfssl_la-tls.lo
  CC       src/libwolfssl_la-tls13.lo
  CC       src/libwolfssl_la-ocsp.lo
  CC       src/libwolfssl_la-crl.lo
  CC       src/libwolfssl_la-quic.lo
  CC       src/libwolfssl_la-dtls.lo
  CC       wolfcrypt/test/test.o
  CCLD     src/libwolfssl.la
  CCLD     wolfcrypt/benchmark/benchmark
  CCLD     wolfcrypt/test/testwolfcrypt
make[2]: Leaving directory '/home/volga629/rpmbuild/BUILD/wolfssl-fips-5.7.4'
make[1]: Leaving directory '/home/volga629/rpmbuild/BUILD/wolfssl-fips-5.7.4'
+ echo Updating wolfSSL FIPS hash
Updating wolfSSL FIPS hash
+ bash -x ./fips-hash.sh
+ test '!' -x ./wolfcrypt/test/testwolfcrypt
+ test '!' -s ./wolfcrypt/src/fips_test.c
++ ./wolfcrypt/test/testwolfcrypt
++ sed -n 's/hash = \(.*\)/\1/p'
+ NEWHASH=E8231EC26852ADCAB614EC10A58EBBC00C766C87849B61872C32A33B831FCF3A
+ test -n E8231EC26852ADCAB614EC10A58EBBC00C766C87849B61872C32A33B831FCF3A
+ cp wolfcrypt/src/fips_test.c wolfcrypt/src/fips_test.c.bak
+ sed 's/^".*";/"E8231EC26852ADCAB614EC10A58EBBC00C766C87849B61872C32A33B831FCF3A";/' wolfcrypt/src/fips_test.c.bak
+ /usr/bin/make -j4
/usr/bin/make -j5  all-recursive
make[1]: Entering directory '/home/volga629/rpmbuild/BUILD/wolfssl-fips-5.7.4'
make[1]: warning: -j5 forced in submake: resetting jobserver mode.
make[2]: Entering directory '/home/volga629/rpmbuild/BUILD/wolfssl-fips-5.7.4'
make[2]: warning: -j5 forced in submake: resetting jobserver mode.
  CC       wolfcrypt/src/src_libwolfssl_la-fips_test.lo
  CCLD     src/libwolfssl.la
  CCLD     wolfcrypt/benchmark/benchmark
  CCLD     wolfcrypt/test/testwolfcrypt
make[2]: Leaving directory '/home/volga629/rpmbuild/BUILD/wolfssl-fips-5.7.4'
make[1]: Leaving directory '/home/volga629/rpmbuild/BUILD/wolfssl-fips-5.7.4'
+ RPM_EC=0
++ jobs -p
+ exit 0

@volga629-1
Copy link
Author

[root@canldev01-fedora39 ~]# swanctl --stats
plugin 'sqlite': failed to load - sqlite_plugin_create not found and no plugin file available
uptime: 22 hours, since Nov 20 14:23:25 2024
worker threads: 16 total, 7 idle, working: 4/0/5/0
job queues: 0/0/0/0
jobs scheduled: 0
IKE_SAs: 0 total, 0 half-open
mallinfo: sbrk 2555904, mmap 266240, used 434080, free 2121824
loaded plugins: charon-systemd unbound sha2 nonce pubkey ipseckey wolfssl curve25519 kernel-libipsec kernel-netlink socket-default bypass-lan vici counters
[root@canldev01-fedora39 ~]# cat /etc/strongswan/strongswan.d/charon/wolfssl.conf 
wolfssl {

    # Enable to prevent loading the plugin if wolfSSL is not in FIPS mode.
    fips_mode = yes

    # Whether to load the plugin. Can also be an integer to increase the
    # priority of this plugin.
    load = yes

}

[root@canldev01-fedora39 ~]# 

@anhu
Copy link
Member

anhu commented Nov 21, 2024

My colleagues pointed out you can use your current method to generate an options .h and then use that to customize your user_settings.h in the visual studio build.

@volga629-1
Copy link
Author

Let me try this method

@volga629-1
Copy link
Author

This list which I am going to try

#define WOLFSSL_HAVE_ATOMIC_H
#define WOLFSSL_WOLFSSH
#define HAVE_C___ATOMIC 1
#define HAVE_THREAD_LS
#define NO_DO178
#define HAVE_REPRODUCIBLE_BUILD
#define HAVE_LINUXKM_PIE_SUPPORT
#define WOLFSSL_X86_64_BUILD
#define WOLFSSL_ASN_TEMPLATE
#define USE_FAST_MATH
#define HAVE_CRL_IO
#define HAVE_IO_TIMEOUT
#define WOLFSSL_DER_LOAD
#define KEEP_OUR_CERT
#define KEEP_PEER_CERT
#define WOLFSSL_SUBJ_DIR_ATTR
#define WOLFSSL_FPKI
#define WOLFSSL_SUBJ_INFO_ACC
#define WOLFSSL_CERT_NAME_ALL
#define WOLFSSL_VERBOSE_ERRORS
#define HAVE_AES_DECRYPT
#define HAVE_AES_ECB
#define WOLFSSL_ALT_NAMES
#define HAVE_FFDHE_2048
#define HAVE_FFDHE_3072
#define WOLFSSL_ASN_ALL
#define WOLFSSL_DH_EXTRA
#define WOLFSSL_ECDSA_DETERMINISTIC_K_VARIANT
#define WOLFSSL_HAVE_ISSUER_NAMES
#define HAVE_ECH
#define WOLFSSL_DTLS
#define WOLFSSL_QUIC
#define HAVE_EX_DATA
#define WOLFSSL_POST_HANDSHAKE_AUTH
#define WOLFSSL_SEND_HRR_COOKIE
#define WOLFSSL_LIBWEBSOCKETS
#define HAVE_EX_DATA
#define OPENSSL_NO_EC
#define ERROR_QUEUE_PER_THREAD
#define TFM_TIMING_RESISTANT
#define ECC_TIMING_RESISTANT
#define WC_RSA_BLINDING
#define PERSIST_SESSION_CACHE
#define PERSIST_CERT_CACHE
#define ATOMIC_USER
#define WOLFSSL_AES_CBC_LENGTH_CHECKS
#define HAVE_AESCCM
#define WOLFSSL_AES_EAX
#define WOLFSSL_AES_OFB
#define WOLFSSL_AES_DIRECT
#define WOLFSSL_AES_CFB
#define WOLFSSL_AESNI
#define USE_INTEL_SPEEDUP
#define HAVE_CAMELLIA
#define WOLFSSL_MD2
#define WOLFSSL_RIPEMD
#define HAVE_BLAKE2
#define HAVE_BLAKE2B
#define HAVE_BLAKE2S
#define WOLFSSL_SHA224
#define WOLFSSL_SHA512
#define WOLFSSL_SHA384
#define SESSION_CERTS
#define WOLFSSL_SEP
#define KEEP_PEER_CERT
#define HAVE_HKDF
#define HAVE_HPKE
#define HAVE_X963_KDF
#define HAVE_ECC
#define TFM_ECC256
#define ECC_SHAMIR
#define ECC_MIN_KEY_SZ 192
#define HAVE_CURVE25519
#define HAVE_ECC_ENCRYPT
#define WC_RSA_PSS
#define WOLFSSL_PSS_LONG_SALT
#define HAVE_ANON
#define WOLFSSL_ASN_PRINT
#define WOLFSSL_BASE64_ENCODE
#define WOLFSSL_BASE16
#define WOLFSSL_SIPHASH
#define WOLFSSL_CMAC
#define WOLFSSL_AES_DIRECT
#define HAVE_WEBSERVER
#define WOLFSSL_FIPS_READY
#define HAVE_FIPS
#define HAVE_FIPS_VERSION 7
#define HAVE_FIPS_VERSION_MAJOR 7
#define HAVE_FIPS_VERSION_MINOR 0
#define HAVE_FIPS_VERSION_PATCH 0
#define HAVE_ECC_CDH
#define WC_RSA_NO_PADDING
#define ECC_USER_CURVES
#define HAVE_ECC384
#define HAVE_ECC521
#define WOLFSSL_VALIDATE_FFC_IMPORT
#define HAVE_FFDHE_Q
#define HAVE_FFDHE_3072
#define HAVE_FFDHE_4096
#define HAVE_FFDHE_6144
#define HAVE_FFDHE_8192
#define WC_RNG_SEED_CB
#define WOLFSSL_ECDSA_SET_K
#define WOLFSSL_VALIDATE_ECC_IMPORT
#define WOLFSSL_VALIDATE_ECC_KEYGEN
#define HAVE_ECC192
#define HAVE_ECC224
#define HAVE_ECC256
#define HAVE_ED448
#define HAVE_ED448_KEY_IMPORT
#define WOLFSSL_NOSHA512_224
#define WOLFSSL_NOSHA512_256
#define WOLFSSL_AES_DIRECT
#define HAVE_AES_ECB
#define NO_OLD_TLS
#define WOLFSSL_AES_XTS
#define WOLFSSL_AES_DIRECT
#define HAVE_CURVE448
#define HAVE_ED448
#define WOLFSSL_ED448_STREAMING_VERIFY
#define WC_SRTP_KDF
#define HAVE_AES_ECB
#define WOLFSSL_AES_DIRECT
#define WOLFSSL_SHA3
#define WOLFSSL_SHAKE128
#define WOLFSSL_SHAKE256
#define HAVE_HASHDRBG
#define HAVE_OPENSSL_CMD
#define HAVE_TLS_EXTENSIONS
#define HAVE_CERTIFICATE_STATUS_REQUEST
#define HAVE_TLS_EXTENSIONS
#define HAVE_CERTIFICATE_STATUS_REQUEST_V2
#define HAVE_CRL
#define HAVE_TLS_EXTENSIONS
#define HAVE_SNI
#define HAVE_TLS_EXTENSIONS
#define HAVE_ALPN
#define HAVE_TLS_EXTENSIONS
#define HAVE_MAX_FRAGMENT
#define HAVE_TLS_EXTENSIONS
#define HAVE_TRUNCATED_HMAC
#define HAVE_TLS_EXTENSIONS
#define HAVE_SECURE_RENEGOTIATION
#define HAVE_SERVER_RENEGOTIATION_INFO
#define HAVE_FALLBACK_SCSV
#define HAVE_KEYING_MATERIAL
#define HAVE_TLS_EXTENSIONS
#define HAVE_SUPPORTED_CURVES
#define HAVE_FFDHE_2048
#define HAVE_SUPPORTED_CURVES
#define WOLFSSL_TLS13
#define HAVE_TLS_EXTENSIONS
#define HAVE_TLS_EXTENSIONS
#define HAVE_SESSION_TICKET
#define HAVE_EXTENDED_MASTER
#define HAVE_TLS_EXTENSIONS
#define HAVE_SNI
#define HAVE_MAX_FRAGMENT
#define HAVE_TRUNCATED_HMAC
#define HAVE_ALPN
#define HAVE_TRUSTED_CA
#define HAVE_SUPPORTED_CURVES
#define WOLFSSL_EARLY_DATA
#define WOLFCRYPT_HAVE_SRP
#define ASN_BER_TO_DER
#define WOLFSSL_HAVE_CERT_SERVICE
#define HAVE_LIGHTY
#define HAVE_WOLFSSL_SSL_H 1
#define HAVE_EX_DATA
#define OPENSSL_ALL
#define WOLFSSL_KEY_GEN
#define WOLFSSL_NGINX
#define WOLFSSL_SIGNER_DER_CERT
#define OPENSSL_COMPATIBLE_DEFAULTS
#define WOLFSSL_ERROR_CODE_OPENSSL
#define WOLFSSL_OPENVPN
#define HAVE_KEYING_MATERIAL
#define WOLFSSL_DES_ECB
#define HAVE_EX_DATA
#define WOLFSSL_KEY_GEN
#define WOLFSSL_ALWAYS_VERIFY_CB
#define WOLFSSL_ALWAYS_KEEP_SNI
#define KEEP_OUR_CERT
#define KEEP_PEER_CERT
#define HAVE_EXT_CACHE
#define HAVE_EX_DATA
#define WOLFSSL_CERT_GEN
#define WOLFSSL_ASIO
#define ASIO_USE_WOLFSSL
#define WOLFSSL_KEY_GEN
#define BOOST_ASIO_USE_WOLFSSL
#define HAVE_EX_DATA
#define SSL_TXT_TLSV1_2
#define OPENSSL_NO_SSL2
#define OPENSSL_NO_SSL3
#define SSL_TXT_TLSV1
#define HAVE_ENCRYPT_THEN_MAC
#define WOLFSSL_ENCRYPTED_KEYS
#define HAVE_SCRYPT
#define WOLFSSL_HAVE_ATOMIC_H
#define WOLFSSL_WOLFSSH
#define HAVE_C___ATOMIC 1
#define HAVE_THREAD_LS
#define NO_DO178
#define HAVE_REPRODUCIBLE_BUILD
#define HAVE_LINUXKM_PIE_SUPPORT
#define WOLFSSL_X86_64_BUILD
#define WOLFSSL_ASN_TEMPLATE
#define USE_FAST_MATH
#define HAVE_CRL_IO
#define HAVE_IO_TIMEOUT
#define WOLFSSL_DER_LOAD
#define KEEP_OUR_CERT
#define KEEP_PEER_CERT
#define WOLFSSL_SUBJ_DIR_ATTR
#define WOLFSSL_FPKI
#define WOLFSSL_SUBJ_INFO_ACC
#define WOLFSSL_CERT_NAME_ALL
#define WOLFSSL_VERBOSE_ERRORS
#define HAVE_AES_DECRYPT
#define HAVE_AES_ECB
#define WOLFSSL_ALT_NAMES
#define HAVE_FFDHE_2048
#define HAVE_FFDHE_3072
#define WOLFSSL_ASN_ALL
#define WOLFSSL_DH_EXTRA
#define WOLFSSL_ECDSA_DETERMINISTIC_K_VARIANT
#define WOLFSSL_HAVE_ISSUER_NAMES
#define HAVE_ECH
#define WOLFSSL_DTLS
#define WOLFSSL_QUIC
#define HAVE_EX_DATA
#define WOLFSSL_POST_HANDSHAKE_AUTH
#define WOLFSSL_SEND_HRR_COOKIE
#define WOLFSSL_LIBWEBSOCKETS
#define HAVE_EX_DATA
#define OPENSSL_NO_EC
#define ERROR_QUEUE_PER_THREAD
#define TFM_TIMING_RESISTANT
#define ECC_TIMING_RESISTANT
#define WC_RSA_BLINDING
#define PERSIST_SESSION_CACHE
#define PERSIST_CERT_CACHE
#define ATOMIC_USER
#define WOLFSSL_AES_CBC_LENGTH_CHECKS
#define HAVE_AESCCM
#define WOLFSSL_AES_EAX
#define WOLFSSL_AES_OFB
#define WOLFSSL_AES_DIRECT
#define WOLFSSL_AES_CFB
#define WOLFSSL_AESNI
#define USE_INTEL_SPEEDUP
#define HAVE_CAMELLIA
#define WOLFSSL_MD2
#define WOLFSSL_RIPEMD
#define HAVE_BLAKE2
#define HAVE_BLAKE2B
#define HAVE_BLAKE2S
#define WOLFSSL_SHA224
#define WOLFSSL_SHA512
#define WOLFSSL_SHA384
#define SESSION_CERTS
#define WOLFSSL_SEP
#define KEEP_PEER_CERT
#define HAVE_HKDF
#define HAVE_HPKE
#define HAVE_X963_KDF
#define HAVE_ECC
#define TFM_ECC256
#define ECC_SHAMIR
#define ECC_MIN_KEY_SZ 192
#define HAVE_CURVE25519
#define HAVE_ECC_ENCRYPT
#define WC_RSA_PSS
#define WOLFSSL_PSS_LONG_SALT
#define HAVE_ANON
#define WOLFSSL_ASN_PRINT
#define WOLFSSL_BASE64_ENCODE
#define WOLFSSL_BASE16
#define WOLFSSL_SIPHASH
#define WOLFSSL_CMAC
#define WOLFSSL_AES_DIRECT
#define HAVE_WEBSERVER
#define WOLFSSL_FIPS_READY
#define HAVE_FIPS
#define HAVE_FIPS_VERSION 7
#define HAVE_FIPS_VERSION_MAJOR 7
#define HAVE_FIPS_VERSION_MINOR 0
#define HAVE_FIPS_VERSION_PATCH 0
#define HAVE_ECC_CDH
#define WC_RSA_NO_PADDING
#define ECC_USER_CURVES
#define HAVE_ECC384
#define HAVE_ECC521
#define WOLFSSL_VALIDATE_FFC_IMPORT
#define HAVE_FFDHE_Q
#define HAVE_FFDHE_3072
#define HAVE_FFDHE_4096
#define HAVE_FFDHE_6144
#define HAVE_FFDHE_8192
#define WC_RNG_SEED_CB
#define WOLFSSL_ECDSA_SET_K
#define WOLFSSL_VALIDATE_ECC_IMPORT
#define WOLFSSL_VALIDATE_ECC_KEYGEN
#define HAVE_ECC192
#define HAVE_ECC224
#define HAVE_ECC256
#define HAVE_ED448
#define HAVE_ED448_KEY_IMPORT
#define WOLFSSL_NOSHA512_224
#define WOLFSSL_NOSHA512_256
#define WOLFSSL_AES_DIRECT
#define HAVE_AES_ECB
#define NO_OLD_TLS
#define WOLFSSL_AES_XTS
#define WOLFSSL_AES_DIRECT
#define HAVE_CURVE448
#define HAVE_ED448

