Wi-Fi Combo Forum Discussions
I reviewed the network packet captures more closely and the difference I see between the network packet captures of the failing .Net and working SSL is .Net does not add the TLS Record Header (Type/Version/Size) to every message (which is not required).
.Net concatenates several messages under one TLS Record Header as show below.
Failing .Net Client response after Server Hello Done: Certifcate, Client Key Exchange, Certificate Verify, Change Cipher Spec, Encrypted Handshake Message
IP 10.57.10.145.4585 > 10.57.30.133.26: . 179:1497(1318)
0x0000: 4500 054e 38c2 4000 8006 7f60 0a39 0a91
0x0010: 0a39 1e85 11e9 001a 02ee 77fc 27b8 982c
0x0020: 5010 0101 e2b3 0000 1603 0306 ae0b 0004 Handshake TLS1.2 size=0x06ae certificate=0x0b size=0x0496
0x0030: 9c00 0499 0004 9630 8204 9230 8203 7aa0
.
.
.
0x04c0: 9350 7474 859a fbce 2919 e123 4f10 0001 Client Key Exchange=0x10 size=0x0102
0x04d0: 0201 0048 7881 5f19 9669 c93b 0fc3 e62f
0x04e0: 4a78 e0b8 82a7 04c8 342d a812 2434 2518
Working SSL Client response after Server Hello Done: Certificate, Client Key Exchange
IP 10.57.10.145.4850 > 10.57.30.133.26: . 518:1836(1318)
0x0000: 4500 054e 4d6c 4000 8006 6ab6 0a39 0a91
0x0010: 0a39 1e85 12f2 001a 7380 4bd7 48b6 faef
0x0020: 5010 ffff c888 0000 1603 0304 a00b 0004 Handshake TLS1.2 size=0x04a0 certificate=0x0b size=0x0496
0x0030: 9c00 0499 0004 9630 8204 9230 8203 7aa0
0x0040: 0302 0102 0201 0530 0d06 092a 8648 86f7
.
.
.
0x04c0: 9350 7474 859a fbce 2919 e123 4f16 0303 Handshake TLS1.2 size=0x0106 Client Key Exchange=0x10 size=0x0102
0x04d0: 0106 1000 0102 0100 9467 13b9 863d d746
0x04e0: 4ade 4123 884a 636a 9664 3d2a f221 14c4
Does this SDK handle several messages concatenated in a single Record Layer message?
Using an ISM43362 development board running a TCP server socket secured with TLS1.2 and mutual authentication. I can connect an openSSL client and also another ISM43362 acting as a client with no issues.
Trying to connect to our .NET application function: wiced_tcp_accept() --> wiced_tcp_start_tls() --> wiced_generic_start_tls_with_ciphers() --> ssl_handshake_server_async( &tls_context->context ) fails, returning error = 64416.
Connects fine if I disable client authentication.
Could you tell me what the error code 64416 from ssl_handshake_server_async() is for?
SDK version: WICED-Studio-4.1.1.8-IDE
HW Platform: ISM43362 (Inventek 43362-M3G development board
Log:
Starting WICED v4.1.1
Platform DPM3_ISM43362_M3G_L44 initialised
Started ThreadX v5.6
Initialising NetX_Duo v5.7_sp2
Creating Packet pools
WWD SDIO interface initialised
WLAN MAC Address : C4:7F:51:01:6A:E9
WLAN Firmware : wl0: Oct 6 2016 01:32:44 version 5.90.230.15 FWID 01-2ef61140
application_start: Time: 6:20:30 3/23/17
Joining : mtcorp
Successfully joined : mtcorp
Obtaining IPv4 address via DHCP
DHCP CLIENT hostname WICED IP
IPv4 network ready IP: 10.57.30.133
Setting IPv6 link-local address
IPv6 network ready IP: FE80:0000:0000:0000:C67F:51FF:FE01:6AE9
Link is Up
application_start: Mutual Authentication: Init Root CA: tls_DpgRootCA len=1480
application_start: Lock DCT, Read the certificate Key
application_start: Init TLS Server Identity
application_start: unLock DCT
application_start: Init TLS Server Context for peer DynaPED Server
application_start: Create Server Socket
application_start: Register Server callbacks
application_start: Enable Server TLS
application_start: Enable Server Listen
application_start: Get IPv4 address
application_start: DynaProGo Server at 10.57.30.133:26
client_connected_callback: Accept client connection
