8 Replies Latest reply on Mar 25, 2015 3:59 PM by seyhan

    TLS error

    garyhan

       

      I am using WICED-SDK-3.1.0. I used encryption TLS1.2 and has two way authentication, Clients connect simultaneously  to Server.

       

      I am using Murata EVB. When the module Murata EVB is in STA mode and this module Murata EVB  is a Server. There are two other Murata EVB modules are Client 1 and Client 2, I do about transmit and receive data betweent Client 1, Client 2 with Server. Client 1 connect to Server and Client 1 transmit data to Server, Server received data from Client 1, after  Client 2 connect to Server and Client 2 transmit data to Server, Server received data from Client 2. But now, when Client 1 continue to transmit data to Server, Server can not get this data which is transmitted from Client 1.

       

      Server use function wiced_https_get to get data from Client 1 and Client 2.

       

      +

       

      if(wiced_https_get(current_event.socket,buffer_receive,BUFFER_LENGTH)==WICED_SUCCESS)

       

      {

       

                  WPRINT_APP_INFO(("Received data from Server: %s\n", buffer_receive));

       

      }

       

      +

       

      wiced_result_t wiced_https_get( wiced_tcp_socket_t  *socket, void* buffer, uint32_t buffer_length )

       

      {

       

          wiced_packet_t*            reply_packet;

       

          wiced_result_t             rx_result;

       

          wiced_result_t             result     = WICED_ERROR;

       

          char*                      buffer_ptr = (char*) buffer;

       

                  rx_result = wiced_tcp_receive( socket, &reply_packet, WICED_WAIT_FOREVER );

       

                  if ( rx_result == WICED_SUCCESS )

       

                  {

       

                              uint8_t* data;

       

                              uint16_t data_length;

       

                              uint16_t available;

       

                              uint32_t data_to_copy;

       

                              // Record the fact we received a reply of some kind

       

                              // Copy data into provided buffer

       

                              wiced_packet_get_data( reply_packet, 0, &data, &data_length, &available );

       

                              data_to_copy = MIN(data_length, buffer_length);

       

                              memcpy( buffer_ptr, data, data_to_copy );

       

                              buffer_ptr    += data_to_copy;

       

                              buffer_ptr[0] = '\x0';

       

                              buffer_length -= data_to_copy;

       

                              WPRINT_APP_INFO(("get data\n"));

       

                              wiced_packet_delete( reply_packet );

       

                              result = WICED_SUCCESS;

       

                  }

       

                  else

       

                  {

       

                              WPRINT_APP_INFO(("get data error\n"));

       

                              result = WICED_ERROR;

       

                  }

       

          return (result);

       

      }

       

      + The function wiced_https_get call the function wiced_tcp_receive, The function wiced_tcp_receive call the  function wiced_tls_receive_packet               

       

       

       

      When Client 1 continue to transmit data to Server, Server can not get this data which is transmitted from Client 1, I saw the reason is: In function wiced_tls_receive_packet , there is a the function tls_get_next_record returns WICED_ERROR.

       

      Please help me to fix this error. Why the function tls_get_next_record  returns WICED_ERROR ?.

       

       

       

      + This function wiced_tcp_receive at location: E:\Tai Lieu\Work Software\WICED-SDK-3.1.0\WICED-SDK-3.1.0\WICED\network\NetX_Duo\WICED\tcpip.c

       

      wiced_result_t wiced_tcp_receive( wiced_tcp_socket_t* socket, wiced_packet_t** packet, uint32_t timeout )

       

      {

       

          WICED_LINK_CHECK( socket->socket.nx_tcp_socket_ip_ptr );

       

          return wiced_tls_receive_packet( socket, packet, timeout );

       

      }

       

      + This function wiced_tls_receive_packet at location: E:\Tai Lieu\Work Software\WICED-SDK-3.1.0\WICED-SDK-3.1.0\WICED\security\BESL\host\WICED\ wiced_tls.c

       

      wiced_result_t wiced_tls_receive_packet( wiced_tcp_socket_t* socket, wiced_packet_t** packet, uint32_t timeout )

       

      {

       

          wiced_result_t result;

       

          wiced_tls_context_t* context = &socket->tls_context->context;

       

          /* Check if we already have a record which should only happen if it was larger than a packet which means it's stored in the defragmentation buffer */