@volga629-1
Copy link
Author

@anhu can you please confirm that user_setting.h look correct

#ifndef _WIN_USER_SETTINGS_H_
#define _WIN_USER_SETTINGS_H_
#define WOLFSSL_HAVE_ATOMIC_H
#define WOLFSSL_WOLFSSH
#define HAVE_C___ATOMIC 1
#define HAVE_THREAD_LS
#define NO_DO178
#define HAVE_REPRODUCIBLE_BUILD
#define HAVE_LINUXKM_PIE_SUPPORT
#define WOLFSSL_X86_64_BUILD
#define WOLFSSL_ASN_TEMPLATE
#define USE_FAST_MATH
#define HAVE_CRL_IO
#define HAVE_IO_TIMEOUT
#define WOLFSSL_DER_LOAD
#define KEEP_OUR_CERT
#define KEEP_PEER_CERT
#define WOLFSSL_SUBJ_DIR_ATTR
#define WOLFSSL_FPKI
#define WOLFSSL_SUBJ_INFO_ACC
#define WOLFSSL_CERT_NAME_ALL
#define WOLFSSL_VERBOSE_ERRORS
#define HAVE_AES_DECRYPT
#define HAVE_AES_ECB
#define WOLFSSL_ALT_NAMES
#define HAVE_FFDHE_2048
#define HAVE_FFDHE_3072
#define WOLFSSL_ASN_ALL
#define WOLFSSL_DH_EXTRA
#define WOLFSSL_ECDSA_DETERMINISTIC_K_VARIANT
#define WOLFSSL_HAVE_ISSUER_NAMES
#define HAVE_ECH
#define WOLFSSL_DTLS
#define WOLFSSL_QUIC
#define HAVE_EX_DATA
#define WOLFSSL_POST_HANDSHAKE_AUTH
#define WOLFSSL_SEND_HRR_COOKIE
#define WOLFSSL_LIBWEBSOCKETS
#define HAVE_EX_DATA
#define OPENSSL_NO_EC
#define ERROR_QUEUE_PER_THREAD
#define TFM_TIMING_RESISTANT
#define ECC_TIMING_RESISTANT
#define WC_RSA_BLINDING
#define PERSIST_SESSION_CACHE
#define PERSIST_CERT_CACHE
#define ATOMIC_USER
#define WOLFSSL_AES_CBC_LENGTH_CHECKS
#define HAVE_AESCCM
#define WOLFSSL_AES_EAX
#define WOLFSSL_AES_OFB
#define WOLFSSL_AES_DIRECT
#define WOLFSSL_AES_CFB
#define WOLFSSL_AESNI
#define USE_INTEL_SPEEDUP
#define HAVE_CAMELLIA
#define WOLFSSL_MD2
#define WOLFSSL_RIPEMD
#define HAVE_BLAKE2
#define HAVE_BLAKE2B
#define HAVE_BLAKE2S
#define WOLFSSL_SHA224
#define WOLFSSL_SHA512
#define WOLFSSL_SHA384
#define SESSION_CERTS
#define WOLFSSL_SEP
#define KEEP_PEER_CERT
#define HAVE_HKDF
#define HAVE_HPKE
#define HAVE_X963_KDF
#define HAVE_ECC
#define TFM_ECC256
#define ECC_SHAMIR
#define ECC_MIN_KEY_SZ 192
#define HAVE_CURVE25519
#define HAVE_ECC_ENCRYPT
#define WC_RSA_PSS
#define WOLFSSL_PSS_LONG_SALT
#define HAVE_ANON
#define WOLFSSL_ASN_PRINT
#define WOLFSSL_BASE64_ENCODE
#define WOLFSSL_BASE16
#define WOLFSSL_SIPHASH
#define WOLFSSL_CMAC
#define WOLFSSL_AES_DIRECT
#define HAVE_WEBSERVER
#define WOLFSSL_FIPS_READY
#define HAVE_FIPS
#define HAVE_FIPS_VERSION 7
#define HAVE_FIPS_VERSION_MAJOR 7
#define HAVE_FIPS_VERSION_MINOR 0
#define HAVE_FIPS_VERSION_PATCH 0
#define HAVE_ECC_CDH
#define WC_RSA_NO_PADDING
#define ECC_USER_CURVES
#define HAVE_ECC384
#define HAVE_ECC521
#define WOLFSSL_VALIDATE_FFC_IMPORT
#define HAVE_FFDHE_Q
#define HAVE_FFDHE_3072
#define HAVE_FFDHE_4096
#define HAVE_FFDHE_6144
#define HAVE_FFDHE_8192
#define WC_RNG_SEED_CB
#define WOLFSSL_ECDSA_SET_K
#define WOLFSSL_VALIDATE_ECC_IMPORT
#define WOLFSSL_VALIDATE_ECC_KEYGEN
#define HAVE_ECC192
#define HAVE_ECC224
#define HAVE_ECC256
#define HAVE_ED448
#define HAVE_ED448_KEY_IMPORT
#define WOLFSSL_NOSHA512_224
#define WOLFSSL_NOSHA512_256
#define WOLFSSL_AES_DIRECT
#define HAVE_AES_ECB
#define NO_OLD_TLS
#define WOLFSSL_AES_XTS
#define WOLFSSL_AES_DIRECT
#define HAVE_CURVE448
#define HAVE_ED448
#define WOLFSSL_ED448_STREAMING_VERIFY
#define WC_SRTP_KDF
#define HAVE_AES_ECB
#define WOLFSSL_AES_DIRECT
#define WOLFSSL_SHA3
#define WOLFSSL_SHAKE128
#define WOLFSSL_SHAKE256
#define HAVE_HASHDRBG
#define HAVE_OPENSSL_CMD
#define HAVE_TLS_EXTENSIONS
#define HAVE_CERTIFICATE_STATUS_REQUEST
#define HAVE_TLS_EXTENSIONS
#define HAVE_CERTIFICATE_STATUS_REQUEST_V2
#define HAVE_CRL
#define HAVE_TLS_EXTENSIONS
#define HAVE_SNI
#define HAVE_TLS_EXTENSIONS
#define HAVE_ALPN
#define HAVE_TLS_EXTENSIONS
#define HAVE_MAX_FRAGMENT
#define HAVE_TLS_EXTENSIONS
#define HAVE_TRUNCATED_HMAC
#define HAVE_TLS_EXTENSIONS
#define HAVE_SECURE_RENEGOTIATION
#define HAVE_SERVER_RENEGOTIATION_INFO
#define HAVE_FALLBACK_SCSV
#define HAVE_KEYING_MATERIAL
#define HAVE_TLS_EXTENSIONS
#define HAVE_SUPPORTED_CURVES
#define HAVE_FFDHE_2048
#define HAVE_SUPPORTED_CURVES
#define WOLFSSL_TLS13
#define HAVE_TLS_EXTENSIONS
#define HAVE_TLS_EXTENSIONS
#define HAVE_SESSION_TICKET
#define HAVE_EXTENDED_MASTER
#define HAVE_TLS_EXTENSIONS
#define HAVE_SNI
#define HAVE_MAX_FRAGMENT
#define HAVE_TRUNCATED_HMAC
#define HAVE_ALPN
#define HAVE_TRUSTED_CA
#define HAVE_SUPPORTED_CURVES
#define WOLFSSL_EARLY_DATA
#define WOLFCRYPT_HAVE_SRP
#define ASN_BER_TO_DER
#define WOLFSSL_HAVE_CERT_SERVICE
#define HAVE_LIGHTY
#define HAVE_WOLFSSL_SSL_H 1
#define HAVE_EX_DATA
#define OPENSSL_ALL
#define WOLFSSL_KEY_GEN
#define WOLFSSL_NGINX
#define WOLFSSL_SIGNER_DER_CERT
#define OPENSSL_COMPATIBLE_DEFAULTS
#define WOLFSSL_ERROR_CODE_OPENSSL
#define WOLFSSL_OPENVPN
#define HAVE_KEYING_MATERIAL
#define WOLFSSL_DES_ECB
#define HAVE_EX_DATA
#define WOLFSSL_KEY_GEN
#define WOLFSSL_ALWAYS_VERIFY_CB
#define WOLFSSL_ALWAYS_KEEP_SNI
#define KEEP_OUR_CERT
#define KEEP_PEER_CERT
#define HAVE_EXT_CACHE
#define HAVE_EX_DATA
#define WOLFSSL_CERT_GEN
#define WOLFSSL_ASIO
#define ASIO_USE_WOLFSSL
#define WOLFSSL_KEY_GEN
#define BOOST_ASIO_USE_WOLFSSL
#define HAVE_EX_DATA
#define SSL_TXT_TLSV1_2
#define OPENSSL_NO_SSL2
#define OPENSSL_NO_SSL3
#define SSL_TXT_TLSV1
#define HAVE_ENCRYPT_THEN_MAC
#define WOLFSSL_ENCRYPTED_KEYS
#define HAVE_SCRYPT
#define WOLFSSL_HAVE_ATOMIC_H
#define WOLFSSL_WOLFSSH
#define HAVE_C___ATOMIC 1
#define HAVE_THREAD_LS
#define NO_DO178
#define HAVE_REPRODUCIBLE_BUILD
#define HAVE_LINUXKM_PIE_SUPPORT
#define WOLFSSL_X86_64_BUILD
#define WOLFSSL_ASN_TEMPLATE
#define USE_FAST_MATH
#define HAVE_CRL_IO
#define HAVE_IO_TIMEOUT
#define WOLFSSL_DER_LOAD
#define KEEP_OUR_CERT
#define KEEP_PEER_CERT
#define WOLFSSL_SUBJ_DIR_ATTR
#define WOLFSSL_FPKI
#define WOLFSSL_SUBJ_INFO_ACC
#define WOLFSSL_CERT_NAME_ALL
#define WOLFSSL_VERBOSE_ERRORS
#define HAVE_AES_DECRYPT
#define HAVE_AES_ECB
#define WOLFSSL_ALT_NAMES
#define HAVE_FFDHE_2048
#define HAVE_FFDHE_3072
#define WOLFSSL_ASN_ALL
#define WOLFSSL_DH_EXTRA
#define WOLFSSL_ECDSA_DETERMINISTIC_K_VARIANT
#define WOLFSSL_HAVE_ISSUER_NAMES
#define HAVE_ECH
#define WOLFSSL_DTLS
#define WOLFSSL_QUIC
#define HAVE_EX_DATA
#define WOLFSSL_POST_HANDSHAKE_AUTH
#define WOLFSSL_SEND_HRR_COOKIE
#define WOLFSSL_LIBWEBSOCKETS
#define HAVE_EX_DATA
#define OPENSSL_NO_EC
#define ERROR_QUEUE_PER_THREAD
#define TFM_TIMING_RESISTANT
#define ECC_TIMING_RESISTANT
#define WC_RSA_BLINDING
#define PERSIST_SESSION_CACHE
#define PERSIST_CERT_CACHE
#define ATOMIC_USER
#define WOLFSSL_AES_CBC_LENGTH_CHECKS
#define HAVE_AESCCM
#define WOLFSSL_AES_EAX
#define WOLFSSL_AES_OFB
#define WOLFSSL_AES_DIRECT
#define WOLFSSL_AES_CFB
#define WOLFSSL_AESNI
#define USE_INTEL_SPEEDUP
#define HAVE_CAMELLIA
#define WOLFSSL_MD2
#define WOLFSSL_RIPEMD
#define HAVE_BLAKE2
#define HAVE_BLAKE2B
#define HAVE_BLAKE2S
#define WOLFSSL_SHA224
#define WOLFSSL_SHA512
#define WOLFSSL_SHA384
#define SESSION_CERTS
#define WOLFSSL_SEP
#define KEEP_PEER_CERT
#define HAVE_HKDF
#define HAVE_HPKE
#define HAVE_X963_KDF
#define HAVE_ECC
#define TFM_ECC256
#define ECC_SHAMIR
#define ECC_MIN_KEY_SZ 192
#define HAVE_CURVE25519
#define HAVE_ECC_ENCRYPT
#define WC_RSA_PSS
#define WOLFSSL_PSS_LONG_SALT
#define HAVE_ANON
#define WOLFSSL_ASN_PRINT
#define WOLFSSL_BASE64_ENCODE
#define WOLFSSL_BASE16
#define WOLFSSL_SIPHASH
#define WOLFSSL_CMAC
#define WOLFSSL_AES_DIRECT
#define HAVE_WEBSERVER
#define WOLFSSL_FIPS_READY
#define HAVE_FIPS
#define HAVE_FIPS_VERSION 7
#define HAVE_FIPS_VERSION_MAJOR 7
#define HAVE_FIPS_VERSION_MINOR 0
#define HAVE_FIPS_VERSION_PATCH 0
#define HAVE_ECC_CDH
#define WC_RSA_NO_PADDING
#define ECC_USER_CURVES
#define HAVE_ECC384
#define HAVE_ECC521
#define WOLFSSL_VALIDATE_FFC_IMPORT
#define HAVE_FFDHE_Q
#define HAVE_FFDHE_3072
#define HAVE_FFDHE_4096
#define HAVE_FFDHE_6144
#define HAVE_FFDHE_8192
#define WC_RNG_SEED_CB
#define WOLFSSL_ECDSA_SET_K
#define WOLFSSL_VALIDATE_ECC_IMPORT
#define WOLFSSL_VALIDATE_ECC_KEYGEN
#define HAVE_ECC192
#define HAVE_ECC224
#define HAVE_ECC256
#define HAVE_ED448
#define HAVE_ED448_KEY_IMPORT
#define WOLFSSL_NOSHA512_224
#define WOLFSSL_NOSHA512_256
#define WOLFSSL_AES_DIRECT
#define HAVE_AES_ECB
#define NO_OLD_TLS
#define WOLFSSL_AES_XTS
#define WOLFSSL_AES_DIRECT
#define HAVE_CURVE448
#define HAVE_ED448

/* For FIPS 140-2 3389 build set to "#if 1" */
#if 0
#undef HAVE_FIPS
#define HAVE_FIPS
#undef HAVE_FIPS_VERSION
#define HAVE_FIPS_VERSION 2
#undef HAVE_FIPS_VERSION_MINOR
#define HAVE_FIPS_VERSION_MINOR 0
#endif

/* Set the following to 1 for WCv5.0-RC12 build. */
#if 0
#undef HAVE_FIPS
#define HAVE_FIPS
#undef HAVE_FIPS_VERSION
#define HAVE_FIPS_VERSION 5
#undef HAVE_FIPS_VERSION_MINOR
#define HAVE_FIPS_VERSION_MINOR 2
#endif

/* For FIPS Ready, uncomment the following: */
/* #define WOLFSSL_FIPS_READY */
#ifdef WOLFSSL_FIPS_READY
    #undef HAVE_FIPS
    #define HAVE_FIPS
    #undef HAVE_FIPS_VERSION
    #define HAVE_FIPS_VERSION 5
    #undef HAVE_FIPS_VERSION_MINOR
    #define HAVE_FIPS_VERSION_MINOR 3
#endif


/* Verify this is Windows */
#ifndef _WIN32
#error This user_settings.h header is only designed for Windows
#endif

/* Configurations */
#if defined(HAVE_FIPS)
    /* FIPS */
    #define OPENSSL_EXTRA
    #define HAVE_THREAD_LS
    #define WOLFSSL_KEY_GEN
    #define HAVE_AESGCM
    #define HAVE_HASHDRBG
    #define WOLFSSL_SHA384
    #define WOLFSSL_SHA512
    #define NO_PSK
    #define NO_RC4
    #define NO_DSA
    #define NO_MD4