wiced_generic_start_tls_with_ciphers: Error[64416] with TLS server handshake
wiced_generic_start_tls_with_ciphers: ERROR [64416] Exit
wiced_tcp_start_tls: Error[64416]
client_connected_callback: ERROR [1]: wiced_tcp_accept
Source Code:
void application_start( void )
{
wiced_result_t result;
wiced_interface_t interface = WICED_STA_INTERFACE;
wiced_network_config_t ip_config = WICED_USE_EXTERNAL_DHCP_SERVER;
platform_dct_security_t* dct_security = NULL;
platform_rtc_time_t time;
wiced_ip_address_t address;
uint32_t ipv4;
/* Initialise the device and WICED framework */
result = wiced_init();
if (result != WICED_SUCCESS) {
WPRINT_APP_INFO( ("%s: ERROR [%d]: Wiced Init\r\n",__FUNCTION__,result) );
return;
}
result = platform_rtc_get_time( &time );
WPRINT_APP_INFO( ("%s: Time: %u:%u:%u %u/%u/%u\r\n",__FUNCTION__,time.hr,time.min,time.sec,time.month,time.date,time.year) );
/* Bring up the STA (client) interface */
result = wiced_network_up( interface, ip_config, NULL );
if (result != WICED_SUCCESS) {
WPRINT_APP_INFO( ("%s: ERROR [%d]: No Connection to AP\r\n",__FUNCTION__,result) );
return;
}
WPRINT_APP_INFO( ("Link is Up\r\n") );
#if (MUTUAL_AUTHENTICATE == 1)
WPRINT_APP_INFO( ( "%s: Mutual Authentication: Init Root CA: tls_DynaPEDRootCA len=%u\r\n",__FUNCTION__ ,strlen( tls_DynaPEDRootCA )) );
/* Initialize the root CA certificate */
result = wiced_tls_init_root_ca_certificates( tls_DynaPEDRootCA, strlen( tls_DynaPEDRootCA ) );
if ( result != WICED_SUCCESS )
{
WPRINT_APP_INFO( ( "%s: ERROR [%d]: Root CA certificate failed to initialize\n",__FUNCTION__, result) );
return;
}
#endif
/* Lock the DCT to allow us to access the certificate and key */
WPRINT_APP_INFO(( "%s: Lock DCT, Read the certificate Key\r\n",__FUNCTION__ ));
result = wiced_dct_read_lock( (void**) &dct_security, WICED_FALSE, DCT_SECURITY_SECTION, 0, sizeof( *dct_security ) );
if ( result != WICED_SUCCESS )
{
WPRINT_APP_INFO(("%s: ERROR [%d]: Unable to lock DCT to read certificate\n",__FUNCTION__, result));
return;
}
WPRINT_APP_INFO( ("%s: Init TLS Server Identity\r\n",__FUNCTION__) );
/* Setup TLS Server identity */
result = wiced_tls_init_identity( &tls_server_identity, dct_security->private_key, strlen( dct_security->private_key ), (uint8_t*) dct_security->certificate, strlen( dct_security->certificate ) );
if ( result != WICED_SUCCESS )
{
WPRINT_APP_INFO(( "%s: ERROR [%d]: Unable to initialize TLS server identity\n",__FUNCTION__, result ));
return;
}
WPRINT_APP_INFO( ("%s: unLock DCT\r\n",__FUNCTION__) );
/* Finished accessing the certificates */
result = wiced_dct_read_unlock( dct_security, WICED_FALSE );
if ( result != WICED_SUCCESS )
{
WPRINT_APP_INFO(( "%s: ERROR [%d]: DCT Read Unlock\n",__FUNCTION__, result ));
return;
}
WPRINT_APP_INFO( ("%s: Init TLS Server Context for peer %s\r\n",__FUNCTION__,HOST_CLIENT_CN) );
/* Setup TLS Context */
result = wiced_tls_init_context( &tls_server_context, &tls_server_identity, HOST_CLIENT_CN );
if ( result != WICED_SUCCESS )
{
WPRINT_APP_INFO(( "%s: ERROR [%d]: Unable to initialize TLS Server context %s\n",__FUNCTION__,result,HOST_CLIENT_CN ));
return;
}
WPRINT_APP_INFO( ("%s: Create Server Socket\r\n",__FUNCTION__) );
/* Create a TCP server socket */
if ( wiced_tcp_create_socket( &tcp_server_socket, WICED_STA_INTERFACE ) != WICED_SUCCESS )
{
WPRINT_APP_INFO( ("%s: ERROR [%d]: TCP Server socket creation failed\r\n",__FUNCTION__, result) );
return;
}
/* Register Server callbacks to handle various TCP events */
WPRINT_APP_INFO( ("%s: Register Server callbacks\r\n",__FUNCTION__) );