       

          if ( context->current_record != NULL )

       

          {

       

              wiced_assert( "Something wrong", (void*)context->current_record == context->defragmentation_buffer );

       

              return tls_packetize_buffered_data( context, packet );

       

          }

       

          else

       

          {

       

              tls_record_t* record;

       

              result = tls_get_next_record( context, &record, timeout, TLS_RECEIVE_PACKET_IF_NEEDED );

       

              if ( result != WICED_SUCCESS )

       

              {

       

                  return result;

       

              }

       

              /* Check if this record has been defragmented */

       

              if ( (void*)record == context->defragmentation_buffer )

       

              {

       

                  return tls_packetize_buffered_data( context, packet );

       

              }

       

              else

       

              {

       

                  tls_record_t* temp_record;

       

                  uint8_t* packet_data;

       

                  uint16_t length;

       

                  uint16_t available;

       

                  uint8_t* end_of_data;

       

                  /* We have a pointer to the current record so we can move on */

       

                  tls_skip_current_record(context);

       

                  /* Make sure we process every record in this packet */

       

                  end_of_data = record->message + htobe16( record->length );

       

                  while ( tls_get_next_record( context, &temp_record, timeout, TLS_AVOID_NEW_RECORD_PACKET_RECEIVE ) == TLS_SUCCESS )

       

                  {

       

                      /* Make the record data contiguous with the previous record */

       

                      uint16_t temp_record_length = htobe16( temp_record->length );

       

                      end_of_data = MEMCAT( end_of_data, temp_record->message, temp_record_length );

       

                      record->length = htobe16( htobe16(record->length) + temp_record_length );

       

                      tls_skip_current_record( context );

       

                  }

       

                  /* Set the packet start and end */

       

                  wiced_packet_get_data( (wiced_packet_t*)context->received_packet, 0, &packet_data, &length, &available );

       

                  tls_host_set_packet_start( context->received_packet, record->message );

       

                  wiced_packet_set_data_end( (wiced_packet_t*)context->received_packet, end_of_data );

       

                  *packet = (wiced_packet_t*)context->received_packet;

       

                  context->received_packet        = NULL;

       

                  context->received_packet_length = 0;

       

              }

       

          }

       

          return WICED_SUCCESS;

       

      }

       

        • 1. Re: TLS error
          garyhan

          hello, can somebody help on this issue?

          It has been pending for a long time and development were delayed.

          Appreciate any good souls out there who can help me on this..

           

          ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

           

          I am using WICED-SDK-3.1.2. I used encryption TLS1.2 and has two way authentication, Clients connect simultaneously to Server.

          I send you source code of Server and source code of Client. Please see attached.

          I have two cases: with a module Murata EVB is a Server and two modules Murata EVB are two Clients. Source code defined parameter WICED_MAXIMUM_NUMBER_OF_SERVER_SOCKETS 10, the maximum Clients can connect simultaneously to Server is 10. You will this definition in function wiced_result_t wiced_tcp_server_start( wiced_tcp_server_t* tcp_server, wiced_interface_t interface, uint16_t port, wiced_socket_callback_t connect_callback, wiced_socket_callback_t receive_callback, wiced_socket_callback_t disconnect_callback)

          + The first case: I don’t use encryption TLS1.2 and has two way authentication, two Clients connect to Server successfully and send data to Server successfully.

          + But in the second case: I use encryption TLS1.2 and has two way authentication, there is a error about get data of Server when transmit data from many Clients connect simultaneously to Server

          My steps to test as below:

          +> I used encryption TLS1.2 and has two way authentication.

          +> 1. Yes, Client1 connect to Server (TCP level connection OK)

               +> 2. Yes, Client2 connect to Server (TCP level connection OK)

               +> 3. Yes, Send Data from Client1 to Server (Client1 send Data OK and Server receive Data OK)

               +> 4. Yes, Send Data from Client2 to Server (Client2 send Data OK and Server receive Data OK)

               +> 5. Yes, Send Data from Client1 to Server (Client1 send Data OK and Server receive Data NG)

               +> 6. Yes, Send Data from Client2 to Server (Client2 send Data OK and Server receive Data OK)

               +> 7. Client2 disconect with Server

               +> 8. Send Data from Client1 to Server (Client1 send Data OK and Server receive Data NG)

          Error occur in step 5, Server receive Data NG. Please help me to fix this first error. Why Server can not receive data.