    #if defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 2)
        #define WOLFSSL_SHA224
        #define WOLFSSL_SHA3
        #define WC_RSA_PSS
        #define WC_RSA_NO_PADDING
        #define HAVE_ECC
        #define HAVE_ECC384
        #define HAVE_ECC521
        #define HAVE_SUPPORTED_CURVES
        #define HAVE_TLS_EXTENSIONS
        #define ECC_SHAMIR
        #define HAVE_ECC_CDH
        #define ECC_TIMING_RESISTANT
        #define TFM_TIMING_RESISTANT
        #define WOLFSSL_AES_COUNTER
        #define WOLFSSL_AES_DIRECT
        #define HAVE_AES_ECB
        #define HAVE_AESCCM
        #define WOLFSSL_CMAC
        #define HAVE_HKDF
        #define WOLFSSL_VALIDATE_ECC_IMPORT
        #define WOLFSSL_VALIDATE_FFC_IMPORT
        #define HAVE_FFDHE_Q
        #define HAVE_PUBLIC_FFDHE
    #ifdef _WIN64
        #define WOLFSSL_AESNI
        #define HAVE_INTEL_RDSEED
    #endif
        #define FORCE_FAILURE_RDSEED
    #endif /* FIPS v2 */
    #if defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 5)
        #undef WOLFSSL_AESNI /* Comment out if using PAA */
        #undef HAVE_INTEL_RDSEED
        #undef FORCE_FAILURE_RDSEED
        #undef HAVE_PUBLIC_FFDHE

        #define NO_DES
        #define NO_DES3
        #define NO_MD5
        #define NO_OLD_TLS

        #define WOLFSSL_TLS13
        #define HAVE_TLS_EXTENSIONS
        #define HAVE_SUPPORTED_CURVES
        #define GCM_TABLE_4BIT
        #define WOLFSSL_NO_SHAKE256
        #define WOLFSSL_VALIDATE_ECC_KEYGEN
        #define WOLFSSL_ECDSA_SET_K
        #define WOLFSSL_WOLFSSH
        #define WOLFSSL_PUBLIC_MP
        #define WC_RNG_SEED_CB
        #define TFM_ECC256
        #define ECC_USER_CURVES
        #define HAVE_ECC192
        #define HAVE_ECC224
        #define HAVE_ECC256
        #define HAVE_ECC384
        #define HAVE_ECC521
        #define HAVE_FFDHE_2048
        #define HAVE_FFDHE_3072
        #define HAVE_FFDHE_4096
        #define HAVE_FFDHE_6144
        #define HAVE_FFDHE_8192
        #define WOLFSSL_AES_OFB
        #define FP_MAX_BITS 16384
    #endif /* FIPS v5 */
    #if defined(HAVE_FIPS_VERSION) && (HAVE_FIPS_VERSION >= 6)
        #define WOLFSSL_AES_XTS
    #endif
#else
    /* Enables blinding mode, to prevent timing attacks */
    #define WC_RSA_BLINDING

    #if defined(WOLFSSL_LIB)
        /* The lib */
        #define OPENSSL_EXTRA
        #define WOLFSSL_RIPEMD
        #define NO_PSK
        #define HAVE_EXTENDED_MASTER
        #define WOLFSSL_SNIFFER
        #define HAVE_SECURE_RENEGOTIATION

        #define HAVE_AESGCM
        #define WOLFSSL_AES_XTS
        #define WOLFSSL_SHA384
        #define WOLFSSL_SHA512

        #define HAVE_SUPPORTED_CURVES
        #define HAVE_TLS_EXTENSIONS

        #define HAVE_ECC
        #define ECC_SHAMIR
        #define ECC_TIMING_RESISTANT
    #else
        /* The servers and clients */
        #define OPENSSL_EXTRA
        #define NO_PSK
    #endif
#endif /* HAVE_FIPS */

#endif /* _WIN_USER_SETTINGS_H_ */

@anhu
Copy link
Member

anhu commented Nov 21, 2024

Hi Volga, this seems like a bit too much. For example, you have HAVE_LINUXKM_PIE_SUPPORT which I would imagine isn't required. Same with HAVE_CAMELLIA and many others. May I ask how you constructed this file?

@volga629-1
Copy link
Author

I pulled what is compiled on linux.

Normally I do configure

./configure --build=x86_64-w64-mingw32 \
		    --host=x86_64-w64-mingw32 \
			--enable-all \
           --enable-reproducible-build \
           --enable-secure-renegotiation --enable-fastmath \
           --enable-ed25519 --enable-curve25519 \
           --enable-opensslall \
           --enable-ecc \
           --enable-ocsp \
           --disable-fpecc \
           --disable-aligndata \
           --disable-static \
           --disable-jni \
           --disable-crl-monitor\
           --disable-examples \
           --enable-opensslextra \
           --enable-all-crypto \
           --enable-shared \
           --enable-secure-renegotiation \
           --enable-fips=ready \
           CFLAGS="-DWOLFSSL_STATIC_RSA" \
		   LDFLAGS="-lws2_32 -lcrypt32 -Wl,-s -Wl,--gc-sections" \
           C_EXTRA_FLAGS="-fPIC"

@volga629-1
Copy link
Author

Can you please clarify the order, when test.exe should be run in case of Visual studio is in use.
I ran test.exe and most tests is passed, but I don't see hash line .

