This blog post shows how to use macros in WICED to debug TLS (Transport Layer Security) data. The mbedTLS library provides debug macros MBEDTLS_DEBUG_C, MBEDTLS_SSL_DEBUG_ALL and MBEDTLS_DEBUG_LOG_LEVEL defined in /WICED/security/BESL/mbedtls_open/include/mbedtls/config.h and they are disabled by default. You can enable those macros and define MBEDTLS_DEBUG_LOG_LEVEL as per the level of debugging required. Higher the level, more details can be captured in the logs. The log levels are defined as shown below:

0 No debug

1 Error

2 State change

3 Informational

4 Verbose

In addition, you also need to enable WPRINT_ENABLE_SECURITY_DEBUG in /include/wiced_defaults.h. Please note that debug printing consumes a lot of memory so you need to allocate at least 4 kB to the stack of every thread that uses debug printing.

This blog post has been created to track all issues related to WICED Wi-Fi security from WICED Studio 5.x onwards. This blog will be updated regularly.

Unresolved:

Can't receive the data larger than 1447 bytes in Websocket(tls mode)?-https://community.cypress.com/message/33065#33065

TLS and azure mqtt broker-https://community.cypress.com/message/31466#31466

How to use AES-CCM APIs provided in SDK?-https://community.cypress.com/message/33044#33044

every mqtt connection consume about 8k ram-https://community.cypress.com/message/31119#31119

wiced_tcp_stream_read issues in WICED 5.2

sdk-5.2.0: snip.https_client test failure

sdk-5.2: mbedtls_open library bug

CYW4307 Cryptography Core

sdk-5.2: wiced_tls_init_identity assertion bug

console: join_ent test peap failure

debugging EAP-TLS on Wiced 3.7.0-3, server-hello failing

Handshake TLS download cert

Open source SSL/TLS Library support for WICED-SDK-3.1.2

Resolved:

Failing Client Authentication with .Net application-https://community.cypress.com/message/31617#31617

ssl_handshake_client_async freeze at state SSL_CLIENT_CERTIFICATE-https://community.cypress.com/message/32024#32024

Error: 5035 while TLS connection ?-https://community.cypress.com/message/32141#32141

TLS Support for both ECC and RSA Certificate/Key pair-https://community.cypress.com/message/33117#33117

How to change default TLS elliptic curve-https://community.cypress.com/message/33196#33196

AES_256_GCM CIPHER-https://community.cypress.com/message/33118#33118

How to know eap_type of enterprise security AP via the scan result?

How correct wifi exploit in sdk3.7 or others?

Snip.websocket_client worked without TLS but doens't work with TLS

DTLS client handshake with WICED Studio 5.0

If there are any other threads on WICED security or BESL library that have remained unresolved, kindly let me know and I will update this blog. Similarly blog posts on other issues will be created if necessary.

                                   

• Code Overview
  
  • iBeacon and SDK 2.1 Code Overview
  • WICED Smart BCM2073X Coding Tips from user maxsong...
  • WICED Smart Training videos, compliments of Macnica North America...
  • BCM92073X BLE Profile Configuration

• General Questions
  
  • BCM20732 questions
  • How to get started (coming from arduino)
  • What is difference between being connected versus paired?
  • Wiced Smart Software Runtime -- Lots of Questions
  • About BCM20737S
  • BCM20737s: NFC Reader or only TAG?

• Hardware Design between 2073X and External MCU

• Reference Design/Schematics
  
  • New iBeacon BCM20737 Reference Design
  • Experts Interview Video: Michael L. - IBCN BCM20737 Schematic Review
  • BCM20737TAG Board - Gerbers and Schematics

• Layout
  
  • BCM20732 layout options
  • BCM20737S input capacitors and placement
  • BCM20732S layout
  • Are pullup resistors always needed on 20732 SCL and SCA pins?
  • Exact Location of internal PIFA Antenna on BCM20737S
  • 20732S XTAL (32KHz)

• General
  
  • WICED Smart Video BLOG: SDK 2.1 Smart Designer Tool Walk-Thru
  • WICED Smart BCM92073X GATT DB Operation
  • Lots of questions.. L2CAP/GATT/GAP, etc
  • Multiple Notifications in an App...?
  • Support for very large characteristics

• Other
  • How to change the GATT database after init (bleapp_set_cfg) ?
  • Is pairing/encryption mandatory to allow a peer to write in GATT

• Advertising
  
  • Customizing Advertising on WICED Smart
  • Best way to rewrite advertisement data
  • Connectable vs. nonconnectable Advertisements.
  • How to change advertisement interval after init?
  • Advertising during connection
  • bleprofile_notifyAdvPacketTransmissions doesn't work.