result = wiced_tcp_register_callbacks( &tcp_server_socket, client_connected_callback, received_data_from_client_callback, client_disconnected_callback, NULL );
if ( result != WICED_SUCCESS )
{
WPRINT_APP_INFO( ("%s: ERROR [%d]: TCP server socket initialization\r\n",__FUNCTION__,result) );
return;
}
/* Set Server socket as TLS */
WPRINT_APP_INFO( ("%s: Enable Server TLS\r\n",__FUNCTION__) );
result = wiced_tcp_enable_tls( &tcp_server_socket, &tls_server_context );
if ( result != WICED_SUCCESS )
{
WPRINT_APP_INFO( ("%s: ERROR [%d]: TLS server enable\r\n",__FUNCTION__,result) );
return;
}
/* Start TCP server to listen for connections */
WPRINT_APP_INFO( ("%s: Enable Server Listen\r\n",__FUNCTION__) );
if ( wiced_tcp_listen( &tcp_server_socket, TCP_SERVER_LISTEN_PORT ) != WICED_SUCCESS )
{
WPRINT_APP_INFO( ("%s: TCP server socket initialization failed\r\n",__FUNCTION__) );
/* Clean up and halt */
}
while (1);
return;
}
static wiced_result_t client_connected_callback( wiced_tcp_socket_t* socket, void* arg )
{
wiced_result_t result;
wiced_ip_address_t ipaddr;
uint16_t port;
platform_rtc_time_t time;
UNUSED_PARAMETER( arg );
/* Accept connection request */
WPRINT_APP_INFO(("%s: Accept client connection\r\n",__FUNCTION__));
result = wiced_tcp_accept( socket );
if ( result != WICED_SUCCESS )
{
WPRINT_APP_INFO( ("%s: ERROR [%d]: wiced_tcp_accept\r\n",__FUNCTION__,result) );
}
else
{
/* Extract IP address and the Port of the connected client */
wiced_tcp_server_peer( socket, &ipaddr, &port );
WPRINT_APP_INFO ( ("%s: Connected Client IP: %u.%u.%u.%u Port %d\r\n",__FUNCTION__,
(unsigned char) ( ( GET_IPV4_ADDRESS(ipaddr) >> 24 ) & 0xff ),
(unsigned char) ( ( GET_IPV4_ADDRESS(ipaddr) >> 16 ) & 0xff ),
(unsigned char) ( ( GET_IPV4_ADDRESS(ipaddr) >> 8 ) & 0xff ),
(unsigned char) ( ( GET_IPV4_ADDRESS(ipaddr) >> 0 ) & 0xff ),
port ) );
result = platform_rtc_get_time( &time );
WPRINT_APP_INFO( ("%s: Time: %u:%u:%u %u/%u/%u\r\n",__FUNCTION__,time.hr,time.min,time.sec,time.month,time.date,time.year) );
return WICED_SUCCESS;
}
return WICED_ERROR;
}
static wiced_result_t client_disconnected_callback( wiced_tcp_socket_t* socket, void* arg )
{
UNUSED_PARAMETER( arg );
WPRINT_APP_INFO(("%s: Client disconnected\r\n",__FUNCTION__));
wiced_tcp_disconnect(socket);
/* Start listening on the socket again */
if ( wiced_tcp_listen( socket, TCP_SERVER_LISTEN_PORT ) != WICED_SUCCESS )
{
WPRINT_APP_INFO( ("%s: TCP server socket re-initialization failed\r\n",__FUNCTION__) );
wiced_tcp_delete_socket( socket );
return WICED_ERROR;
}
WPRINT_APP_INFO( ("%s: Enable Server Listen port %u\r\n",__FUNCTION__,TCP_SERVER_LISTEN_PORT) );
return WICED_SUCCESS;
}
static wiced_result_t received_data_from_client_callback( wiced_tcp_socket_t* socket, void* arg )
{
wiced_result_t result;
wiced_packet_t* tx_packet;
char* tx_data;
wiced_packet_t* rx_packet = NULL;
char* request;
uint16_t request_length;
uint16_t available_data_length;
result = wiced_tcp_receive( socket, &rx_packet, WICED_WAIT_FOREVER );
if ( result != WICED_SUCCESS )
{
return result;
}
wiced_packet_get_data( rx_packet, 0, (uint8_t**) &request, &request_length, &available_data_length );
/* Null terminate the received string */
request[request_length] = '\x0';
WPRINT_APP_INFO(("%s: Received data: size=%u \r\n",__FUNCTION__, request_length));
/* Send echo back */
if ( wiced_packet_create_tcp( socket, TCP_PACKET_MAX_DATA_LENGTH, &tx_packet, (uint8_t**)&tx_data, &available_data_length ) != WICED_SUCCESS )
{
WPRINT_APP_INFO(("%s: TCP packet creation failed\r\n",__FUNCTION__));
return WICED_ERROR;
}
/* Write the message into tx_data" */
tx_data[request_length] = '\x0';