$ ./test
Starting Power On Self Test
Pre-Operational Self Test SUCCESS
------------------------------------------------------------------------------
 wolfSSL version 5.7.4
------------------------------------------------------------------------------
FIPS module version in use: wolfCrypt v7.0.0
error    test passed!
wolfSSL Entering memory_test
MEMORY   test passed!
wolfSSL Entering base64_test
Bad Base64 Decode data, too big
Escape buffer max too small
base64   test passed!
wolfSSL Entering base16_test
base16   test passed!
wolfSSL Entering asn_test
asn      test passed!
wolfSSL Entering random_test
RNG_HEALTH_TEST_CHECK_SIZE = 128
sizeof(seedB_data)         = 128
RNG_HEALTH_TEST_CHECK_SIZE = 128
sizeof(seedB_data)         = 128
RANDOM   test passed!
wolfSSL Entering sha_test
SHA      test passed!
wolfSSL Entering sha224_test
SHA-224  test passed!
wolfSSL Entering sha256_test
SHA-256  test passed!
wolfSSL Entering sha384_test
SHA-384  test passed!
wolfSSL Entering sha512_test
SHA-512  test passed!
wolfSSL Entering sha3_test
SHA-3    test passed!
wolfSSL Entering hash_test
Hash     test passed!
wolfSSL Entering hmac_sha_test
HMAC-SHA test passed!
wolfSSL Entering hmac_sha224_test
HMAC-SHA224 test passed!
wolfSSL Entering hmac_sha256_test
HMAC-SHA256 test passed!
wolfSSL Entering hmac_sha384_test
HMAC-SHA384 test passed!
wolfSSL Entering hmac_sha512_test
HMAC-SHA512 test passed!
wolfSSL Entering hmac_sha3_test
HMAC-SHA3   test passed!
wolfSSL Entering hkdf_test
HMAC-KDF    test passed!
wolfSSL Entering sshkdf_test
SSH-KDF     test passed!
PRF         test passed!
TLSv1.2 KDF test passed!
wolfSSL Entering tls13_kdf_test
TLSv1.3 KDF test passed!
wolfSSL Entering srtpkdf_test
SRTP KDF test passed!
wolfSSL Entering gmac_test
RNG_HEALTH_TEST_CHECK_SIZE = 128
sizeof(seedB_data)         = 128
GMAC     test passed!
wolfSSL Entering des_test
DES      test passed!
wolfSSL Entering des3_test
wolfSSL Entering wolfSSL_DES_ede3_cbc_encrypt
wolfSSL Entering wolfSSL_DES_ede3_cbc_encrypt
wolfSSL Entering wolfSSL_DES_ede3_cbc_encrypt
wolfSSL Entering wolfSSL_DES_ede3_cbc_encrypt
wolfSSL Entering wolfSSL_DES_ede3_cbc_encrypt
wolfSSL Entering wolfSSL_DES_ede3_cbc_encrypt
wolfSSL Entering wolfSSL_DES_ede3_cbc_encrypt
wolfSSL Entering wolfSSL_DES_ede3_cbc_encrypt
wolfSSL Entering wolfSSL_DES_ede3_cbc_encrypt
wolfSSL Entering wolfSSL_DES_ede3_cbc_encrypt
wolfSSL Entering wolfSSL_DES_ede3_cbc_encrypt
wolfSSL Entering wolfSSL_DES_ede3_cbc_encrypt
DES3     test passed!
wolfSSL Entering aes_test
wolfSSL Entering aes_ecb/direct_test
wolfSSL Entering aes_direct_test
AES      test passed!
wolfSSL Entering aes192_test
AES192   test passed!
wolfSSL Entering aes256_test
AES256   test passed!
wolfSSL Entering aes_cbc_test
AES-CBC  test passed!
wolfSSL Entering aes_ctr_test
AES-CTR  test passed!
wolfSSL Entering aesofb_test
AES-OFB   test passed!
wolfSSL Entering aesgcm_test
RNG_HEALTH_TEST_CHECK_SIZE = 128
sizeof(seedB_data)         = 128
wolfSSL Entering aesgcm_default_test
AES-GCM  test passed!
wolfSSL Entering aesccm_test
AES-CCM  test passed!
wolfSSL Entering aes_cfb_test
AES-CFB  test passed!
wolfSSL Entering aes_xts_test
AES-XTS  test passed!
wolfSSL Entering aeskeywrap_test
AES Key Wrap test passed!
wolfSSL Entering rsa_no_pad_test
mp_to_unsigned_bin_len_ct...
mp_to_unsigned_bin_len_ct...
RNG_HEALTH_TEST_CHECK_SIZE = 128
sizeof(seedB_data)         = 128
mp_to_unsigned_bin_len_ct...
mp_to_unsigned_bin_len_ct...
wolfSSL Using NO padding
mp_to_unsigned_bin_len_ct...
mp_to_unsigned_bin_len_ct...
wolfSSL Using NO un-padding
Bad RSA type
Bad input length. Should be RSA key size
RSA NOPAD test passed!
wolfSSL Entering rsa_test
GetLength - value exceeds buffer length
GetLength - value exceeds buffer length
GetLength - value exceeds buffer length
GetLength - value exceeds buffer length
GetLength - value exceeds buffer length
GetLength - value exceeds buffer length
GetLength - bad index on input
RNG_HEALTH_TEST_CHECK_SIZE = 128
sizeof(seedB_data)         = 128
wc_SignatureGetSize: Invalid RsaKey key size
mp_to_unsigned_bin_len_ct...
mp_to_unsigned_bin_len_ct...
mp_to_unsigned_bin_len_ct...
mp_to_unsigned_bin_len_ct...
mp_to_unsigned_bin_len_ct...
mp_to_unsigned_bin_len_ct...
mp_to_unsigned_bin_len_ct...
mp_to_unsigned_bin_len_ct...
mp_to_unsigned_bin_len_ct...
RSA Signature Verify failed!
mp_to_unsigned_bin_len_ct...
mp_to_unsigned_bin_len_ct...
mp_to_unsigned_bin_len_ct...
mp_to_unsigned_bin_len_ct...
mp_to_unsigned_bin_len_ct...
mp_to_unsigned_bin_len_ct...
mp_to_unsigned_bin_len_ct...
mp_to_unsigned_bin_len_ct...
mp_to_unsigned_bin_len_ct...
mp_to_unsigned_bin_len_ct...
mp_to_unsigned_bin_len_ct...
wolfSSL Using RSA OAEP padding
mp_to_unsigned_bin_len_ct...
mp_to_unsigned_bin_len_ct...
wolfSSL Using RSA OAEP un-padding
wolfSSL Using RSA OAEP padding
mp_to_unsigned_bin_len_ct...
mp_to_unsigned_bin_len_ct...
wolfSSL Using RSA OAEP un-padding
mp_to_unsigned_bin_len_ct...
wolfSSL Using RSA OAEP un-padding
wolfSSL Using RSA OAEP padding
mp_to_unsigned_bin_len_ct...
mp_to_unsigned_bin_len_ct...
wolfSSL Using RSA OAEP un-padding
wolfSSL Using RSA OAEP padding
mp_to_unsigned_bin_len_ct...
mp_to_unsigned_bin_len_ct...
wolfSSL Using RSA OAEP un-padding
wolfSSL Using RSA OAEP padding
mp_to_unsigned_bin_len_ct...
mp_to_unsigned_bin_len_ct...
wolfSSL Using RSA OAEP un-padding
wolfSSL Using RSA OAEP padding
mp_to_unsigned_bin_len_ct...
mp_to_unsigned_bin_len_ct...
wolfSSL Using RSA OAEP un-padding
mp_to_unsigned_bin_len_ct...
mp_to_unsigned_bin_len_ct...
Doing RSA consistency test
mp_to_unsigned_bin_len_ct...
mp_to_unsigned_bin_len_ct...
RNG_HEALTH_TEST_CHECK_SIZE = 128
sizeof(seedB_data)         = 128
Doing RSA consistency test
mp_to_unsigned_bin_len_ct...
mp_to_unsigned_bin_len_ct...
RSA      test passed!
wolfSSL Entering dh_test
RNG_HEALTH_TEST_CHECK_SIZE = 128
sizeof(seedB_data)         = 128
wolfSSL Entering wc_DhKeyToDer
wolfSSL Entering wc_DhKeyToDer
DH Public Key Set
DH       test passed!
wolfSSL Entering pwdbased_test
wolfSSL Entering pbkdf1_test
wolfSSL Entering pbkdf2_test
WARNING: Iteration < 1,000, see SP800-132 section 5.2
wolfSSL Entering pkcs12_pbkdf_test
PWDBASED test passed!
wolfSSL Entering pkcs12_test
wolfSSL Entering wc_PKCS12_create
RNG_HEALTH_TEST_CHECK_SIZE = 128
sizeof(seedB_data)         = 128
creating PKCS12 Shrouded Key Bag
wolfSSL Entering wc_CreatePKCS8Key
Checking size of PKCS8
wolfSSL Entering wc_CreatePKCS8Key
wolfSSL Entering wc_EncryptPKCS8Key
creating PKCS12 Shrouded Key Bag
wolfSSL Entering wc_CreatePKCS8Key
Checking size of PKCS8
wolfSSL Entering wc_CreatePKCS8Key
wolfSSL Entering wc_EncryptPKCS8Key
creating PKCS12 Shrouded Key Bag
wolfSSL Entering wc_CreatePKCS8Key
Checking size of PKCS8
wolfSSL Entering wc_CreatePKCS8Key
wolfSSL Entering wc_EncryptPKCS8Key
wolfSSL Entering wc_CryptKey
wolfSSL Leaving wc_EncryptPKCS8Key, return 1261
encrypting PKCS12 content
encrypting PKCS12 content
encrypting PKCS12 content
wolfSSL Entering EncryptContent
encrypting PKCS12 content
wolfSSL Entering EncryptContent
wolfSSL Entering EncryptContent
wolfSSL Entering wc_CryptKey
encrypting PKCS12 content
encrypting PKCS12 content
wolfSSL Entering GetObjectId
Found PKCS12 OBJECT: DATA
wolfSSL Entering GetObjectId
wolfSSL Entering GetObjectId
wolfSSL Entering wolfSSL_d2i_PKCS12
wolfSSL Entering GetObjectId
Found PKCS12 OBJECT: DATA
wolfSSL Entering GetObjectId
wolfSSL Entering GetObjectId
wolfSSL Entering GetAlgoId
wolfSSL Entering wc_PKCS12_parse
Parsing PKCS12 DATA Content Info Container
wolfSSL Entering GetObjectId
PKCS12 Shrouded Key Bag found
wolfSSL Entering DecryptContent
wolfSSL Entering wc_CryptKey
Done Parsing PKCS12 Content Info Container
Decrypting PKCS12 Content Info Container
wolfSSL Entering GetObjectId
wolfSSL Entering DecryptContent
wolfSSL Entering wc_CryptKey
wolfSSL Entering GetObjectId
PKCS12 Cert Bag found
wolfSSL Entering GetObjectId
PKCS12 cert bag type 1
wolfSSL Entering GetObjectId
PKCS12 Cert Bag found
wolfSSL Entering GetObjectId
PKCS12 cert bag type 1
Pushing new cert onto queue
Done Parsing PKCS12 Content Info Container
Getting Cert Name
wolfSSL Entering wolfSSL_X509_NAME_new_ex
wolfSSL Entering wolfSSL_X509_NAME_add_entry_by_NID
Found place for name entry
wolfSSL Entering wolfSSL_sk_X509_NAME_new
wolfSSL Entering wolfSSL_sk_new_node
wolfSSL Entering wolfSSL_sk_push
wolfSSL Entering wolfSSL_sk_insert
wolfSSL Entering wolfSSL_X509_NAME_ENTRY_free
wolfSSL Entering wolfSSL_X509_NAME_add_entry_by_NID
Found place for name entry
wolfSSL Entering wolfSSL_sk_push
wolfSSL Entering wolfSSL_sk_insert
wolfSSL Entering wolfSSL_sk_new_node
wolfSSL Entering wolfSSL_X509_NAME_ENTRY_free
wolfSSL Entering wolfSSL_X509_NAME_add_entry_by_NID
Found place for name entry
wolfSSL Entering wolfSSL_sk_push
wolfSSL Entering wolfSSL_sk_insert
wolfSSL Entering wolfSSL_sk_new_node
wolfSSL Entering wolfSSL_X509_NAME_ENTRY_free
wolfSSL Entering wolfSSL_X509_NAME_add_entry_by_NID
Found place for name entry
wolfSSL Entering wolfSSL_sk_push
wolfSSL Entering wolfSSL_sk_insert
wolfSSL Entering wolfSSL_sk_new_node
wolfSSL Entering wolfSSL_X509_NAME_ENTRY_free
wolfSSL Entering wolfSSL_X509_NAME_add_entry_by_NID
Found place for name entry
wolfSSL Entering wolfSSL_sk_push
wolfSSL Entering wolfSSL_sk_insert
wolfSSL Entering wolfSSL_sk_new_node
wolfSSL Entering wolfSSL_X509_NAME_ENTRY_free
wolfSSL Entering wolfSSL_X509_NAME_add_entry_by_NID
Found place for name entry
wolfSSL Entering wolfSSL_sk_push
wolfSSL Entering wolfSSL_sk_insert
wolfSSL Entering wolfSSL_sk_new_node
wolfSSL Entering wolfSSL_X509_NAME_ENTRY_free
Unknown encoding type, default UTF8
wolfSSL Entering wolfSSL_X509_NAME_add_entry_by_NID
Found place for name entry
wolfSSL Entering wolfSSL_sk_push
wolfSSL Entering wolfSSL_sk_insert
wolfSSL Entering wolfSSL_sk_new_node
wolfSSL Entering wolfSSL_X509_NAME_ENTRY_free
Getting Cert Name
wolfSSL Entering wolfSSL_X509_NAME_new_ex
wolfSSL Entering wolfSSL_X509_NAME_add_entry_by_NID
Found place for name entry
wolfSSL Entering wolfSSL_sk_X509_NAME_new
wolfSSL Entering wolfSSL_sk_new_node
wolfSSL Entering wolfSSL_sk_push
wolfSSL Entering wolfSSL_sk_insert
wolfSSL Entering wolfSSL_X509_NAME_ENTRY_free
wolfSSL Entering wolfSSL_X509_NAME_add_entry_by_NID
Found place for name entry
wolfSSL Entering wolfSSL_sk_push
wolfSSL Entering wolfSSL_sk_insert
wolfSSL Entering wolfSSL_sk_new_node
wolfSSL Entering wolfSSL_X509_NAME_ENTRY_free
wolfSSL Entering wolfSSL_X509_NAME_add_entry_by_NID
Found place for name entry
wolfSSL Entering wolfSSL_sk_push
wolfSSL Entering wolfSSL_sk_insert
wolfSSL Entering wolfSSL_sk_new_node
wolfSSL Entering wolfSSL_X509_NAME_ENTRY_free
wolfSSL Entering wolfSSL_X509_NAME_add_entry_by_NID
Found place for name entry
wolfSSL Entering wolfSSL_sk_push
wolfSSL Entering wolfSSL_sk_insert
wolfSSL Entering wolfSSL_sk_new_node
wolfSSL Entering wolfSSL_X509_NAME_ENTRY_free
wolfSSL Entering wolfSSL_X509_NAME_add_entry_by_NID
Found place for name entry
wolfSSL Entering wolfSSL_sk_push
wolfSSL Entering wolfSSL_sk_insert
wolfSSL Entering wolfSSL_sk_new_node
wolfSSL Entering wolfSSL_X509_NAME_ENTRY_free
wolfSSL Entering wolfSSL_X509_NAME_add_entry_by_NID
Found place for name entry
wolfSSL Entering wolfSSL_sk_push
wolfSSL Entering wolfSSL_sk_insert
wolfSSL Entering wolfSSL_sk_new_node
wolfSSL Entering wolfSSL_X509_NAME_ENTRY_free
Unknown encoding type, default UTF8
wolfSSL Entering wolfSSL_X509_NAME_add_entry_by_NID
Found place for name entry
wolfSSL Entering wolfSSL_sk_push
wolfSSL Entering wolfSSL_sk_insert
wolfSSL Entering wolfSSL_sk_new_node
wolfSSL Entering wolfSSL_X509_NAME_ENTRY_free
wolfSSL Entering GetAlgoId
wolfSSL Entering DecodeCertExtensions
wolfSSL Entering DecodeSubjKeyId
wolfSSL Entering DecodeAuthKeyId
wolfSSL Entering DecodeBasicCaConstraint
wolfSSL Entering DecodeAltNames
wolfSSL Entering DecodeExtKeyUsage
Checking RSA key pair
Key Pair found
wolfSSL Entering wolfSSL_X509_NAME_free
wolfSSL Entering wolfSSL_sk_free
wolfSSL Entering wolfSSL_X509_NAME_free
wolfSSL Entering wolfSSL_sk_free
PKCS12   test passed!
wolfSSL Entering openssl_test
wolfSSL Entering EVP_CIPHER_MD_CTX_init
wolfSSL Entering EVP_sha1
wolfSSL Entering EVP_DigestInit
wolfSSL Entering EVP_CIPHER_MD_CTX_init
wolfSSL Entering SHA_Init
wolfSSL Entering EVP_DigestUpdate
wolfSSL Entering EVP_MD_CTX_md
wolfSSL Entering SHA_Update
wolfSSL Entering EVP_DigestFinal
wolfSSL Entering EVP_MD_CTX_md
wolfSSL Entering SHA_Final
wolfSSL Entering wolfSSL_EVP_MD_CTX_cleanup
wolfSSL Entering EVP_CIPHER_MD_CTX_init
wolfSSL Entering EVP_sha224
wolfSSL Entering EVP_DigestInit
wolfSSL Entering EVP_CIPHER_MD_CTX_init
wolfSSL Entering SHA224_Init
wolfSSL Entering EVP_DigestUpdate
wolfSSL Entering EVP_MD_CTX_md
wolfSSL Entering SHA224_Update
wolfSSL Entering EVP_DigestFinal
wolfSSL Entering EVP_MD_CTX_md
wolfSSL Entering SHA224_Final
wolfSSL Entering wolfSSL_EVP_MD_CTX_cleanup
wolfSSL Entering EVP_CIPHER_MD_CTX_init
wolfSSL Entering EVP_sha256
wolfSSL Entering EVP_DigestInit
wolfSSL Entering EVP_CIPHER_MD_CTX_init
wolfSSL Entering SHA256_Init
wolfSSL Entering EVP_DigestUpdate
wolfSSL Entering EVP_MD_CTX_md
wolfSSL Entering SHA256_Update
wolfSSL Entering EVP_DigestFinal
wolfSSL Entering EVP_MD_CTX_md
wolfSSL Entering SHA256_Final
wolfSSL Entering wolfSSL_EVP_MD_CTX_cleanup
wolfSSL Entering EVP_CIPHER_MD_CTX_init
wolfSSL Entering EVP_sha384
wolfSSL Entering EVP_DigestInit
wolfSSL Entering EVP_CIPHER_MD_CTX_init
wolfSSL Entering SHA384_Init
wolfSSL Entering EVP_DigestUpdate
wolfSSL Entering EVP_MD_CTX_md
wolfSSL Entering SHA384_Update
wolfSSL Entering EVP_DigestFinal
wolfSSL Entering EVP_MD_CTX_md
wolfSSL Entering SHA384_Final
wolfSSL Entering wolfSSL_EVP_MD_CTX_cleanup
wolfSSL Entering EVP_CIPHER_MD_CTX_init
wolfSSL Entering EVP_sha512
wolfSSL Entering EVP_DigestInit
wolfSSL Entering EVP_CIPHER_MD_CTX_init
wolfSSL Entering SHA512_Init
wolfSSL Entering EVP_DigestUpdate
wolfSSL Entering EVP_MD_CTX_md
wolfSSL Entering SHA512_Update
wolfSSL Entering EVP_DigestFinal
wolfSSL Entering EVP_MD_CTX_md
wolfSSL Entering SHA512_Final
wolfSSL Entering wolfSSL_EVP_MD_CTX_cleanup
wolfSSL Entering EVP_CIPHER_MD_CTX_init
wolfSSL Entering EVP_sha3_224
wolfSSL Entering EVP_DigestInit
wolfSSL Entering EVP_CIPHER_MD_CTX_init
wolfSSL Entering SHA3_224_Init
wolfSSL Entering EVP_DigestUpdate
wolfSSL Entering EVP_MD_CTX_md
wolfSSL Entering SHA3_224_Update
wolfSSL Entering EVP_DigestFinal
wolfSSL Entering EVP_MD_CTX_md
wolfSSL Entering SHA3_224_Final
wolfSSL Entering wolfSSL_EVP_MD_CTX_cleanup
wolfSSL Entering EVP_CIPHER_MD_CTX_init
wolfSSL Entering EVP_sha3_256
wolfSSL Entering EVP_DigestInit
wolfSSL Entering EVP_CIPHER_MD_CTX_init
wolfSSL Entering SHA3_256_Init
wolfSSL Entering EVP_DigestUpdate
wolfSSL Entering EVP_MD_CTX_md
wolfSSL Entering SHA3_256_Update
wolfSSL Entering EVP_DigestFinal
wolfSSL Entering EVP_MD_CTX_md
wolfSSL Entering SHA3_256_Final
wolfSSL Entering wolfSSL_EVP_MD_CTX_cleanup
wolfSSL Entering EVP_CIPHER_MD_CTX_init
wolfSSL Entering EVP_sha3_384
wolfSSL Entering EVP_DigestInit
wolfSSL Entering EVP_CIPHER_MD_CTX_init
wolfSSL Entering SHA3_384_Init
wolfSSL Entering EVP_DigestUpdate
wolfSSL Entering EVP_MD_CTX_md
wolfSSL Entering SHA3_384_Update
wolfSSL Entering EVP_DigestFinal
wolfSSL Entering EVP_MD_CTX_md
wolfSSL Entering SHA3_384_Final
wolfSSL Entering wolfSSL_EVP_MD_CTX_cleanup
wolfSSL Entering EVP_CIPHER_MD_CTX_init
wolfSSL Entering EVP_sha3_512
wolfSSL Entering EVP_DigestInit
wolfSSL Entering EVP_CIPHER_MD_CTX_init
wolfSSL Entering SHA3_512_Init
wolfSSL Entering EVP_DigestUpdate
wolfSSL Entering EVP_MD_CTX_md
wolfSSL Entering SHA3_512_Update
wolfSSL Entering EVP_DigestFinal
wolfSSL Entering EVP_MD_CTX_md
wolfSSL Entering SHA3_512_Final
wolfSSL Entering wolfSSL_EVP_MD_CTX_cleanup
wolfSSL Entering wolfSSL_RAND_bytes
RNG_HEALTH_TEST_CHECK_SIZE = 128
sizeof(seedB_data)         = 128
wolfSSL Entering wolfSSL_DES_key_sched
wolfSSL Entering wolfSSL_DES_cbc_encrypt
wolfSSL Entering wolfSSL_DES_cbc_encrypt
wolfSSL Entering wolfSSL_DES_ncbc_encrypt
wolfSSL Entering wolfSSL_DES_cbc_encrypt
wolfSSL Entering wolfSSL_DES_ncbc_encrypt
wolfSSL Entering wolfSSL_DES_cbc_encrypt
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_init
wolfSSL Entering wolfSSL_EVP_aes_128_cbc
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_128_CBC
wolfSSL Entering wolfSSL_StoreExternalIV
AES CBC
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherFinal
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_128_CBC
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_cleanup
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_init
wolfSSL Entering wolfSSL_EVP_aes_128_cbc
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_128_CBC
wolfSSL Entering wolfSSL_StoreExternalIV
AES CBC
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherFinal
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_128_CBC
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_cleanup
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_init
wolfSSL Entering wolfSSL_EVP_aes_128_cbc
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_128_CBC
wolfSSL Entering wolfSSL_StoreExternalIV
AES CBC
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherFinal
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_128_CBC
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_cleanup
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_init
wolfSSL Entering wolfSSL_EVP_aes_128_cbc
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_128_CBC
wolfSSL Entering wolfSSL_StoreExternalIV
AES CBC
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherFinal
Final Cipher Block not enough padding
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherFinal
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_128_CBC
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_cleanup
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_init
wolfSSL Entering wolfSSL_EVP_aes_128_cbc
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_128_CBC
wolfSSL Entering wolfSSL_StoreExternalIV
AES CBC
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherFinal
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_128_CBC
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_cleanup
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_init
wolfSSL Entering wolfSSL_EVP_aes_128_cbc
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_128_CBC
wolfSSL Entering wolfSSL_StoreExternalIV
AES CBC
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherFinal
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_128_CBC
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_cleanup
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_init
wolfSSL Entering wolfSSL_EVP_aes_128_cbc
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_128_CBC
wolfSSL Entering wolfSSL_StoreExternalIV
AES CBC
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherFinal
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_cleanup
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_init
wolfSSL Entering wolfSSL_EVP_aes_128_cbc
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_128_CBC
wolfSSL Entering wolfSSL_StoreExternalIV
AES CBC
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherFinal
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_128_CBC
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_cleanup
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_init
wolfSSL Entering wolfSSL_EVP_aes_128_cbc
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_128_CBC
wolfSSL Entering wolfSSL_StoreExternalIV
AES CBC
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherFinal
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_cleanup
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_init
wolfSSL Entering wolfSSL_EVP_aes_128_cbc
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_128_CBC
wolfSSL Entering wolfSSL_StoreExternalIV
AES CBC
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherFinal
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_128_CBC
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_cleanup
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_init
wolfSSL Entering wolfSSL_EVP_aes_128_cbc
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_128_CBC
wolfSSL Entering wolfSSL_StoreExternalIV
AES CBC
wolfSSL Entering wolfSSL_EVP_Cipher
AES CBC
wolfSSL Entering wolfSSL_StoreExternalIV
AES CBC
wolfSSL_EVP_Cipher success
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_cleanup
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_init
wolfSSL Entering wolfSSL_EVP_aes_128_cbc
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_128_CBC
wolfSSL Entering wolfSSL_StoreExternalIV
AES CBC
wolfSSL Entering wolfSSL_EVP_Cipher
AES CBC
wolfSSL Entering wolfSSL_StoreExternalIV
AES CBC
wolfSSL_EVP_Cipher success
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_cleanup
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_init
wolfSSL Entering wolfSSL_EVP_aes_256_ecb
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_256_ECB
wolfSSL Entering wolfSSL_EVP_Cipher
AES ECB
wolfSSL Entering wolfSSL_StoreExternalIV
AES ECB
wolfSSL_EVP_Cipher success
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_init
wolfSSL Entering wolfSSL_EVP_aes_256_ecb
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_256_ECB
wolfSSL Entering wolfSSL_EVP_Cipher
AES ECB
wolfSSL Entering wolfSSL_StoreExternalIV
AES ECB
wolfSSL_EVP_Cipher success
wolfSSL Entering wolfSSL_AES_set_encrypt_key
wolfSSL Entering wolfSSL_AES_set_decrypt_key
wolfSSL Entering wolfSSL_AES_encrypt
wolfSSL Entering wolfSSL_AES_decrypt
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_init
wolfSSL Entering wolfSSL_EVP_aes_128_ctr
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_128_CTR
wolfSSL Entering wolfSSL_StoreExternalIV
AES CTR
wolfSSL Entering wolfSSL_EVP_Cipher
AES CTR
wolfSSL Entering wolfSSL_StoreExternalIV
AES CTR
wolfSSL_EVP_Cipher success
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_init
wolfSSL Entering wolfSSL_EVP_aes_128_ctr
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_128_CTR
wolfSSL Entering wolfSSL_StoreExternalIV
AES CTR
wolfSSL Entering wolfSSL_EVP_Cipher
AES CTR
wolfSSL Entering wolfSSL_StoreExternalIV
AES CTR
wolfSSL_EVP_Cipher success
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_cleanup
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_cleanup
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_init
wolfSSL Entering wolfSSL_EVP_aes_128_ctr
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_128_CTR
wolfSSL Entering wolfSSL_StoreExternalIV
AES CTR
wolfSSL Entering wolfSSL_EVP_Cipher
AES CTR
wolfSSL Entering wolfSSL_StoreExternalIV
AES CTR
wolfSSL_EVP_Cipher success
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_init
wolfSSL Entering wolfSSL_EVP_aes_128_ctr
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_128_CTR
wolfSSL Entering wolfSSL_StoreExternalIV
AES CTR
wolfSSL Entering wolfSSL_EVP_Cipher
AES CTR
wolfSSL Entering wolfSSL_StoreExternalIV
AES CTR
wolfSSL_EVP_Cipher success
wolfSSL Entering wolfSSL_EVP_Cipher
AES CTR
wolfSSL Entering wolfSSL_StoreExternalIV
AES CTR
wolfSSL_EVP_Cipher success
wolfSSL Entering wolfSSL_EVP_Cipher
AES CTR
wolfSSL Entering wolfSSL_StoreExternalIV
AES CTR
wolfSSL_EVP_Cipher success
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_cleanup
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_cleanup
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_init
wolfSSL Entering wolfSSL_EVP_aes_192_ctr
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_192_CTR
wolfSSL Entering wolfSSL_StoreExternalIV
AES CTR
wolfSSL Entering wolfSSL_EVP_Cipher
AES CTR
wolfSSL Entering wolfSSL_StoreExternalIV
AES CTR
wolfSSL_EVP_Cipher success
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_init
wolfSSL Entering wolfSSL_EVP_aes_192_ctr
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_192_CTR
wolfSSL Entering wolfSSL_StoreExternalIV
AES CTR
wolfSSL Entering wolfSSL_EVP_Cipher
AES CTR
wolfSSL Entering wolfSSL_StoreExternalIV
AES CTR
wolfSSL_EVP_Cipher success
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_cleanup
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_cleanup
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_init
wolfSSL Entering wolfSSL_EVP_aes_256_ctr
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_256_CTR
wolfSSL Entering wolfSSL_StoreExternalIV
AES CTR
wolfSSL Entering wolfSSL_EVP_Cipher
AES CTR
wolfSSL Entering wolfSSL_StoreExternalIV