• Callback to modify single advertisments?
• About the bleprofile_GenerateScanRspData function?
• How to register callback for ADV events ?

• Scanning
  
  • Scan sometimes stops working
  • Scheduling of scan window and connection window

• Additional master/slave questions on BCM20736/7 family
• Re: How best to implement bulk data transport
• smp_bond_result 04
• Connection Event Callback API
• Connection Event Callback API (follow-on)
• Connection Interval and Connection Slave Latency
• When does bleprofile_sendNotification() actually send?
• Check if bleprofile_sendNotification() was successful
• Slow reconnection
• Sometimes connection not bonding

• Adding and removing master nodes to a whitelist running on a peripheral device

• General
  
  • BCM2073XS GPIO Basics
  • Can someone tutor me on GPIO usage?
  • GPIO Headers
  • BCM20732S PIN information
  • BCM2073xS (BCM20737S) GPIO bonding

• Interrupts
  • Access_tag_interrupt_handler
  • How to identify GPIO interrupt source pin?
  • Buttons in hello_sensor.c
  • How can I wake BCM20737S up by using GPIO interrupt?
  • How to disable interrupt?
  • GPIO in high impedance mode
  • Wake up on GPIO interrupt

• General
  
  • Information: Debug the BCM20732 Tag over HCI-UART using a COM port via USB on the PC
  • How to debug the board step by step?
  • Information: BCM20732S debug/trace capabilities through the HCI UART port
  • How do I interpret the extra tracing data ?
  • Testing Master and Slave Roles
  • How can I use ble_trace() for application debug?
  • How to get debug traces ?
  • WICED Sense debug with UART
  • How to disable 20737S SDK trace, BLE_TRACE_DISABLE?

• J-Link
  • WICED Smart J-Link Debugger
  • WICED Smart - Debugging Support Using a J-Link Probe Application Note

• BCM92073X TAG Power Supply Configurations
• Power level granularity in blecm_setTxPowerInConnection() and blecm_setTxPowerInADV()
• Current Draw and Advertising Timing on the WICED Sense (BCM20737S)
• how to reduce the power consumption when use puart ?
• BCM20737S Current Consumption Voltage Condition and more...
• [BC20636S] Power consumption advantages when using external oscillator

• BLE RF Testing Specification Introduction
• BLE RF Testing Setup Procedures

• General
  
  • WICED Smart Video BLOG: Experts Interview - Sleep Deep_Sleep and Advertising
  • Sleep Deep_Sleep Explanation and Techniques
  • WICED Smart Sleep/Deep-Sleep Explanation and Techniques Design Guide
  • BCM20736S Sleep Example Firmware
  • Questions sleep and deep sleep modes on BCM20737
  • GPIO Interrupt State after Deep Sleep

• Entering Sleep
  
  • How to enter HIDOFF?  How to detect if the request is not honored?
  • Putting '20732S into sleep or deep sleep mode
  • BCM20736S HIDOFF problem
  • Problem with sleep mode
  • Sleep Mode on 20736S

• Waking From Sleep
  • Boot Time of WICED Smart Tag Board (BCM20737)
  • GPIO state in deep sleep
  • For wake on GPIO interrupts, please look under GPIO->Interrupt
    

• WICED™ Smart Hardware Interfaces
• BCM20736S I2C, PUART and SPI comms
• SPI1 access or send command to flash in application level.

