wolfssl 移植到liteos下执行到wolfSSL_connect时报错:wolfSSL error occurred, error = 111 line:11221 file:src/ssl.c 10C

wolfssl-4.2.0-stable 移植到liteos后,使用https,执行到wolfSSL_connect出错,追踪底层代码,发现在执行SendClientKeyExchange函数时发生错误,

log打印:

into wolfSSL_connect....
wolfSSL error occurred, error = 111 line:11221 file:src/ssl.c
error = -111, mp_read error state
sslConnect failed!

wolfssl源码:

        case FIRST_REPLY_FIRST :
        #ifdef WOLFSSL_TLS13
        printf("into WOLFSSL_TLS13 ..\n");
            if (ssl->options.tls1_3)
                return wolfSSL_connect_TLSv13(ssl);
        #endif
            if (!ssl->options.resuming) {
                if ( (ssl->error = SendClientKeyExchange(ssl)) != 0) {
                    WOLFSSL_ERROR(ssl->error);  //Error occurred !!
                    return WOLFSSL_FATAL_ERROR;
                }
                WOLFSSL_MSG("sent: client key exchange");
            }

            ssl->options.connectState = FIRST_REPLY_SECOND;
            WOLFSSL_MSG("connect state: FIRST_REPLY_SECOND");
            FALL_THROUGH;

我的例程函数源码:

connection *sslConnect (void)
{
    connection *c;

    c = malloc (sizeof (connection));
    c->sslHandle = NULL;
    c->sslContext = NULL;

    c->socket = tcpConnect ();
    if (c->socket)
    {
        // Register the error strings for libcrypto & libssl
        #if USE_OLD_OPENSSL_API //旧版本使用
            wolfSSL_load_error_strings ();
        #else
            OPENSSL_init_ssl(OPENSSL_INIT_LOAD_SSL_STRINGS | OPENSSL_INIT_LOAD_CRYPTO_STRINGS, NULL);
        #endif

        // Register the available ciphers and digests
        #if USE_OLD_OPENSSL_API //旧版本使用
        wolfSSL_library_init ();
        wolfSSL_add_all_algorithms();
        #else
        OPENSSL_init_ssl(0, NULL);
        OPENSSL_init_crypto(OPENSSL_INIT_ADD_ALL_CIPHERS | OPENSSL_INIT_ADD_ALL_DIGESTS, NULL);
        #endif



        // New context saying we are a client, and using SSL 2 or 3
        c->sslContext = wolfSSL_CTX_new (wolfSSLv23_client_method ());
        if (c->sslContext == NULL)
        {
             wolfSSL_ERR_dump_errors_fp (stderr);
             if(c) free(c);
             return NULL;
        }

        /* Load client certificates into WOLFSSL_CTX */
        int ret;
        char buffer[128] = {0};

        //设置不校验证书,Liteos上进行校验就会通不过(底层不兼容)
        wolfSSL_CTX_set_verify(c->sslContext,SSL_VERIFY_NONE,NULL);
#if  1
    ret = wolfSSL_CTX_load_verify_locations(c->sslContext, CA_CERT_FILE, NULL);
    if (ret != SSL_SUCCESS)
    {
        wolfSSL_ERR_dump_errors_fp (stderr);
        int err = wolfSSL_get_error(c->sslHandle, ret);
        printf("error = %d, %s\n", err, wolfSSL_ERR_error_string(err, buffer));
        fprintf(stderr, "ERROR: failed to load %s, please check the file.\n",CA_CERT_FILE);
        return NULL;
    }
    //加载buffer使用:wolfSSL_CTX_load_verify_buffer
    ret = wolfSSL_CTX_use_certificate_file(c->sslContext, CLI_CERT_FILE,WOLFSSL_FILETYPE_PEM);
    if(ret != WOLFSSL_SUCCESS)
    {
        wolfSSL_ERR_dump_errors_fp (stderr);
        int err = wolfSSL_get_error(c->sslHandle, ret);
        printf("error = %d, %s\n", err, wolfSSL_ERR_error_string(err, buffer));
        fprintf(stderr, "ERROR: failed to load %s, please check the file.\n",CLI_CERT_FILE);
        return NULL;
    }

    ret = wolfSSL_CTX_use_PrivateKey_file(c->sslContext, CLI_KEY_FILE,WOLFSSL_FILETYPE_PEM);
    if(ret != WOLFSSL_SUCCESS)
    {
        wolfSSL_ERR_dump_errors_fp (stderr);
        int err = wolfSSL_get_error(c->sslHandle, ret);
        printf("error = %d, %s\n", err, wolfSSL_ERR_error_string(err, buffer));
        fprintf(stderr, "ERROR: failed to load %s, please check the file.\n",CLI_KEY_FILE);
        return NULL;
    }