AES CTR
wolfSSL_EVP_Cipher success
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_init
wolfSSL Entering wolfSSL_EVP_aes_256_ctr
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_256_CTR
wolfSSL Entering wolfSSL_StoreExternalIV
AES CTR
wolfSSL Entering wolfSSL_EVP_Cipher
AES CTR
wolfSSL Entering wolfSSL_StoreExternalIV
AES CTR
wolfSSL_EVP_Cipher success
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_cleanup
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_cleanup
wolfSSL Entering wolfSSL_AES_set_encrypt_key
wolfSSL Entering wolfSSL_AES_set_encrypt_key
wolfSSL Entering wolfSSL_AES_cfb_encrypt
wolfSSL Entering wolfSSL_AES_cfb_encrypt
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_init
wolfSSL Entering wolfSSL_EVP_aes_128_cbc
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_128_CBC
wolfSSL Entering wolfSSL_StoreExternalIV
AES CBC
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherFinal
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_128_CBC
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_cleanup
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_init
wolfSSL Entering wolfSSL_EVP_aes_128_cbc
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_128_CBC
wolfSSL Entering wolfSSL_StoreExternalIV
AES CBC
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherFinal
Final Cipher Block not enough padding
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_cleanup
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_init
wolfSSL Entering wolfSSL_EVP_aes_128_cbc
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_128_CBC
wolfSSL Entering wolfSSL_StoreExternalIV
AES CBC
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherFinal
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_128_CBC
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_cleanup
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_init
wolfSSL Entering wolfSSL_EVP_aes_128_cbc
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_128_CBC
wolfSSL Entering wolfSSL_StoreExternalIV
AES CBC
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherFinal
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_128_CBC
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_cleanup
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_init
wolfSSL Entering wolfSSL_EVP_aes_256_ecb
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_256_ECB
wolfSSL Entering wolfSSL_EVP_Cipher
AES ECB
wolfSSL Entering wolfSSL_StoreExternalIV
AES ECB
wolfSSL_EVP_Cipher success
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_cleanup
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_init
wolfSSL Entering wolfSSL_EVP_aes_256_ecb
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_256_ECB
wolfSSL Entering wolfSSL_EVP_Cipher
AES ECB
wolfSSL Entering wolfSSL_StoreExternalIV
AES ECB
wolfSSL_EVP_Cipher success
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_cleanup
openSSL extra test
wolfSSL Entering wolfSSL_AES_set_encrypt_key
wolfSSL Entering wolfSSL_AES_set_decrypt_key
wolfSSL Entering wolfSSL_AES_encrypt
wolfSSL Entering wolfSSL_AES_decrypt
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_init
wolfSSL Entering wolfSSL_EVP_aes_128_ctr
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_128_CTR
wolfSSL Entering wolfSSL_StoreExternalIV
AES CTR
wolfSSL Entering wolfSSL_EVP_Cipher
AES CTR
wolfSSL Entering wolfSSL_StoreExternalIV
AES CTR
wolfSSL_EVP_Cipher success
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_init
wolfSSL Entering wolfSSL_EVP_aes_128_ctr
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_128_CTR
wolfSSL Entering wolfSSL_StoreExternalIV
AES CTR
wolfSSL Entering wolfSSL_EVP_Cipher
AES CTR
wolfSSL Entering wolfSSL_StoreExternalIV
AES CTR
wolfSSL_EVP_Cipher success
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_cleanup
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_cleanup
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_init
wolfSSL Entering wolfSSL_EVP_aes_128_ctr
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_128_CTR
wolfSSL Entering wolfSSL_StoreExternalIV
AES CTR
wolfSSL Entering wolfSSL_EVP_Cipher
AES CTR
wolfSSL Entering wolfSSL_StoreExternalIV
AES CTR
wolfSSL_EVP_Cipher success
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_init
wolfSSL Entering wolfSSL_EVP_aes_128_ctr
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_128_CTR
wolfSSL Entering wolfSSL_StoreExternalIV
AES CTR
wolfSSL Entering wolfSSL_EVP_Cipher
AES CTR
wolfSSL Entering wolfSSL_StoreExternalIV
AES CTR
wolfSSL_EVP_Cipher success
wolfSSL Entering wolfSSL_EVP_Cipher
AES CTR
wolfSSL Entering wolfSSL_StoreExternalIV
AES CTR
wolfSSL_EVP_Cipher success
wolfSSL Entering wolfSSL_EVP_Cipher
AES CTR
wolfSSL Entering wolfSSL_StoreExternalIV
AES CTR
wolfSSL_EVP_Cipher success
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_cleanup
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_cleanup
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_init
wolfSSL Entering wolfSSL_EVP_aes_192_ctr
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_192_CTR
wolfSSL Entering wolfSSL_StoreExternalIV
AES CTR
wolfSSL Entering wolfSSL_EVP_Cipher
AES CTR
wolfSSL Entering wolfSSL_StoreExternalIV
AES CTR
wolfSSL_EVP_Cipher success
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_init
wolfSSL Entering wolfSSL_EVP_aes_192_ctr
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_192_CTR
wolfSSL Entering wolfSSL_StoreExternalIV
AES CTR
wolfSSL Entering wolfSSL_EVP_Cipher
AES CTR
wolfSSL Entering wolfSSL_StoreExternalIV
AES CTR
wolfSSL_EVP_Cipher success
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_cleanup
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_cleanup
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_init
wolfSSL Entering wolfSSL_EVP_aes_256_ctr
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_256_CTR
wolfSSL Entering wolfSSL_StoreExternalIV
AES CTR
wolfSSL Entering wolfSSL_EVP_Cipher
AES CTR
wolfSSL Entering wolfSSL_StoreExternalIV
AES CTR
wolfSSL_EVP_Cipher success
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_init
wolfSSL Entering wolfSSL_EVP_aes_256_ctr
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_256_CTR
wolfSSL Entering wolfSSL_StoreExternalIV
AES CTR
wolfSSL Entering wolfSSL_EVP_Cipher
AES CTR
wolfSSL Entering wolfSSL_StoreExternalIV
AES CTR
wolfSSL_EVP_Cipher success
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_cleanup
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_cleanup
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_init
wolfSSL Entering wolfSSL_EVP_aes_128_cbc
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_128_CBC
wolfSSL Entering wolfSSL_StoreExternalIV
AES CBC
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_cleanup
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_init
wolfSSL Entering wolfSSL_EVP_aes_128_cbc
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_128_CBC
wolfSSL Entering wolfSSL_StoreExternalIV
AES CBC
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherFinal
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_128_CBC
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_init
wolfSSL Entering wolfSSL_EVP_aes_128_cbc
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_128_CBC
wolfSSL Entering wolfSSL_StoreExternalIV
AES CBC
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherFinal
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_128_CBC
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_cleanup
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_init
wolfSSL Entering wolfSSL_EVP_aes_128_cbc
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_128_CBC
wolfSSL Entering wolfSSL_StoreExternalIV
AES CBC
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherFinal
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_128_CBC
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_cleanup
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_init
wolfSSL Entering wolfSSL_EVP_aes_128_cbc
wolfSSL Entering wolfSSL_EVP_CipherInit
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_128_CBC
wolfSSL Entering wolfSSL_StoreExternalIV
AES CBC
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherUpdate
wolfSSL Entering wolfSSL_EVP_CipherFinal
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_128_CBC
wolfSSL Entering wolfSSL_EVP_Cipher_key_length
wolfSSL Entering wolfSSL_EVP_aes_128_cbc
wolfSSL Entering wolfSSL_EVP_Cipher_key_length
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_cleanup
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_init
wolfSSL Entering wolfSSL_EVP_aes_128_cbc
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_128_CBC
wolfSSL Entering wolfSSL_StoreExternalIV
AES CBC
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_cleanup
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_init
wolfSSL Entering wolfSSL_EVP_aes_128_cbc
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_128_CBC
wolfSSL Entering wolfSSL_StoreExternalIV
AES CBC
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_cleanup
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_cleanup
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_init
wolfSSL Entering wolfSSL_EVP_aes_128_cbc
wolfSSL Entering wolfSSL_EVP_DecryptInit
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_128_CBC
wolfSSL Entering wolfSSL_StoreExternalIV
AES CBC
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_cleanup
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_init
wolfSSL Entering wolfSSL_EVP_aes_128_cbc
wolfSSL Entering wolfSSL_EVP_CipherInit
EVP_AES_128_CBC
wolfSSL Entering wolfSSL_StoreExternalIV
AES CBC
wolfSSL Entering wolfSSL_EVP_aes_128_cbc
wolfSSL Entering wolfSSL_EVP_aes_128_cbc
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_cleanup
wolfSSL Entering wolfSSL_EVP_CIPHER_CTX_cleanup
OPENSSL  test passed!
wolfSSL Entering openSSL_evpMD_test
wolfSSL Entering EVP_MD_CTX_new
wolfSSL Entering EVP_CIPHER_MD_CTX_init
wolfSSL Entering EVP_MD_CTX_new
wolfSSL Entering EVP_CIPHER_MD_CTX_init
wolfSSL Entering EVP_sha256
wolfSSL Entering EVP_DigestInit
wolfSSL Entering EVP_CIPHER_MD_CTX_init
wolfSSL Entering SHA256_Init
wolfSSL Entering EVP_CIPHER_MD_CTX_copy_ex
wolfSSL Entering wolfSSL_EVP_MD_CTX_cleanup
wolfSSL Entering EVP_sha256
wolfSSL Entering EVP_MD_type
wolfSSL Entering EVP_MD_CTX_type
wolfSSL Entering EVP_sha1
wolfSSL Entering EVP_DigestInit
wolfSSL Entering EVP_CIPHER_MD_CTX_init
wolfSSL Entering SHA_Init
wolfSSL Entering EVP_sha256
wolfSSL Entering EVP_MD_type
wolfSSL Entering EVP_MD_CTX_type
wolfSSL Entering EVP_CIPHER_MD_CTX_copy_ex
wolfSSL Entering wolfSSL_EVP_MD_CTX_cleanup
wolfSSL Entering EVP_sha256
wolfSSL Entering EVP_MD_type
wolfSSL Entering EVP_MD_CTX_type
wolfSSL Entering EVP_sha1
wolfSSL Entering EVP_MD_type
wolfSSL Entering EVP_MD_CTX_type
wolfSSL Entering EVP_sha1
wolfSSL Entering wolfSSL_EVP_DigestInit_ex
wolfSSL Entering EVP_DigestInit
wolfSSL Entering EVP_CIPHER_MD_CTX_init
wolfSSL Entering SHA_Init
wolfSSL Entering EVP_MD_CTX_free
wolfSSL Entering wolfSSL_EVP_MD_CTX_cleanup
wolfSSL Entering EVP_MD_CTX_free
wolfSSL Entering wolfSSL_EVP_MD_CTX_cleanup
OPENSSL (EVP MD) passed!
wolfSSL Entering openssl_pkey0_test
wolfSSL Entering wolfSSL_RSA_new
wolfSSL Entering wolfSSL_RSA_new
wolfSSL Entering wolfSSL_RSA_LoadDer
wolfSSL Entering SetRsaExternal
wolfSSL Entering wolfSSL_RSA_LoadDer
wolfSSL Entering SetRsaExternal
wolfSSL Entering wolfSSL_RSA_size
wolfSSL Entering wolfSSL_EVP_PKEY_new_ex
RNG_HEALTH_TEST_CHECK_SIZE = 128
sizeof(seedB_data)         = 128
wolfSSL Entering wolfSSL_EVP_PKEY_new_ex
RNG_HEALTH_TEST_CHECK_SIZE = 128
sizeof(seedB_data)         = 128
wolfSSL Entering wolfSSL_EVP_PKEY_set1_RSA
wolfSSL Entering clearEVPPkeyKeys
wolfSSL Entering wolfSSL_EVP_PKEY_set1_RSA
wolfSSL Entering clearEVPPkeyKeys
wolfSSL Entering wolfSSL_EVP_PKEY_CTX_new
wolfSSL Entering wolfSSL_EVP_PKEY_CTX_new
wolfSSL Entering wolfSSL_EVP_PKEY_decrypt_init
wolfSSL Entering wolfSSL_EVP_PKEY_encrypt_init
wolfSSL Entering wolfSSL_EVP_PKEY_encrypt
wolfSSL Entering wolfSSL_RSA_public_encrypt
wolfSSL Entering wolfSSL_RSA_size
RNG_HEALTH_TEST_CHECK_SIZE = 128
sizeof(seedB_data)         = 128
mp_to_unsigned_bin_len_ct...
wolfSSL Leaving wolfSSL_RSA_public_encrypt, return 256
wolfSSL Entering wolfSSL_EVP_PKEY_decrypt
wolfSSL Entering wolfSSL_RSA_private_decrypt
wolfSSL Entering wolfSSL_RSA_size
mp_to_unsigned_bin_len_ct...
wolfSSL Leaving wolfSSL_RSA_private_decrypt, return 26
wolfSSL Entering wolfSSL_EVP_PKEY_decrypt_init
wolfSSL Entering wolfSSL_EVP_PKEY_encrypt_init
wolfSSL Entering wolfSSL_EVP_PKEY_CTX_set_rsa_padding
wolfSSL Entering wolfSSL_EVP_PKEY_encrypt
wolfSSL Entering wolfSSL_RSA_public_encrypt
wolfSSL Entering wolfSSL_RSA_size
RNG_HEALTH_TEST_CHECK_SIZE = 128
sizeof(seedB_data)         = 128
mp_to_unsigned_bin_len_ct...
wolfSSL Leaving wolfSSL_RSA_public_encrypt, return 256
wolfSSL Entering wolfSSL_EVP_PKEY_decrypt
wolfSSL Entering wolfSSL_RSA_private_decrypt
wolfSSL Entering wolfSSL_RSA_size
mp_to_unsigned_bin_len_ct...
wolfSSL Leaving wolfSSL_RSA_private_decrypt, return 26
wolfSSL Entering wolfSSL_RSA_free
wolfSSL Entering wolfSSL_RSA_free
wolfSSL Entering wolfSSL_EVP_PKEY_free
wolfSSL Entering wolfSSL_EVP_PKEY_free
wolfSSL Entering wolfSSL_EVP_PKEY_CTX_free
wolfSSL Entering wolfSSL_EVP_PKEY_free
wolfSSL Entering wolfSSL_RSA_free
wolfSSL Entering wolfSSL_EVP_PKEY_CTX_free
wolfSSL Entering wolfSSL_EVP_PKEY_free
wolfSSL Entering wolfSSL_RSA_free
OPENSSL (PKEY0) passed!
wolfSSL Entering openssl_pkey1_test
wolfSSL Entering wolfSSL_X509_load_certificate_ex
Getting Cert Name
wolfSSL Entering wolfSSL_X509_NAME_new_ex
wolfSSL Entering wolfSSL_X509_NAME_add_entry_by_NID
Found place for name entry
wolfSSL Entering wolfSSL_sk_X509_NAME_new
wolfSSL Entering wolfSSL_sk_new_node
wolfSSL Entering wolfSSL_sk_push
wolfSSL Entering wolfSSL_sk_insert
wolfSSL Entering wolfSSL_X509_NAME_ENTRY_free
wolfSSL Entering wolfSSL_X509_NAME_add_entry_by_NID
Found place for name entry
wolfSSL Entering wolfSSL_sk_push
wolfSSL Entering wolfSSL_sk_insert
wolfSSL Entering wolfSSL_sk_new_node
wolfSSL Entering wolfSSL_X509_NAME_ENTRY_free
wolfSSL Entering wolfSSL_X509_NAME_add_entry_by_NID
Found place for name entry
wolfSSL Entering wolfSSL_sk_push
wolfSSL Entering wolfSSL_sk_insert
wolfSSL Entering wolfSSL_sk_new_node
wolfSSL Entering wolfSSL_X509_NAME_ENTRY_free
wolfSSL Entering wolfSSL_X509_NAME_add_entry_by_NID
Found place for name entry
wolfSSL Entering wolfSSL_sk_push
wolfSSL Entering wolfSSL_sk_insert
wolfSSL Entering wolfSSL_sk_new_node
wolfSSL Entering wolfSSL_X509_NAME_ENTRY_free
wolfSSL Entering wolfSSL_X509_NAME_add_entry_by_NID
Found place for name entry
wolfSSL Entering wolfSSL_sk_push
wolfSSL Entering wolfSSL_sk_insert
wolfSSL Entering wolfSSL_sk_new_node
wolfSSL Entering wolfSSL_X509_NAME_ENTRY_free
wolfSSL Entering wolfSSL_X509_NAME_add_entry_by_NID
Found place for name entry
wolfSSL Entering wolfSSL_sk_push
wolfSSL Entering wolfSSL_sk_insert
wolfSSL Entering wolfSSL_sk_new_node
wolfSSL Entering wolfSSL_X509_NAME_ENTRY_free
Unknown encoding type, default UTF8
wolfSSL Entering wolfSSL_X509_NAME_add_entry_by_NID
Found place for name entry
wolfSSL Entering wolfSSL_sk_push
wolfSSL Entering wolfSSL_sk_insert
wolfSSL Entering wolfSSL_sk_new_node
wolfSSL Entering wolfSSL_X509_NAME_ENTRY_free
Getting Cert Name
wolfSSL Entering wolfSSL_X509_NAME_new_ex
wolfSSL Entering wolfSSL_X509_NAME_add_entry_by_NID
Found place for name entry
wolfSSL Entering wolfSSL_sk_X509_NAME_new
wolfSSL Entering wolfSSL_sk_new_node
wolfSSL Entering wolfSSL_sk_push
wolfSSL Entering wolfSSL_sk_insert
wolfSSL Entering wolfSSL_X509_NAME_ENTRY_free
wolfSSL Entering wolfSSL_X509_NAME_add_entry_by_NID
Found place for name entry
wolfSSL Entering wolfSSL_sk_push
wolfSSL Entering wolfSSL_sk_insert
wolfSSL Entering wolfSSL_sk_new_node
wolfSSL Entering wolfSSL_X509_NAME_ENTRY_free
wolfSSL Entering wolfSSL_X509_NAME_add_entry_by_NID
Found place for name entry
wolfSSL Entering wolfSSL_sk_push
wolfSSL Entering wolfSSL_sk_insert
wolfSSL Entering wolfSSL_sk_new_node
wolfSSL Entering wolfSSL_X509_NAME_ENTRY_free
wolfSSL Entering wolfSSL_X509_NAME_add_entry_by_NID
Found place for name entry
wolfSSL Entering wolfSSL_sk_push
wolfSSL Entering wolfSSL_sk_insert
wolfSSL Entering wolfSSL_sk_new_node
wolfSSL Entering wolfSSL_X509_NAME_ENTRY_free
wolfSSL Entering wolfSSL_X509_NAME_add_entry_by_NID
Found place for name entry
wolfSSL Entering wolfSSL_sk_push
wolfSSL Entering wolfSSL_sk_insert
wolfSSL Entering wolfSSL_sk_new_node
wolfSSL Entering wolfSSL_X509_NAME_ENTRY_free
wolfSSL Entering wolfSSL_X509_NAME_add_entry_by_NID
Found place for name entry
wolfSSL Entering wolfSSL_sk_push
wolfSSL Entering wolfSSL_sk_insert
wolfSSL Entering wolfSSL_sk_new_node
wolfSSL Entering wolfSSL_X509_NAME_ENTRY_free
Unknown encoding type, default UTF8
wolfSSL Entering wolfSSL_X509_NAME_add_entry_by_NID
Found place for name entry
wolfSSL Entering wolfSSL_sk_push
wolfSSL Entering wolfSSL_sk_insert
wolfSSL Entering wolfSSL_sk_new_node
wolfSSL Entering wolfSSL_X509_NAME_ENTRY_free
wolfSSL Entering GetAlgoId
wolfSSL Entering DecodeCertExtensions
wolfSSL Entering DecodeSubjKeyId
wolfSSL Entering DecodeAuthKeyId
wolfSSL Entering DecodeBasicCaConstraint
wolfSSL Entering DecodeAltNames
wolfSSL Entering DecodeExtKeyUsage
wolfSSL Entering wolfSSL_X509_set_issuer_name
wolfSSL Entering wolfSSL_X509_NAME_copy
wolfSSL Entering wolfSSL_sk_X509_NAME_new
wolfSSL Entering wolfSSL_sk_new_node
wolfSSL Entering wolfSSL_sk_push
wolfSSL Entering wolfSSL_sk_insert
wolfSSL Entering wolfSSL_sk_push
wolfSSL Entering wolfSSL_sk_insert
wolfSSL Entering wolfSSL_sk_new_node
wolfSSL Entering wolfSSL_sk_push
wolfSSL Entering wolfSSL_sk_insert
wolfSSL Entering wolfSSL_sk_new_node
wolfSSL Entering wolfSSL_sk_push
wolfSSL Entering wolfSSL_sk_insert
wolfSSL Entering wolfSSL_sk_new_node
wolfSSL Entering wolfSSL_sk_push
wolfSSL Entering wolfSSL_sk_insert
wolfSSL Entering wolfSSL_sk_new_node
wolfSSL Entering wolfSSL_sk_push
wolfSSL Entering wolfSSL_sk_insert
wolfSSL Entering wolfSSL_sk_new_node
wolfSSL Entering wolfSSL_sk_push
wolfSSL Entering wolfSSL_sk_insert
wolfSSL Entering wolfSSL_sk_new_node
wolfSSL Entering wolfSSL_X509_set_subject_name
wolfSSL Entering wolfSSL_X509_NAME_copy
wolfSSL Entering wolfSSL_sk_X509_NAME_new
wolfSSL Entering wolfSSL_sk_new_node
wolfSSL Entering wolfSSL_sk_push
wolfSSL Entering wolfSSL_sk_insert
wolfSSL Entering wolfSSL_sk_push
wolfSSL Entering wolfSSL_sk_insert
wolfSSL Entering wolfSSL_sk_new_node
wolfSSL Entering wolfSSL_sk_push
wolfSSL Entering wolfSSL_sk_insert
wolfSSL Entering wolfSSL_sk_new_node
wolfSSL Entering wolfSSL_sk_push
wolfSSL Entering wolfSSL_sk_insert
wolfSSL Entering wolfSSL_sk_new_node
wolfSSL Entering wolfSSL_sk_push
wolfSSL Entering wolfSSL_sk_insert
wolfSSL Entering wolfSSL_sk_new_node
wolfSSL Entering wolfSSL_sk_push
wolfSSL Entering wolfSSL_sk_insert
wolfSSL Entering wolfSSL_sk_new_node
wolfSSL Entering wolfSSL_sk_push
wolfSSL Entering wolfSSL_sk_insert
wolfSSL Entering wolfSSL_sk_new_node
wolfSSL Entering wolfSSL_EVP_PKEY_free
wolfSSL Entering wolfSSL_d2i_PUBKEY
wolfSSL Entering d2iGenericKey
wolfSSL Entering wolfSSL_EVP_PKEY_new_ex
RNG_HEALTH_TEST_CHECK_SIZE = 128
sizeof(seedB_data)         = 128
wolfSSL Entering wolfSSL_RSA_new
wolfSSL Entering wolfSSL_RSA_LoadDer
wolfSSL Entering SetRsaExternal
wolfSSL Entering wolfSSL_X509_NAME_free
wolfSSL Entering wolfSSL_sk_free
wolfSSL Entering wolfSSL_X509_NAME_free
wolfSSL Entering wolfSSL_sk_free
wolfSSL Entering wolfSSL_EVP_PKEY_new_ex
RNG_HEALTH_TEST_CHECK_SIZE = 128
sizeof(seedB_data)         = 128
wolfSSL Entering wolfSSL_EVP_PKEY_free
wolfSSL Entering wolfSSL_X509_get_pubkey
wolfSSL Entering wolfSSL_EVP_PKEY_new_ex
RNG_HEALTH_TEST_CHECK_SIZE = 128
sizeof(seedB_data)         = 128
wolfSSL Entering wolfSSL_RSA_new
wolfSSL Entering wolfSSL_RSA_LoadDer
wolfSSL Entering SetRsaExternal
wolfSSL Entering wolfSSL_d2i_PrivateKey
wolfSSL Entering wolfSSL_EVP_PKEY_new_ex
RNG_HEALTH_TEST_CHECK_SIZE = 128
sizeof(seedB_data)         = 128
wolfSSL Entering wolfSSL_RSA_new
wolfSSL Entering wolfSSL_RSA_LoadDer
wolfSSL Entering SetRsaExternal
wolfSSL Entering wolfSSL_EVP_PKEY_bits
wolfSSL Entering wolfSSL_EVP_PKEY_size
wolfSSL Entering wolfSSL_RSA_size
wolfSSL Entering wolfSSL_EVP_PKEY_size
wolfSSL Entering wolfSSL_RSA_size
wolfSSL Entering wolfSSL_EVP_PKEY_CTX_new
wolfSSL Entering wolfSSL_EVP_PKEY_CTX_new
wolfSSL Entering wolfSSL_EVP_PKEY_decrypt_init
wolfSSL Entering wolfSSL_EVP_PKEY_encrypt_init
wolfSSL Entering wolfSSL_EVP_PKEY_CTX_set_rsa_padding
wolfSSL Entering wolfSSL_EVP_PKEY_encrypt
wolfSSL Entering wolfSSL_RSA_public_encrypt
wolfSSL Entering wolfSSL_RSA_size
RNG_HEALTH_TEST_CHECK_SIZE = 128
sizeof(seedB_data)         = 128
mp_to_unsigned_bin_len_ct...
wolfSSL Leaving wolfSSL_RSA_public_encrypt, return 256
wolfSSL Entering wolfSSL_EVP_PKEY_decrypt
wolfSSL Entering wolfSSL_RSA_private_decrypt
wolfSSL Entering wolfSSL_RSA_size
mp_to_unsigned_bin_len_ct...
wolfSSL Leaving wolfSSL_RSA_private_decrypt, return 14
wolfSSL Entering wolfSSL_EVP_PKEY_free
wolfSSL Entering wolfSSL_EVP_PKEY_free
wolfSSL Entering wolfSSL_EVP_PKEY_CTX_free
wolfSSL Entering wolfSSL_EVP_PKEY_free
wolfSSL Entering wolfSSL_RSA_free
wolfSSL Entering wolfSSL_EVP_PKEY_CTX_free
wolfSSL Entering wolfSSL_EVP_PKEY_free
wolfSSL Entering wolfSSL_RSA_free
wolfSSL Entering wolfSSL_FreeX509
wolfSSL Entering ExternalFreeX509
wolfSSL Entering wolfSSL_sk_free
wolfSSL Entering wolfSSL_sk_free
wolfSSL Entering wolfSSL_EVP_PKEY_free
wolfSSL Entering wolfSSL_RSA_free
OPENSSL (PKEY1) passed!
wolfSSL Entering openssl_evpSig_test
wolfSSL Entering wolfSSL_RSA_new
wolfSSL Entering wolfSSL_RSA_new
wolfSSL Entering wolfSSL_RSA_LoadDer
wolfSSL Entering SetRsaExternal
wolfSSL Entering wolfSSL_RSA_LoadDer
wolfSSL Entering SetRsaExternal
wolfSSL Entering wolfSSL_EVP_PKEY_new_ex
RNG_HEALTH_TEST_CHECK_SIZE = 128
sizeof(seedB_data)         = 128
wolfSSL Entering wolfSSL_EVP_PKEY_new_ex
RNG_HEALTH_TEST_CHECK_SIZE = 128
sizeof(seedB_data)         = 128
wolfSSL Entering wolfSSL_EVP_PKEY_set1_RSA
wolfSSL Entering clearEVPPkeyKeys
wolfSSL Entering wolfSSL_EVP_PKEY_set1_RSA
wolfSSL Entering clearEVPPkeyKeys
wolfSSL Entering EVP_MD_CTX_new
wolfSSL Entering EVP_CIPHER_MD_CTX_init
wolfSSL Entering EVP_MD_CTX_new
wolfSSL Entering EVP_CIPHER_MD_CTX_init
wolfSSL Entering EVP_sha1
wolfSSL Entering EVP_SignInit
wolfSSL Entering EVP_DigestInit
wolfSSL Entering EVP_CIPHER_MD_CTX_init
wolfSSL Entering SHA_Init
wolfSSL Entering EVP_SignUpdate(
wolfSSL Entering EVP_DigestUpdate
wolfSSL Entering EVP_MD_CTX_md
wolfSSL Entering SHA_Update
wolfSSL Entering EVP_SignFinal
wolfSSL Entering EVP_DigestFinal
wolfSSL Entering EVP_MD_CTX_md
wolfSSL Entering SHA_Final
wolfSSL Entering EVP_MD_CTX_md
wolfSSL Entering EVP_MD_type
wolfSSL Entering wolfSSL_RSA_sign_generic_padding
wolfSSL Entering wolfSSL_BN_num_bytes
RNG_HEALTH_TEST_CHECK_SIZE = 128
sizeof(seedB_data)         = 128
mp_to_unsigned_bin_len_ct...
wolfSSL Leaving wolfSSL_RSA_sign_generic_padding, return 1
wolfSSL Entering EVP_sha1
wolfSSL Entering EVP_VerifyInit
wolfSSL Entering EVP_DigestInit
wolfSSL Entering EVP_CIPHER_MD_CTX_init
wolfSSL Entering SHA_Init
wolfSSL Entering EVP_VerifyUpdate
wolfSSL Entering EVP_DigestUpdate
wolfSSL Entering EVP_MD_CTX_md
wolfSSL Entering SHA_Update
wolfSSL Entering EVP_VerifyFinal
wolfSSL Entering EVP_DigestFinal
wolfSSL Entering EVP_MD_CTX_md
wolfSSL Entering SHA_Final
wolfSSL Entering EVP_MD_CTX_md
wolfSSL Entering EVP_MD_type
wolfSSL Entering wolfSSL_RSA_verify
mp_to_unsigned_bin_len_ct...
wolfSSL Entering EVP_sha1
wolfSSL Entering EVP_VerifyInit
wolfSSL Entering EVP_DigestInit
wolfSSL Entering EVP_CIPHER_MD_CTX_init
wolfSSL Entering SHA_Init
wolfSSL Entering EVP_VerifyFinal
wolfSSL Entering EVP_DigestFinal
wolfSSL Entering EVP_MD_CTX_md
wolfSSL Entering SHA_Final
wolfSSL Entering EVP_MD_CTX_md
wolfSSL Entering EVP_MD_type
wolfSSL Entering wolfSSL_RSA_verify
mp_to_unsigned_bin_len_ct...
wolfSSL_RSA_verify_ex failed
wolfSSL Entering EVP_MD_CTX_free
wolfSSL Entering wolfSSL_EVP_MD_CTX_cleanup
wolfSSL Entering EVP_MD_CTX_free
wolfSSL Entering wolfSSL_EVP_MD_CTX_cleanup
wolfSSL Entering wolfSSL_RSA_free
wolfSSL Entering wolfSSL_RSA_free
wolfSSL Entering wolfSSL_EVP_PKEY_free
wolfSSL Entering wolfSSL_RSA_free
wolfSSL Entering wolfSSL_EVP_PKEY_free
wolfSSL Entering wolfSSL_RSA_free
OPENSSL (EVP Sign/Verify) passed!
wolfSSL Entering ecc_test
ecc_test ECC_MIN_KEY_SZ = 192