• Memory:
  • BCM20732 Memory Map Architecture
  • BCM92073X TAG Memory and Programming Configurations
  • WICED Smart BCM92073X I2C EEPROM Emulation Porting Guide
  • WICED Smart BCM92073X EEPROM and SFLASH Layout
  • WICED Smart BCM92073X NVRAM Access
  • Memory size limits on 20732?
  • BCM20732S NVRAM Size
  • nvram: number of locations to write to
  • BCM20736S I2C, PUART and SPI comms
  • It seems that I can not read the data is stored in NVRAM before the last power off.
  • Layout of VS1 in the EEPROM
  • Re: Accessing the 512 kb (64 kB) EEPROM in the 20737S module

• PWM:
  • LED with PWM
  • Different Frequencies for PWM
  • How many PWM channels available in BCM20732S ?
  • BCM92073x periodic interrupt rate
  • How to turn on LED

• ADC:
  • BCM20732S ADC Configuration
  • Questions related to the ADC implementation on the BCM2073XS...
  • ADC on BCM20732

• UART:
  • Information: Programming your BCM20732S-based board from an onboard UART header
  • UART does not receive
  • UART Routines
  • BCM20732S based boards sometimes develop UART failure
  • Spec for uploading firmware to the BCM20732S via HCI UART?
  • puart_write() crashing on BCM20736?
  • Peripheral UART missing bytes
  • Problem with UART watermarks
  • PUART RTS/CTS Hardware Flow Control
  • What are the PUART FIFO Rx interrupt threshold settings?
  • Need clarification on PUART RTS/CTS flow control support

• I2C:
  • I2C Discussion
  • BCM20736S recovery problem - SDA high does not enter recovery mode
  • How can I use i2c in BCM20737S?

• SPI:
  • SPI on BCM920732TAG
  • Spi Debug
  • SPI flow control

• Timer in 2073x
• BCM20737S Timer Module

• Software/Usage
  
  • appFineTimer
  • FineTimer
  • What is the best way to set an application timer to fire?
  • how to config RTC use external 32.768?
  • Re: How to use real time tick clock?
  • rtc_sample bricks our BCM20736S-based board
  • Turning off the timers in BCM20736S
  • Hello_client/blecen Timer Callback Questions

• Watchdog Timer
  • How can I get bcm20732s reset reason?
  • Increasing/Disabling the watchdog timer

• Crystal
  • Explanation of Crystal Warmup Issue
  • Crystal warm-up work-around video...
  • 32kHz Crystal Spec?
  • Internal vs. External Oscillator

• RTC
  • rtc_RtcTime2Sec() returns wrong seconds when RtcTime.year is 2016
  • How to use real time tick clock?
  • rtc_sample bricks our BCM20736S-based board
  • how to config RTC use external 32.768?

• Watchdog Timer
  • Increasing/Disabling the watchdog timer
  • How can I get bcm20732s reset reason?

• Hardware Timer
  • How to use 100us interval timer?
  • Hardware Timer (hw_timer.h) usage
  • HW Timer in 2073x
  • Timer in 2073x
  • Wiced Sense hardware timer example
  • Wiced Sense hardware timer example (part 2)

• WICED Smart BCM92073X OTA Firmware Upgrade (1)
• WICED Smart BCM92073X OTA Firmware Upgrade (2)
• How to do OTA: Step by Step with PDF
• SOTAFU for Android and iOS
• Why error occur when I open WsOtaUpgrade.exe?
• Why error occur when I open WsOtaUpgrade.exe? (continued)
• Issue with using Windows OTA upgrade app

• How to recover BCM20736S on custom board?

Security:

• Encryption API
• How to operate RSA in BCM20737S & BCM20737S document
• Update on RSA and/or app note for BCM20737?
• BCM20736S and RSA
• RSA Document
• BCM20737S: LE security mode1 level3/4 supported?

• Programming manufacturing data during production
• Do I need to register separately with the Bluetooth SIG to use the Bluetooth logo in my product?

• BD_ADDR - how do you get one?
• BD_ADDR: Changing BCM20737 Board Address for Production
• Changing BD_ADDR from the application
• Video Link : 1216

• Programming the TAG2/TAG3 Board using command line tools
• BCM20732S refuses to program
• cgs.exe and ChipLoad.exe

• WICED Smart BCM92073X Generate Your Own UUID

• Broadcom BCM20732S/BCM20736S/BCM20737S Regulatory Approvals
• Certification from Bluetooth SIG
• 20732S regulatory certification
• More questions regarding FCC certification on the BCM2073XS Product
• FCC Certification Flow for Broadcom module products
• FCC approval for BCM20736S