#endif





        // Create an SSL struct for the connection
        c->sslHandle = wolfSSL_new (c->sslContext);
        if (c->sslHandle == NULL)
        {
             wolfSSL_ERR_dump_errors_fp (stderr);
              if(c) free(c);
             return NULL;
        }

/*---#新添加------------------------------------------------------------*/
        /* keep handshakre resources for re-using WOLFSSL obj */
          wolfSSL_KeepArrays(c->sslHandle);
          if(wolfSSL_KeepHandshakeResources(c->sslHandle)) {
              /* err_sys("SSL_KeepHandshakeResources failed"); */
               if(c) free(c);
            return NULL;
          }
          if (wolfSSL_use_certificate_file(c->sslHandle, CLI_CERT_FILE,
                                           WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) {
              /*err_sys("can't load client cert file, "
                      "Please run from wolfSSL home dir");*/
               if(c) free(c);
             return NULL;
          }
          if (wolfSSL_use_PrivateKey_file(c->sslHandle, CLI_KEY_FILE,
                                           WOLFSSL_FILETYPE_PEM) != WOLFSSL_SUCCESS) {
              /*err_sys("can't load client key file, "
                      "Please run from wolfSSL home dir");*/
              if(c) free(c);
             return NULL;
          }

/*---#------------------------------------------------------------*/


        // Connect the SSL struct to our connection
        if (!wolfSSL_set_fd (c->sslHandle, c->socket))
        {
            wolfSSL_ERR_dump_errors_fp (stderr);
             if(c) free(c);
            return NULL;
        }

        printf("into wolfSSL_connect....\n");
        // Initiate SSL handshake
        ret = wolfSSL_connect(c->sslHandle);
        if (ret != SSL_SUCCESS) 
        {
           ERR_print_errors_fp (stderr);
           int err = wolfSSL_get_error(c->sslHandle, ret);
           printf("error = %d, %s\n", err, wolfSSL_ERR_error_string(err, buffer));
           if(c) free(c);
           return NULL;
        }
        printf("SSL_connect success!\n");

    }
    else
    {
        perror ("Connect failed!\n");
         if(c) free(c);
         return NULL;
    }

    return c;
}

哪位大神给点指导,谢谢

1个回答

Csdn user default icon
上传中...
上传图片
插入图片
抄袭、复制答案,以达到刷声望分或其他目的的行为,在CSDN问答是严格禁止的,一经发现立刻封号。是时候展现真正的技术了!
立即提问

相似问题

1
有没有什么可以移植到stm32上的计算机视觉库?
2
openssl移植到armBN_mod_inverse:no inverse
1
移植alexa 到arm上,交叉编译时,找不到gstreamer,求助
1
如何将matlab或者c/c++的代码移植到FPGA中?求指教!
3
c++代码算法能否直接移植到安卓程序中?
0
求无mmu的芯片移植到VxWork上的方案或者源码
0
如何把BLE协议栈移植到传统蓝牙项目中。
0
关于sqlite3移植到vxworks6.9时出现的undifined symbol问题
1
GUI移植到openwrt,网页登录显示密码错误
1
如何将一个基于Windows环境下开发的Qt软件移植到Android上?
2
SSM项目无法访问图片,图片不显示的问题
1
我做的jar文件移植到其他电脑打不开,JRE也一起打包了,提示丢失jli.dll,是什么问题?
1
Kernel panic - not syncing: Attempted to kill init! exitcode=0x00000004、Linux4.19.66/at91/ramdisk/gcc7.3.1。
1
azure-iot-sdk-c可以移植到MTK平台吗
1
STM32F103CBT6上移植ucos操作系统 仿真后LED任务不运行一直处于空闲任务 是什么原因啊?
2
STM32F103CBT6上移植ucos操作系统 仿真后LED任务不运行一直处于空闲任务 是什么原因啊?
2
BOA 0.94嵌入式web服务器如何支持php访问?
1
有没有人移植Bzip2压缩算法到单片机的啊,我目前遇到单片机内存不够的问题?
0
移动端canvus得到的字体点阵信息与电脑端不一致。
0
iar编译总是未定义,明明移植的之前工程就是这么写的但是不行。请大神求解