RNG_HEALTH_TEST_CHECK_SIZE = 128
sizeof(seedB_data)         = 128
OID length less than 3
GetLength - value exceeds buffer length
OID length less than 3
OID length less than 3
OID length less than 3
OID length less than 3
OID length less than 3
RNG_HEALTH_TEST_CHECK_SIZE = 128
sizeof(seedB_data)         = 128
ecc_test_curve keySize = 28
keySize is 28
RNG_HEALTH_TEST_CHECK_SIZE = 128
sizeof(seedB_data)         = 128
wolfSSL Entering wc_CreatePKCS8Key
Checking size of PKCS8
wolfSSL Entering wc_CreatePKCS8Key
ecc_test_curve keySize = 32
keySize is 32
wolfSSL Entering wc_CreatePKCS8Key
Checking size of PKCS8
wolfSSL Entering wc_CreatePKCS8Key
ecc_test_curve keySize = 48
keySize is 48
wolfSSL Entering wc_CreatePKCS8Key
Checking size of PKCS8
wolfSSL Entering wc_CreatePKCS8Key
ecc_test_curve keySize = 66
keySize is 66
wolfSSL Entering wc_CreatePKCS8Key
Checking size of PKCS8
wolfSSL Entering wc_CreatePKCS8Key
wolfSSL Entering wc_ecc_make_pub
wolfSSL Entering wc_ecc_make_pub_ex
wolfSSL Entering wc_ecc_make_pub
wolfSSL Entering wc_ecc_make_pub_ex
Verify called with private key, generating public part
ECC      test passed!
wolfSSL Entering ecc_encrypt_test
RNG_HEALTH_TEST_CHECK_SIZE = 128
sizeof(seedB_data)         = 128
ECC Enc  test passed!
wolfSSL Entering ecc_test_buffers
RNG_HEALTH_TEST_CHECK_SIZE = 128
sizeof(seedB_data)         = 128
ECC buffer test passed!
wolfSSL Entering cmac_test
CMAC     test passed!
wolfSSL Entering mp_test
RNG_HEALTH_TEST_CHECK_SIZE = 128
sizeof(seedB_data)         = 128
mp       test passed!
wolfSSL Entering prime_test
RNG_HEALTH_TEST_CHECK_SIZE = 128
sizeof(seedB_data)         = 128
prime    test passed!
wolfSSL Entering berder_test
GetLength - value exceeds buffer length
GetLength - value exceeds buffer length
GetLength - value exceeds buffer length
GetLength - value exceeds buffer length
GetLength - value exceeds buffer length
GetLength - value exceeds buffer length
GetLength - value exceeds buffer length
GetLength - value exceeds buffer length
GetLength - value exceeds buffer length
GetLength - value exceeds buffer length
GetLength - value exceeds buffer length
GetLength - value exceeds buffer length
GetLength - value exceeds buffer length
GetLength - value exceeds buffer length
GetLength - value exceeds buffer length
GetLength - value exceeds buffer length
GetLength - value exceeds buffer length
GetLength - value exceeds buffer length
GetLength - value exceeds buffer length
GetLength - value exceeds buffer length
GetLength - value exceeds buffer length
GetLength - value exceeds buffer length
ber-der  test passed!
wolfSSL Entering logging_test (debug)
logging  test passed!
wolfSSL Entering time_test
time     test passed!
wolfSSL Entering [wolfcrypt_]mutex_test (1)
mutex    test passed!
wolfSSL Entering memcb_test
memcb    test passed!
Test complete
wolfSSL Entering wolfCrypt_Cleanup
Exiting main with return code: 0

