This blog post shows how to use macros in WICED to debug TLS (Transport Layer Security) data. The mbedTLS library provides debug macros MBEDTLS_DEBUG_C, MBEDTLS_SSL_DEBUG_ALL and MBEDTLS_DEBUG_LOG_LEVEL defined in /WICED/security/BESL/mbedtls_open/include/mbedtls/config.h and they are disabled by default. You can enable those macros and define MBEDTLS_DEBUG_LOG_LEVEL as per the level of debugging required. Higher the level, more details can be captured in the logs. The log levels are defined as shown below:
0 No debug
1 Error
2 State change
3 Informational
4 Verbose
In addition, you also need to enable WPRINT_ENABLE_SECURITY_DEBUG in /include/wiced_defaults.h. Please note that debug printing consumes a lot of memory so you need to allocate at least 4 kB to the stack of every thread that uses debug printing.
Show LessThis blog post has been created to track all issues related to WICED Wi-Fi security from WICED Studio 5.x onwards. This blog will be updated regularly.
Unresolved:
Can't receive the data larger than 1447 bytes in Websocket(tls mode)?-https://community.cypress.com/message/33065#33065
TLS and azure mqtt broker-https://community.cypress.com/message/31466#31466
How to use AES-CCM APIs provided in SDK?-https://community.cypress.com/message/33044#33044
every mqtt connection consume about 8k ram-https://community.cypress.com/message/31119#31119
wiced_tcp_stream_read issues in WICED 5.2
sdk-5.2.0: snip.https_client test failure
sdk-5.2: mbedtls_open library bug
sdk-5.2: wiced_tls_init_identity assertion bug
console: join_ent test peap failure
debugging EAP-TLS on Wiced 3.7.0-3, server-hello failing
Open source SSL/TLS Library support for WICED-SDK-3.1.2
Resolved:
Failing Client Authentication with .Net application-https://community.cypress.com/message/31617#31617
ssl_handshake_client_async freeze at state SSL_CLIENT_CERTIFICATE-https://community.cypress.com/message/32024#32024
Error: 5035 while TLS connection ?-https://community.cypress.com/message/32141#32141
TLS Support for both ECC and RSA Certificate/Key pair-https://community.cypress.com/message/33117#33117
How to change default TLS elliptic curve-https://community.cypress.com/message/33196#33196
AES_256_GCM CIPHER-https://community.cypress.com/message/33118#33118
How to know eap_type of enterprise security AP via the scan result?
How correct wifi exploit in sdk3.7 or others?
Snip.websocket_client worked without TLS but doens't work with TLS
DTLS client handshake with WICED Studio 5.0
If there are any other threads on WICED security or BESL library that have remained unresolved, kindly let me know and I will update this blog. Similarly blog posts on other issues will be created if necessary.
Show LessProduct Selection | Product Evaluation | WICED Sense | Product Development | Manufacturing / Production |