          Error occur in step 8, Server receive Data NG.

          At step 8, Server can not get this data which is transmitted from Client 1.

          + Server use function wiced_https_get to get data from Client 1 and Client 2.

          +

          if(wiced_https_get(current_event.socket,buffer_receive,BUFFER_LENGTH)==WICED_SUCCESS)

          {

                      WPRINT_APP_INFO(("Received data from Client: %s\n", buffer_receive));

          }

          +

          wiced_result_t wiced_https_get( wiced_tcp_socket_t  *socket, void* buffer, uint32_t buffer_length )

          {

              wiced_packet_t*            reply_packet;

              wiced_result_t             rx_result;

              wiced_result_t             result     = WICED_ERROR;

              char*                      buffer_ptr = (char*) buffer;

                      rx_result = wiced_tcp_receive( socket, &reply_packet, WICED_WAIT_FOREVER );

                      if ( rx_result == WICED_SUCCESS )

                      {

                                  uint8_t* data;

                                  uint16_t data_length;

                                  uint16_t available;

                                  uint32_t data_to_copy;

                                  // Record the fact we received a reply of some kind

                                  // Copy data into provided buffer

                                  wiced_packet_get_data( reply_packet, 0, &data, &data_length, &available );

                                  data_to_copy = MIN(data_length, buffer_length);

                                  memcpy( buffer_ptr, data, data_to_copy );

                                  buffer_ptr    += data_to_copy;

                                  //buffer_ptr[0] = '\x0';

                                  buffer_length -= data_to_copy;

                                  WPRINT_APP_INFO(("get data\n"));

                                  wiced_packet_delete( reply_packet );

                                  result = WICED_SUCCESS;

                      }

                      else

                      {

                                  WPRINT_APP_INFO(("get data error\n"));

                                  result = WICED_ERROR;

                      }

              return (result);

          }

          + The function wiced_https_get call the  function wiced_tcp_receive, The function wiced_tcp_receive call the  function wiced_tls_receive_packet              

           

          At step 8, when Client 1 continue to transmit data to Server, Server can not get this data which is transmitted from Client 1, I saw the reason is: In function wiced_tls_receive_packet , there is a the function tls_get_next_record returns WICED_ERROR.

          Please help me to fix this second error. Why the function tls_get_next_record  returns WICED_ERROR ?.

           

          + This function wiced_tcp_receive at location: E:\Tai Lieu\Work Software\WICED-SDK-3.1.2\WICED-SDK-3.1.2\WICED\network\NetX_Duo\WICED\tcpip.c

          wiced_result_t wiced_tcp_receive( wiced_tcp_socket_t* socket, wiced_packet_t** packet, uint32_t timeout )

          {

              WICED_LINK_CHECK( socket->socket.nx_tcp_socket_ip_ptr );

              return wiced_tls_receive_packet( socket, packet, timeout );

          }

          + This function wiced_tls_receive_packet at location: E:\Tai Lieu\Work Software\WICED-SDK-3.1.2\WICED-SDK-3.1.2\WICED\security\BESL\host\WICED\ wiced_tls.c

          wiced_result_t wiced_tls_receive_packet( wiced_tcp_socket_t* socket, wiced_packet_t** packet, uint32_t timeout )

          {

              wiced_result_t result;

              wiced_tls_context_t* context = &socket->tls_context->context;

              /* Check if we already have a record which should only happen if it was larger than a packet which means it's stored in the defragmentation buffer */

              if ( context->current_record != NULL )

              {

                  wiced_assert( "Something wrong", (void*)context->current_record == context->defragmentation_buffer );

                  return tls_packetize_buffered_data( context, packet );

              }

              else

              {

                  tls_record_t* record;

                  result = tls_get_next_record( context, &record, timeout, TLS_RECEIVE_PACKET_IF_NEEDED );

                  if ( result != WICED_SUCCESS )

                  {

                      return result;

                  }

                  /* Check if this record has been defragmented */

                  if ( (void*)record == context->defragmentation_buffer )

                  {

                      return tls_packetize_buffered_data( context, packet );

                  }

                  else

                  {

                      tls_record_t* temp_record;

                      uint8_t* packet_data;

                      uint16_t length;

                      uint16_t available;

                      uint8_t* end_of_data;