@anhu
Copy link
Member

anhu commented Nov 25, 2024

OH, I see "RANDOM test passed!" which means you have the correct hash. The next possible problem might be that you need to call wc_SetSeed_Cb() and wolfCrypt_SetCb_fips() just before the wolfSSL initialization. You can see the following example application to see what i mean:

https://github.com/wolfSSL/wolfssl-examples/blob/master/X9.146/gen_dual_keysig_cert.c#L131

Warm regards, Anthony

@volga629-1
Copy link
Author

volga629-1 commented Nov 25, 2024

OH, I see "RANDOM test passed!" which means you have the correct hash. The next possible problem might be that you need to call wc_SetSeed_Cb() and wolfCrypt_SetCb_fips() just before the wolfSSL initialization. You can see the following example application to see what i mean:

https://github.com/wolfSSL/wolfssl-examples/blob/master/X9.146/gen_dual_keysig_cert.c#L131

Warm regards, Anthony

My guess is in strongswan already should be done. I will check source code right now .

Strongswan team is provided Patch to do Init properly

https://github.com/strongswan/strongswan/commit/417469efdfa628ad9b2030aead388b8320da174e.patch

@volga629-1
Copy link
Author

volga629-1 commented Nov 26, 2024

@anhu which option I can use to load HASH SHA1 it must requirement for strongswan.

Side question is there are specific reason in use SHA1 ?
IKEv2 won't work without SHA-1. It's used for e.g. the NAT-D or the certificate request payloads. We also use it for COOKIE payloads, to detect duplicate messages, and for key identifiers in private/public keys and certificates.

So you will definitely need SHA-1 as a hash algorithm, but not as a signature algorithm.

@anhu
Copy link
Member

anhu commented Nov 26, 2024

Hmmm.... In a FIPS-ready build I believe SHA1 is disabled. I might need to setup an internal meeting to confer with my colleagues on this. Please stay tuned.

@volga629-1
Copy link
Author

Little a bit more details

There isn't. As I pointed out already, certain aspects of the IKEv2 protocol ([RFC 7296](https://datatracker.ietf.org/doc/html/rfc7296)) require SHA-1.

@anhu
Copy link
Member

anhu commented Nov 26, 2024

Hi @volga629-1

I have setup a meeting with my colleagues for later today, but you seem to be giving this a high degree of urgency so I will give some interim advice.

Perhaps the best idea is to use our general wolfssl release (non-fips-ready) and get that working on windows as a proof of concept. Once you have seen how that functions and you are satisfied, then when you have a conversation with us about commercial licensing and support, you can highlight that you will need SHA1.

Please stay tuned; the meeting is set for late in the afternoon.

Warm regards, Anthony

@volga629-1
Copy link
Author

Hi @volga629-1

I have setup a meeting with my colleagues for later today, but you seem to be giving this a high degree of urgency so I will give some interim advice.

Perhaps the best idea is to use our general wolfssl release (non-fips-ready) and get that working on windows as a proof of concept. Once you have seen how that functions and you are satisfied, then when you have a conversation with us about commercial licensing and support, you can highlight that you will need SHA1.

Please stay tuned; the meeting is set for late in the afternoon.

Warm regards, Anthony

Thank you for suggestion, I will try , but even for demo I will need FIPS

@anhu Question regard strongswan is failing to load wolfssl

Strongswan code is states

/* New patched today */
#ifdef WC_RNG_SEED_CB
	wc_SetSeed_Cb(wc_GenerateSeed);
#endif

#ifdef HAVE_FIPS
	if (fips_mode)
	{
		int ret = wolfCrypt_GetStatus_fips();
		if (ret != 0)
		{
			DBG1(DBG_LIB, "wolfssl FIPS mode unavailable (%d)", ret);
			return NULL;
		}
	}
#else
	if (fips_mode)
	{
		DBG1(DBG_LIB, "wolfssl FIPS mode unavailable");
		return NULL;
	}
#endif

Is anything else prevent to load plugin ?

In user_settings.h include

#undef  HAVE_FIPS
#define HAVE_FIPS

#undef  HAVE_FIPS_VERSION
#define HAVE_FIPS_VERSION 7

#undef  HAVE_FIPS_VERSION_MAJOR
#define HAVE_FIPS_VERSION_MAJOR 7

#undef  HAVE_FIPS_VERSION_MINOR
#define HAVE_FIPS_VERSION_MINOR 0

#undef  HAVE_FIPS_VERSION_PATCH
#define HAVE_FIPS_VERSION_PATCH 0

@anhu
Copy link
Member

anhu commented Nov 26, 2024

Hi @volga629-1 ,

It seems we have many issues one after the other. Why don't we setup a call over zoom or MS teams or Google Meet to get over these technical details? Please send me an invite to a meeting with a link to your favourite meeting system for 9:30 am tomorrow morning. You can send it to [email protected] .

Warm regards, Anthony,.

@volga629-1
Copy link
Author

Thank you I will

Hi @volga629-1 ,

It seems we have many issues one after the other. Why don't we setup a call over zoom or MS teams or Google Meet to get over these technical details? Please send me an invite to a meeting with a link to your favourite meeting system for 9:30 am tomorrow morning. You can send it to [email protected] .

Warm regards, Anthony,.

I will send you invite soon.

@anhu
Copy link
Member

anhu commented Nov 26, 2024

Got it, will be great to finally chat with you tomorrow.

Warm regards, Anthony

@volga629-1
Copy link
Author

volga629-1 commented Nov 27, 2024

@anhu I am getting closer.
Can you confirm which define's I should use for this settings

PRF:PRF_AES128_XCBC PRF:PRF_AES128_CMAC PUBKEY:DSA NONCE_GEN

@anhu
Copy link
Member

anhu commented Nov 27, 2024

Do not define NO_AES_CBC
Define WOLFSSL_CMAC and WOLFSSL_AES_DIRECT
Do not define NO_DSA

@volga629-1
Copy link
Author

volga629-1 commented Nov 27, 2024

Getting this and all options above is seems in right order

00[LIB] loading feature KDF:KDF_PRF in plugin 'kdf'
00[LIB]   feature KDF:KDF_PRF in plugin 'kdf' has unmet soft dependency: PRF:PRF_AES128_XCBC
00[LIB]   feature KDF:KDF_PRF in plugin 'kdf' has unmet soft dependency: PRF:PRF_AES128_CMAC
00[LIB] loading feature KDF:KDF_PRF_PLUS in plugin 'kdf'
00[LIB]   feature KDF:KDF_PRF_PLUS in plugin 'kdf' has unmet soft dependency: PRF:PRF_AES128_XCBC
00[LIB]   feature KDF:KDF_PRF_PLUS in plugin 'kdf' has unmet soft dependency: PRF:PRF_AES128_CMAC

@anhu
Copy link
Member

anhu commented Nov 27, 2024

Do not define NO_AES_CBC
Define WOLFSSL_CMAC and WOLFSSL_AES_DIRECT
Do not define NO_DSA

Did you check these in your user_settings.h ?

@volga629-1
Copy link
Author

Do not define NO_AES_CBC
Define WOLFSSL_CMAC and WOLFSSL_AES_DIRECT
Do not define NO_DSA

Did you check these in your user_settings.h ?

Yes, multiply times.

@anhu
Copy link
Member

anhu commented Nov 27, 2024

I'm positive you have AES 128 enabled. I would say you need to use the debugger to figure out where this is going wrong. To be clear, you have cleared the FIPS hurdle?

@volga629-1
Copy link
Author

I'm positive you have AES 128 enabled. I would say you need to use the debugger to figure out where this is going wrong. To be clear, you have cleared the FIPS hurdle?