memcpy( tx_data, request, request_length );
/* Set the end of the data portion */
wiced_packet_set_data_end( tx_packet, (uint8_t*)tx_data + request_length );
/* Send the TCP packet */
if ( wiced_tcp_send_packet( socket, tx_packet ) != WICED_SUCCESS )
{
WPRINT_APP_INFO( ("%s: TCP packet send failed\r\n",__FUNCTION__) );
/* Delete packet, since the send failed */
wiced_packet_delete( tx_packet );
}
WPRINT_APP_INFO(("%s: Echo data: \r\n",__FUNCTION__));
/* Release a packet */
wiced_packet_delete( rx_packet );
return WICED_SUCCESS;
}
WireShark Traces: filter with: ip.addr == 10.57.30.133 and tcp
SSLClient (OK), PcNetClient_NoClientAuth (OK), PcNetClient_ClientAuth (Fails)
Show LessHi
To improve throughput I try to enable "toe" function but return WICED_UNSUPPORTED.
Do I need firmware other than default "wifi_image.c"?
If yes, where could I get the firmware?
Thanks
Show Lesshi,
We are trying to develop custom FW for SN8200 that would communicate with some device via uart and send some simple data over tcp as client
We have successfully set up wiced for the platform and implemented protocol on top of uart.
So far we start one main worker thread and one thread with semaphore for uart data capture. at this stage all works great.
when we add tcp client example the code stops before reaching the start of application.
when i try to step into tx_kernel_enter( );
i find myself on this breakpoint.
else if ( ( SCB->CFSR & SCB_CFSR_IMPRECISERR ) != 0 )
{
/* Bus Fault */
TRIGGER_BREAKPOINT(); /* Imprecise Data Bus Error - i.e. Data Bus fault occurred but details have been lost due to priorities delaying processing of the fault */
/* No fault details are available in this case*/
/* You may try stepping past the return of this handler, which may return near the location of the error */
application stack is 6144
above mentioned threads have stack size 1024
How is it possible that the code crashes before reaching anywhere near application part?
are we doing wrong something obvious?
can someone please help?
best regards,
martin
Show LessHi, All
We are digging the wiced-sdk/Apps/snip/p2p, and success to make the p2p connection, but after connection, how to make tcp connection, as you see.
The following code just start p2p link connection.
void application_start( )
{
wiced_init();
besl_p2p_init ( &workspace, &device_details );
besl_p2p_start( &workspace );
}
How can I know when the connection is complete, for example I need some API like following:
Boolean wiced_p2p_is_connection_ok();
Boolean wiced_p2p_is_group_owner();
Show LessIn environments, where the AP has extenders (typically having identical SSIDs as that of main base AP) or has mesh network type of configuration (EERO product) etc, would the WICED SDK handle the connections/re-connections automatically? It appears that the application has to explicitly use the BSSID and add extra layer of logic, to handle these configurations.
Can someone confirm what the expected behavior from WICED framework be, in these situations?
-Jey
Show LessHi there
I'm using an AP6212A that contains an BCM43430 on the RedBear Duo and on the RedBear IoT pHAT with a breakout board on my Mac. The BCM43430 on the Duo has a 26 Mhz crystal, while the pHAT uses a 37.4 Mhz crystal.
Problem: after power-up, the patch ram from WICED Studio 4.1.1 is sent on the Duo (26 MHz), then H5 is enabled. Everything seems to work fine, but when HCI LE Encrypt is sent via H5, I don't get any further messages from the BCM43430. The Host is repeating the HCI LE Encrypt command over an over, but no nothing is received.
Interestingly:
- there's no problem when using H4 on either platform
- there's no problem on the Mac using the pHAT with the 37.4 MHz crystal
I'm not convinced that the different clock configuration could cause this and I don't have a breakout board with 26 MHz to test on the Mac.
My workaround for now: calculate AES128 in software instead of using the Bluetooth Controller.
Any ideas, comments, suggestion?
Show Lessmy os is windows10 and develope environment is WICED Studio 4.1.1 IDE.
I want to create shadow example DCT Image. (refer to "WICED-AN800-R-Factory-Programming.pdf")
First, I downloaded this -> (https://github.com/wlljk2002/bcm-wiced-sdk/tree/master/apps/demo/temp_control)
and copy factory_reset_dct.c file , mfg folder (included files also)
Second, I modified factory_reset_dct.c and mfg/0001.txt
**factory_reset_dct.c (I changed the contents to this code.)**
static const factory_reset_dct_t factory_reset_dct =
{
/* Security Credentials for Config Section _______________________________________*/
.Platform.security_credentials.certificate = _DYNAMIC_CERTIFICATE_STORE,
.Platform.security_credentials.private_key = _DYNAMIC_PRIVATE_KEY_STORE,
};
**0001.txt***(I changed the contents to this code.Omit the contents of the security keys)
CERTIFICATE_STORE="-----BEGIN CERTIFICATE-----\r\n"\
"-----END CERTIFICATE-----\r\n"\
"\0"\
"\0"
PRIVATE_KEY_STORE="-----BEGIN CERTIFICATE-----\r\n"\
"-----END CERTIFICATE-----\r\n"\
"\0"\
"\0"
Third, I input Windows cmd shell command to build shadow application
> .\make demo.aws_iot.shadow-BCM943907WCD2 factory_reset_dct apps/demo/aws_iot/shadow/mfg/0001.txt
(This is done after moving to the path where 'make' file exists.)
But I got the error message.
MAKEFILE MAKECMDGOALS=demo.aws_iot.shadow-BCM943907WCD2 factory_reset_dct apps/demo/aws_iot/shadow/mfg/0001.txt OTA2_SUPPORT is disabled
Makefile:322: warning: overriding recipe for target 'demo.aws_iot.shadow-BCM943907WCD2'
Makefile:288: warning: ignoring old recipe for target 'demo.aws_iot.shadow-BCM943907WCD2'
Makefile:322: warning: overriding recipe for target 'apps/demo/aws_iot/shadow/mfg/0001.txt'
Makefile:288: warning: ignoring old recipe for target 'apps/demo/aws_iot/shadow/mfg/0001.txt'
Makefile:360: warning: overriding recipe for target 'factory_reset_dct'
Makefile:322: warning: ignoring old recipe for target 'factory_reset_dct'
make: *** No rule to make target 'wiced_factory_reset.mk', needed by 'factory_reset_dct'. Stop.
and I found wiced_factory_reset.mk file , but this file is not exist
Please help me figure out what's wrong.
Show LessDear Sirs,
I use https_clients example to connect google, but it show 5035 error.
What I amend is:
1. add private key
2. add public key
3. add root CA
4. Change website to www.google.com
Then terminal show 5035 error after run the example.
I trace the code and find this error is reported by wiced_tls.c, so I presume there are something wrong on TLS transaction.
Is there anyone encounter this problem ? Could it possible I use the wrong root certification (root CA) ?
PS. I use WICED-Studio-4.1-sdk, and get root CA from Let's Encrypt
Show LessHi
According to the CYW4343W datasheet, it should have support for BT4.1 features. However, I cannot find which features it specifically supports and how to implement them. So does the CYW4343W support the LE Ping feature? and where can I find the exact Bluetooth features supported by the chip?
Thanks
Show LessDear support,
I have a problem with the debugger not working.
I use an eval board MurataType1LD, It is a combo wifi /ble.
I use WICED studio 4.1 and 43xxx_WiFi SDK.
I use the the following target : xxx-MurataType1LD-debug download
The download work. After I clicked on the start debug, I go directly to hard fault handler (see in the enclosed file).
Does it do a specific configuration for the debbugger?
Does it do add a specific command in the makefile or in the program?
I configured the debbugger exactly as the documentation(see in enclosed too).
Show Less