                      /* We have a pointer to the current record so we can move on */

                      tls_skip_current_record(context);

                      /* Make sure we process every record in this packet */

                      end_of_data = record->message + htobe16( record->length );

                      while ( tls_get_next_record( context, &temp_record, timeout, TLS_AVOID_NEW_RECORD_PACKET_RECEIVE ) == TLS_SUCCESS )

                      {

                          /* Make the record data contiguous with the previous record */

                          uint16_t temp_record_length = htobe16( temp_record->length );

                          end_of_data = MEMCAT( end_of_data, temp_record->message, temp_record_length );

                          record->length = htobe16( htobe16(record->length) + temp_record_length );

                          tls_skip_current_record( context );

                      }

                      /* Set the packet start and end */

                      wiced_packet_get_data( (wiced_packet_t*)context->received_packet, 0, &packet_data, &length, &available );

                      tls_host_set_packet_start( context->received_packet, record->message );

                      wiced_packet_set_data_end( (wiced_packet_t*)context->received_packet, end_of_data );

                      *packet = (wiced_packet_t*)context->received_packet;

                      context->received_packet        = NULL;

                      context->received_packet_length = 0;

                  }

              }

              return WICED_SUCCESS;

          }

          + I send you source code of Server and source code of Client. Please replace files in your project by my files. The modules Murata EVB at STA mode, I repaired name of wifi network and password of wifi network in my file default_wifi_config_dct.h, please repair your file default_wifi_config_dct.h.

          The files of Server include: appliance.c, http_server.c, http_server.h, wiced_tls.c, tcpip.c, wiced_network.h, wiced_tcpip.h.

          File appliance.c: WICED-SDK\apps\demo\appliance\appliance.c

          File http_server.c:WICED-SDK\libraries\daemons\HTTP_server\http_server.c

          File http_server.h:WICED-SDK\libraries\daemons\HTTP_server\http_server.h

          File wiced_tls.c :WICED-SDK\WICED\security\BESL\host\WICED\wiced_tls.c

          File tcpip .c:WICED-SDK\WICED\network\NetX_Duo\WICED\ tcpip.c

          File wiced_network.h: WICED-SDK\WICED\network\NetX_Duo\WICED\ wiced_network.h

          File wiced_tcpip.h: WICED-SDK\include\ wiced_tcpip.h

          The files of Clients include: appliance.c, tcpip.c.

          File appliance.c: WICED-SDK\apps\demo\appliance\appliance.c

          File tcpip .c:WICED-SDK\WICED\network\NetX_Duo\WICED\ tcpip.c

          The modules Murata EVB are Clients, the Clients connect to Laptop via USB port, build Project, run software Advanced serial port terminal on Window 7, on Advanced serial port terminal, at part Send: I enter the character c, Client will send a string data “dung” to Server, Server receive data: “dung”, I call function:

          wiced_rtos_create_thread(&tcp_thread_uart, TCP_SERVER_THREAD_PRIORITY, "Demo tcp server", tcp_server_thread_uart, TCP_SERVER_STACK_SIZE, &tcp_server_handle);

          to send data from to Clients to Server. You will see in function void tcp_client_two_thread(char *datatransmit, tcp_server_handle_t* server)

          Please help me to fix this two errors.

          • 2. Re: TLS error
            garyhan

            Anyone can help?

            Really appreciate..

            Thanks.

            • 3. Re: TLS error
              vikr

              Hi Gary,

               

              Trying to reproduce your issue. Request you some time.

               

              -vik86

              • 4. Re: TLS error
                garyhan

                Hi Vik,

                 

                Thanks for your reply.

                I'm looking forward to your updates.

                • 5. Re: TLS error
                  vikr

                  Hi Gary,

                   

                  Request for few more days, sorry for the delay. Have this in reproduction list.

                   

                  thnx

                  vik86

                  • 6. Re: TLS error
                    garyhan

                    Hi Vik,

                    Any updates?

                    • 7. Re: TLS error
                      vikr

                      bassem_dawood is helping us debug this. Should have an update soon.

                       

                      thnx

                      vik86

                      • 8. Re: TLS error
                        seyhan

                        Hi Gary,

                         

                        Please thy the attached files for TLS supported web server.

                         

                        Thanks,

                        Seyhan