Yes, getting closer

$ ./usr/libexec/strongswan/charon-svc.exe
Starting Power On Self Test
Pre-Operational Self Test SUCCESS
00[DMN] Starting IKE service charon-svc (strongSwan 5.9.14, Windows Client 10.0.22621 (SP 0.0))
00[LIB] plugin 'unbound': loaded successfully
00[LIB] plugin 'des': loaded successfully
00[LIB] plugin 'sha3': loaded successfully
00[LIB] plugin 'nonce': loaded successfully
00[LIB] plugin 'pubkey': loaded successfully
00[LIB] plugin 'ipseckey': loaded successfully
wolfSSL Entering wolfSSL_Init
wolfSSL Entering wolfCrypt_Init
RNG_HEALTH_TEST_CHECK_SIZE = 128
sizeof(seedB_data)         = 128
00[LIB] plugin 'wolfssl': loaded successfully
00[LIB] plugin 'kdf': loaded successfully
00[LIB] plugin 'winhttp': loaded successfully
00[LIB] plugin 'kernel-wfp': loaded successfully
00[LIB] plugin 'kernel-iph': loaded successfully
00[LIB] plugin 'socket-win': loaded successfully
00[LIB] plugin 'bypass-lan': loaded successfully
00[LIB] plugin 'vici': loaded successfully
00[LIB] plugin 'updown': loaded successfully
00[LIB] plugin 'counters': loaded successfully
00[LIB] loading feature CUSTOM:libcharon in plugin 'charon-svc'
00[LIB]   loading feature NONCE_GEN in plugin 'nonce'
00[LIB] feature NONCE_GEN in plugin 'nonce' has unmet dependency: RNG:RNG_WEAK
00[LIB] feature CUSTOM:libcharon in critical plugin 'charon-svc' has unmet dependency: NONCE_GEN
00[LIB] loading feature CUSTOM:libcharon-receiver in plugin 'charon-svc'
00[LIB]   loading feature HASHER:HASH_SHA1 in plugin 'wolfssl'
00[LIB] feature CUSTOM:libcharon-receiver in critical plugin 'charon-svc' has unmet dependency: RNG:RNG_STRONG
00[LIB] loading feature CUSTOM:libcharon-sa-managers in plugin 'charon-svc'
00[LIB] feature CUSTOM:libcharon-sa-managers in critical plugin 'charon-svc' has unmet dependency: RNG:RNG_WEAK
00[LIB] loading feature RESOLVER in plugin 'unbound'
00[LIB] loading feature CRYPTER:3DES_CBC-24 in plugin 'des'
00[LIB] loading feature CRYPTER:DES_CBC-8 in plugin 'des'
00[LIB] loading feature CRYPTER:DES_ECB-8 in plugin 'des'
00[LIB] loading feature HASHER:HASH_SHA3_224 in plugin 'sha3'
00[LIB] loading feature HASHER:HASH_SHA3_256 in plugin 'sha3'
00[LIB] loading feature HASHER:HASH_SHA3_384 in plugin 'sha3'
00[LIB] loading feature HASHER:HASH_SHA3_512 in plugin 'sha3'
00[LIB] loading feature XOF:XOF_SHAKE128 in plugin 'sha3'
00[LIB] loading feature XOF:XOF_SHAKE256 in plugin 'sha3'
00[LIB] loading feature CERT_ENCODE:PUBKEY in plugin 'pubkey'
00[LIB] loading feature CERT_DECODE:PUBKEY in plugin 'pubkey'
00[LIB]   loading feature PUBKEY:RSA in plugin 'wolfssl'
00[LIB]   loading feature PUBKEY:ECDSA in plugin 'wolfssl'
00[LIB]   feature CERT_DECODE:PUBKEY in plugin 'pubkey' has unmet soft dependency: PUBKEY:DSA
00[LIB] loading feature CUSTOM:ipseckey in plugin 'ipseckey'
00[CFG] ipseckey plugin is enabled
00[LIB] loading feature CRYPTER:AES_CTR-16 in plugin 'wolfssl'
00[LIB] loading feature CRYPTER:AES_CTR-24 in plugin 'wolfssl'
00[LIB] loading feature CRYPTER:AES_CTR-32 in plugin 'wolfssl'
00[LIB] loading feature CRYPTER:AES_CBC-16 in plugin 'wolfssl'
00[LIB] loading feature CRYPTER:AES_CBC-24 in plugin 'wolfssl'
00[LIB] loading feature CRYPTER:AES_CBC-32 in plugin 'wolfssl'
00[LIB] loading feature CRYPTER:AES_ECB-16 in plugin 'wolfssl'
00[LIB] loading feature CRYPTER:AES_ECB-24 in plugin 'wolfssl'
00[LIB] loading feature CRYPTER:AES_ECB-32 in plugin 'wolfssl'
00[LIB] loading feature CRYPTER:AES_CFB-16 in plugin 'wolfssl'
00[LIB] loading feature CRYPTER:AES_CFB-24 in plugin 'wolfssl'
00[LIB] loading feature CRYPTER:AES_CFB-32 in plugin 'wolfssl'
00[LIB] loading feature CRYPTER:3DES_CBC-24 in plugin 'wolfssl'
00[LIB] loading feature CRYPTER:DES_CBC-8 in plugin 'wolfssl'
00[LIB] loading feature CRYPTER:DES_ECB-8 in plugin 'wolfssl'
00[LIB] loading feature CRYPTER:NULL-0 in plugin 'wolfssl'
00[LIB] loading feature HASHER:HASH_SHA2_224 in plugin 'wolfssl'
00[LIB] loading feature HASHER:HASH_SHA2_256 in plugin 'wolfssl'
00[LIB] loading feature HASHER:HASH_SHA2_384 in plugin 'wolfssl'
00[LIB] loading feature HASHER:HASH_SHA2_512 in plugin 'wolfssl'
00[LIB] loading feature HASHER:HASH_SHA3_224 in plugin 'wolfssl'
00[LIB] loading feature HASHER:HASH_SHA3_256 in plugin 'wolfssl'
00[LIB] loading feature HASHER:HASH_SHA3_384 in plugin 'wolfssl'
00[LIB] loading feature HASHER:HASH_SHA3_512 in plugin 'wolfssl'
00[LIB] loading feature PRF:PRF_KEYED_SHA1 in plugin 'wolfssl'
00[LIB] loading feature PRF:PRF_HMAC_SHA1 in plugin 'wolfssl'
00[LIB] loading feature PRF:PRF_HMAC_SHA2_256 in plugin 'wolfssl'
00[LIB] loading feature PRF:PRF_HMAC_SHA2_384 in plugin 'wolfssl'
00[LIB] loading feature PRF:PRF_HMAC_SHA2_512 in plugin 'wolfssl'
00[LIB] loading feature SIGNER:HMAC_SHA1_96 in plugin 'wolfssl'
00[LIB] loading feature SIGNER:HMAC_SHA1_128 in plugin 'wolfssl'
00[LIB] loading feature SIGNER:HMAC_SHA1_160 in plugin 'wolfssl'
00[LIB] loading feature SIGNER:HMAC_SHA2_256_128 in plugin 'wolfssl'
00[LIB] loading feature SIGNER:HMAC_SHA2_256_256 in plugin 'wolfssl'
00[LIB] loading feature SIGNER:HMAC_SHA2_384_192 in plugin 'wolfssl'
00[LIB] loading feature SIGNER:HMAC_SHA2_384_384 in plugin 'wolfssl'
00[LIB] loading feature SIGNER:HMAC_SHA2_512_256 in plugin 'wolfssl'
00[LIB] loading feature SIGNER:HMAC_SHA2_512_512 in plugin 'wolfssl'
00[LIB] loading feature KDF:KDF_PRF in plugin 'wolfssl'
00[LIB] loading feature KDF:KDF_PRF_PLUS in plugin 'wolfssl'
00[LIB] loading feature AEAD:AES_GCM_16-16 in plugin 'wolfssl'
00[LIB] loading feature AEAD:AES_GCM_16-24 in plugin 'wolfssl'
00[LIB] loading feature AEAD:AES_GCM_16-32 in plugin 'wolfssl'
00[LIB] loading feature AEAD:AES_GCM_12-16 in plugin 'wolfssl'
00[LIB] loading feature AEAD:AES_GCM_12-24 in plugin 'wolfssl'
00[LIB] loading feature AEAD:AES_GCM_12-32 in plugin 'wolfssl'
00[LIB] loading feature AEAD:AES_CCM_16-16 in plugin 'wolfssl'
00[LIB] loading feature AEAD:AES_CCM_16-24 in plugin 'wolfssl'
00[LIB] loading feature AEAD:AES_CCM_16-32 in plugin 'wolfssl'
00[LIB] loading feature AEAD:AES_CCM_12-16 in plugin 'wolfssl'
00[LIB] loading feature AEAD:AES_CCM_12-24 in plugin 'wolfssl'
00[LIB] loading feature AEAD:AES_CCM_12-32 in plugin 'wolfssl'
00[LIB] loading feature AEAD:AES_CCM_8-16 in plugin 'wolfssl'
00[LIB] loading feature AEAD:AES_CCM_8-24 in plugin 'wolfssl'
00[LIB] loading feature AEAD:AES_CCM_8-32 in plugin 'wolfssl'
00[LIB] loading feature KE:MODP_3072 in plugin 'wolfssl'
00[LIB] loading feature KE:MODP_4096 in plugin 'wolfssl'
00[LIB] loading feature KE:MODP_6144 in plugin 'wolfssl'
00[LIB] loading feature KE:MODP_8192 in plugin 'wolfssl'
00[LIB] loading feature KE:MODP_2048 in plugin 'wolfssl'
00[LIB] loading feature KE:MODP_2048_224 in plugin 'wolfssl'
00[LIB] loading feature KE:MODP_2048_256 in plugin 'wolfssl'
00[LIB] loading feature KE:MODP_1536 in plugin 'wolfssl'
00[LIB] loading feature KE:MODP_1024 in plugin 'wolfssl'
00[LIB] loading feature KE:MODP_1024_160 in plugin 'wolfssl'
00[LIB] loading feature KE:MODP_768 in plugin 'wolfssl'
00[LIB] loading feature KE:MODP_CUSTOM in plugin 'wolfssl'
00[LIB] loading feature PRIVKEY:RSA in plugin 'wolfssl'
00[LIB] loading feature PRIVKEY:ANY in plugin 'wolfssl'
00[LIB] loading feature PRIVKEY_GEN:RSA in plugin 'wolfssl'
00[LIB] loading feature PRIVKEY_SIGN:RSA_EMSA_PKCS1_NULL in plugin 'wolfssl'
00[LIB] loading feature PUBKEY_VERIFY:RSA_EMSA_PKCS1_NULL in plugin 'wolfssl'
00[LIB] loading feature PRIVKEY_SIGN:RSA_EMSA_PSS in plugin 'wolfssl'
00[LIB] loading feature PUBKEY_VERIFY:RSA_EMSA_PSS in plugin 'wolfssl'
00[LIB] loading feature PRIVKEY_SIGN:RSA_EMSA_PKCS1_SHA1 in plugin 'wolfssl'
00[LIB] loading feature PUBKEY_VERIFY:RSA_EMSA_PKCS1_SHA1 in plugin 'wolfssl'
00[LIB] loading feature PRIVKEY_SIGN:RSA_EMSA_PKCS1_SHA2_224 in plugin 'wolfssl'
00[LIB] loading feature PUBKEY_VERIFY:RSA_EMSA_PKCS1_SHA2_224 in plugin 'wolfssl'
00[LIB] loading feature PRIVKEY_SIGN:RSA_EMSA_PKCS1_SHA2_256 in plugin 'wolfssl'
00[LIB] loading feature PUBKEY_VERIFY:RSA_EMSA_PKCS1_SHA2_256 in plugin 'wolfssl'
00[LIB] loading feature PRIVKEY_SIGN:RSA_EMSA_PKCS1_SHA2_384 in plugin 'wolfssl'
00[LIB] loading feature PUBKEY_VERIFY:RSA_EMSA_PKCS1_SHA2_384 in plugin 'wolfssl'
00[LIB] loading feature PRIVKEY_SIGN:RSA_EMSA_PKCS1_SHA2_512 in plugin 'wolfssl'
00[LIB] loading feature PUBKEY_VERIFY:RSA_EMSA_PKCS1_SHA2_512 in plugin 'wolfssl'
00[LIB] loading feature PRIVKEY_SIGN:RSA_EMSA_PKCS1_SHA3_224 in plugin 'wolfssl'
00[LIB] loading feature PUBKEY_VERIFY:RSA_EMSA_PKCS1_SHA3_224 in plugin 'wolfssl'
00[LIB] loading feature PRIVKEY_SIGN:RSA_EMSA_PKCS1_SHA3_256 in plugin 'wolfssl'
00[LIB] loading feature PUBKEY_VERIFY:RSA_EMSA_PKCS1_SHA3_256 in plugin 'wolfssl'
00[LIB] loading feature PRIVKEY_SIGN:RSA_EMSA_PKCS1_SHA3_384 in plugin 'wolfssl'
00[LIB] loading feature PUBKEY_VERIFY:RSA_EMSA_PKCS1_SHA3_384 in plugin 'wolfssl'
00[LIB] loading feature PRIVKEY_SIGN:RSA_EMSA_PKCS1_SHA3_512 in plugin 'wolfssl'
00[LIB] loading feature PUBKEY_VERIFY:RSA_EMSA_PKCS1_SHA3_512 in plugin 'wolfssl'
00[LIB] loading feature PRIVKEY_DECRYPT:ENCRYPT_RSA_PKCS1 in plugin 'wolfssl'
00[LIB] loading feature PUBKEY_ENCRYPT:ENCRYPT_RSA_PKCS1 in plugin 'wolfssl'
00[LIB] loading feature PUBKEY_ENCRYPT:ENCRYPT_RSA_OAEP_SHA1 in plugin 'wolfssl'
00[LIB] loading feature PRIVKEY_DECRYPT:ENCRYPT_RSA_OAEP_SHA1 in plugin 'wolfssl'
00[LIB] loading feature PUBKEY_ENCRYPT:ENCRYPT_RSA_OAEP_SHA224 in plugin 'wolfssl'
00[LIB] loading feature PRIVKEY_DECRYPT:ENCRYPT_RSA_OAEP_SHA224 in plugin 'wolfssl'
00[LIB] loading feature PUBKEY_ENCRYPT:ENCRYPT_RSA_OAEP_SHA256 in plugin 'wolfssl'
00[LIB] loading feature PRIVKEY_DECRYPT:ENCRYPT_RSA_OAEP_SHA256 in plugin 'wolfssl'
00[LIB] loading feature PUBKEY_ENCRYPT:ENCRYPT_RSA_OAEP_SHA384 in plugin 'wolfssl'
00[LIB] loading feature PRIVKEY_DECRYPT:ENCRYPT_RSA_OAEP_SHA384 in plugin 'wolfssl'
00[LIB] loading feature PUBKEY_ENCRYPT:ENCRYPT_RSA_OAEP_SHA512 in plugin 'wolfssl'
00[LIB] loading feature PRIVKEY_DECRYPT:ENCRYPT_RSA_OAEP_SHA512 in plugin 'wolfssl'
00[LIB] loading feature PUBKEY_VERIFY:ECDSA_WITH_NULL in plugin 'wolfssl'
00[LIB] loading feature PUBKEY_VERIFY:ECDSA_WITH_SHA1_DER in plugin 'wolfssl'
00[LIB] loading feature PUBKEY_VERIFY:ECDSA_WITH_SHA256_DER in plugin 'wolfssl'
00[LIB] loading feature PUBKEY_VERIFY:ECDSA-256 in plugin 'wolfssl'
00[LIB] loading feature PUBKEY_VERIFY:ECDSA_WITH_SHA384_DER in plugin 'wolfssl'
00[LIB] loading feature PUBKEY_VERIFY:ECDSA-384 in plugin 'wolfssl'
00[LIB] loading feature PUBKEY_VERIFY:ECDSA_WITH_SHA512_DER in plugin 'wolfssl'
00[LIB] loading feature PUBKEY_VERIFY:ECDSA-521 in plugin 'wolfssl'
00[LIB] loading feature KDF:KDF_PRF in plugin 'kdf'
00[LIB]   feature KDF:KDF_PRF in plugin 'kdf' has unmet soft dependency: PRF:PRF_AES128_XCBC
00[LIB]   feature KDF:KDF_PRF in plugin 'kdf' has unmet soft dependency: PRF:PRF_AES128_CMAC
00[LIB] loading feature KDF:KDF_PRF_PLUS in plugin 'kdf'
00[LIB]   feature KDF:KDF_PRF_PLUS in plugin 'kdf' has unmet soft dependency: PRF:PRF_AES128_XCBC
00[LIB]   feature KDF:KDF_PRF_PLUS in plugin 'kdf' has unmet soft dependency: PRF:PRF_AES128_CMAC
00[LIB] loading feature FETCHER:http:// in plugin 'winhttp'
00[LIB] loading feature FETCHER:https:// in plugin 'winhttp'
00[LIB] loading feature CUSTOM:kernel-ipsec in plugin 'kernel-wfp'
00[LIB] feature CUSTOM:kernel-ipsec in plugin 'kernel-wfp' has unmet dependency: RNG:RNG_WEAK
00[LIB] loading feature CUSTOM:kernel-net in plugin 'kernel-iph'
00[LIB] loading feature CUSTOM:socket in plugin 'socket-win'
00[LIB] feature CUSTOM:socket in plugin 'socket-win' has unmet dependency: CUSTOM:kernel-ipsec
00[LIB] loading feature CUSTOM:bypass-lan in plugin 'bypass-lan'
00[LIB] loading feature CUSTOM:vici in plugin 'vici'
00[LIB]   loading feature CUSTOM:counters in plugin 'counters'
00[LIB] loading feature CUSTOM:updown in plugin 'updown'
00[LIB] failed to load 3 critical plugin features
00[LIB] unloading plugin 'charon-svc' without loaded features
00[LIB] unloading plugin 'nonce' without loaded features
00[LIB] unloading plugin 'kernel-wfp' without loaded features
00[LIB] unloading plugin 'socket-win' without loaded features
wolfSSL Entering wolfSSL_Cleanup
wolfSSL Entering wolfCrypt_Cleanup

@anhu
Copy link
Member

anhu commented Nov 27, 2024

as a quick workaround, is there a way to configure strongswan to disable these PRFs?

@volga629-1
Copy link
Author

as a quick workaround, is there a way to configure strongswan to disable these PRFs?

Let me check.

@volga629-1
Copy link
Author

@anhu
I checked user_settings.h and NO_DSA is present, but getting error
As you see RSA ECDSA are loaded only missing DSA.

00[LIB] loading feature CERT_DECODE:PUBKEY in plugin 'pubkey'
00[LIB]   loading feature PUBKEY:RSA in plugin 'wolfssl'
00[LIB]   loading feature PUBKEY:ECDSA in plugin 'wolfssl'
00[LIB]   feature CERT_DECODE:PUBKEY in plugin 'pubkey' has unmet soft dependency: PUBKEY:DSA
00[LIB] loading feature CUSTOM:ipseckey in plugin 'ipseckey'

@volga629-1
Copy link
Author

volga629-1 commented Nov 28, 2024

@anhu can you please check in Visual Studio tree I don't see dsa.c or dsa.h like in source

I don't know if it on purpose or not, but wolfssl-fips.vcxproj is not including src dsa.c (potentially bug)

I added this line

 <ClCompile Include="..\..\wolfcrypt\src\dsa.c" />

@anhu
Copy link
Member

anhu commented Nov 28, 2024

Yes!! That is a bug!!

@anhu
Copy link
Member

anhu commented Nov 28, 2024

@volga629-1

Please see #8238

@volga629-1
Copy link
Author

Thank you.

@volga629-1
Copy link
Author

@anhu Hello,
I was doing clean build to see if nothing left outside and strongswan is failing with undef

C:/msys64/mingw64/bin/../lib/gcc/x86_64-w64-mingw32/13.2.0/../../../../x86_64-w64-mingw32/bin/ld.exe: ../../../../src/libstrongswan/.libs/libstrongswan.a(wolfssl_rng.o): in function `get_bytes':
C:/msys64/home/volga629/strongswan-5.9.14/src/libstrongswan/plugins/wolfssl/wolfssl_rng.c:67:(.text+0x90): undefined reference to `wc_LockMutex'
C:/msys64/mingw64/bin/../lib/gcc/x86_64-w64-mingw32/13.2.0/../../../../x86_64-w64-mingw32/bin/ld.exe: C:/msys64/home/volga629/strongswan-5.9.14/src/libstrongswan/plugins/wolfssl/wolfssl_rng.c:79:(.text+0xd0): undefined reference to `wc_UnLockMutex'
C:/msys64/mingw64/bin/../lib/gcc/x86_64-w64-mingw32/13.2.0/../../../../x86_64-w64-mingw32/bin/ld.exe: ../../../../src/libstrongswan/.libs/libstrongswan.a(wolfssl_rng.o): in function `wolfssl_rng_global_init':
C:/msys64/home/volga629/strongswan-5.9.14/src/libstrongswan/plugins/wolfssl/wolfssl_rng.c:156:(.text+0x270): undefined reference to `wc_InitMutex'
C:/msys64/mingw64/bin/../lib/gcc/x86_64-w64-mingw32/13.2.0/../../../../x86_64-w64-mingw32/bin/ld.exe: ../../../../src/libstrongswan/.libs/libstrongswan.a(wolfssl_rng.o): in function `wolfssl_rng_global_final':
C:/msys64/home/volga629/strongswan-5.9.14/src/libstrongswan/plugins/wolfssl/wolfssl_rng.c:177:(.text+0x2d0): undefined reference to `wc_FreeMutex'
collect2.exe: error: ld returned 1 exit status

@anhu
Copy link
Member

anhu commented Dec 2, 2024

That is is odd. What did you change?

Warm regards, Anthony

@volga629-1
Copy link
Author

volga629-1 commented Dec 2, 2024

It just clean build. From strongswan prospective there are was commit to include user_settings.h

6a11a59

I build fips library today on windows and if I checking there no available function by name in undef

> dumpbin /EXPORTS .\wolfssl-fips.dll | grep -i mutex
         
29   1C 00061080 FreeMutex = FreeMutex
        
35   22 00061060 InitMutex = InitMutex
         
37   24 000610A0 LockMutex = LockMutex
         
46   2D 000610C0 UnLockMutex = UnLockMutex
        
392  187 00061050 wc_GetMutexCb = wc_GetMutexCb
        
442  1B9 00060E40 wc_InitAndAllocMutex = wc_InitAndAllocMutex
        
495  1EE 00061000 wc_LockMutex_ex = wc_LockMutex_ex
        
623  26E 00061040 wc_SetMutexCb = wc_SetMutexCb

@anhu
Copy link
Member

anhu commented Dec 2, 2024

How is it that you didn't have this error before?

@volga629-1
Copy link
Author

I think issue with include user_setting.h

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants