Topic: WolfMQTT PIC32

Two years ago I started testing WolfMQTT with PIC32 and you helped me solve the problem I was having connecting to a broker. The project was delayed and has now started up again.
I am using the wolfmqtt_demo example to communicate with different brokers using PIC32MZ. Without TLS it works fine but adding TLS 1.3 only works with the test.mosquitto.org broker.
The next step is to use it with an Amazon broker (AWS) that we use to communicate, I have the certificates and the private key in PEM format but it does not communicate successfully:

MQTT pub/sub demo has been started
>MQTT Task - Client Start: QoS 0, broker a3oellqp4u1niz-ats.iot.us-east-2.amazonaws.com
MQTT Task - run message: WMQTT_NETGlue_Initialize, res: 0
MQTT Task - run message: MqttClient_Init, res: 0
MQTT Task - run message: MqttClient_SetDisconnectCallback, res: 0
WMQTT_NET_GLUE Info: Started Connect
WMQTT_NET_GLUE Info: Connected Successfully
WMQTT_NET_GLUE Info: Start TLS
WMQTT_NET_GLUE Error: TLS Negotiation, occurred in func: WMQTT_NETGlue_Connect, line: 328,
MQTT Task - run message: MqttClient_NetConnect, res: -6
MQTT Task - MQTT cycle Failed in state: 6, error code: -6!

I don't know if I'm using correctly the certificates and the key in the project (I modify them in the erts_test.h file, I converted them to DER format). Would you know how to help me with this issue? Microchip support has not responded to me.

Share

Re: WolfMQTT PIC32

Hello Juan,

Thanks for reaching out. Great to hear that you are back to using wolfMQTT.

Could you enable DEBUG_WOLFSSL in the configuration and add a line to the application to call to wolfSSL_Debugging_ON(). This will enable debug logging for wolfSSL.

Thanks,
Eric @ wolfSSL Support

Re: WolfMQTT PIC32

Thanks for response, tomorrow I will test

Share

Re: WolfMQTT PIC32

embhorn wrote:

Hello Juan,

Thanks for reaching out. Great to hear that you are back to using wolfMQTT.

Could you enable DEBUG_WOLFSSL in the configuration and add a line to the application to call to wolfSSL_Debugging_ON(). This will enable debug logging for wolfSSL.

Thanks,
Eric @ wolfSSL Support

Hi, Eric.

I already enabled DEBUG_WOLFSSL and added wolfSSL_Debugging_ON() (it is already added in the mqtt_socket() file when enabling DEBUG_WOLFSSL) but I don't see it showing me messages, where should they be seen?

Also, in the directory \wolfMQTT\examples\aws there is an example for the communication I need but I don't know how to include it in my project or how to do it in Harmony v3, is there a guide on how to build the project?

Share

Re: WolfMQTT PIC32

Yeah, I am going back and trying to enable debug logging in my MCH project, and it is not trivial!

For using the AWS example, it is somewhat complicated by the `NET_GLUE` layer that MCH added. But you should be able to figure out which parts are different by reviewing the example:
https://github.com/wolfSSL/wolfMQTT/blo … s/awsiot.c

You should pay attention to the `mqtt_aws_tls_cb` and the `mqtt_aws_tls_verify_cb`. Also note that the topic must include the AWS device name (see `AWSIOT_PUBLISH_TOPIC` in the example).

Re: WolfMQTT PIC32

Okay, I've enabled debug by using a custom logging function:

In Harmony3\net_apps_pic32mz\apps\wolfmqtt_demo\firmware\src\config\pic32mz_ef_sk\net_pres\pres\net_pres_enc_glue.c

Add the debug header:

#include "system/debug/sys_debug.h"

Add just before NET_PRES_EncProviderStreamClientInit0

void NET_PRES_LogFunc(const int logLevel, const char *const logMessage)
{
    /* Skip WANT_READ and WANT_WRITE errors */
    if ((strstr("-323", logMessage) == NULL) && 
        (strstr("-327", logMessage) == NULL))
        SYS_CONSOLE_PRINT("%s\r\n", logMessage);
}

Then in NET_PRES_EncProviderStreamClientInit0, add the section #ifdef DEBUG_WOLFSSL

bool NET_PRES_EncProviderStreamClientInit0(NET_PRES_TransportObject * transObject)
{
    const uint8_t * caCertsPtr;
    int32_t caCertsLen;
    if (!NET_PRES_CertStoreGetCACerts(&caCertsPtr, &caCertsLen, 0))
    {
        return false;
    }
    if (_net_pres_wolfsslUsers == 0)
    {
    #ifdef DEBUG_WOLFSSL
        wolfSSL_SetLoggingCb(NET_PRES_LogFunc);
        wolfSSL_Debugging_ON();
    #endif
        wolfSSL_Init();
        _net_pres_wolfsslUsers++;
    }

Lastly, add "#define DEBUG_WOLFSSL" to configuration.h

Re: WolfMQTT PIC32

Its not perfect (maybe the debug log buffer gets overrun), but here is a sample of using the demo to connect to a local mosquitto broker with TLS enabled:

TCP/IP Stack: Initialization Started
TCP/IP Stack: Initialization Ended - success
    Interface PIC32INT on host MCHPBOARD_E     - NBNS disabled
Created the mqtt Commands
PIC32INT IP Address: 0.0.0.0
PIC32INT IP Address: 192.168.86.38
mqtt start
MQTT pub/sub demo has been started
>MQTT Task - Client Start: QoS 0, broker 192.168.86.43
MQTT Task - run message: WMQTT_NETGlue_Initialize, res: 0
MQTT Task - run message: MqttClient_Init, res: 0
MQTT Task - run message: MqttClient_SetDisconnectCallback, res: 0
WMQTT_NET_GLUE Info: Started Connect
WMQTT_NET_GLUE Info: Connected Successfully
WMQTT_NET_GLUE Info: Start TLS
wolfSSL Entering wolfSSL_Init
wolfSSL Entering wolfCrypt_Init
wolfSSL Entering SSLv23_client_method_ex
wolfSSL Entering wolfSSL_CTX_new_ex
wolfSSL Entering wolfSSL_CertManagerNew
wolfSSL Leaving WOLFSSL_CTX_new, return 0
wolfSSL Entering wolfSSL_CTX_load_verify_buffer_ex
Adding a CA
wolfSSL Entering GetExplicitVersion
wolfSSL Entering GetSerialNumber
Got Cert Header
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Algo ID
Getting Cert Name
Getting Cert Name
Got Subject Name
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Key
Parsed Past Key
wolfSSL Entering DecodeCertExtensions
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeSubjKeyId
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeAuthKeyId
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeBasicCaConstraint
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeAltNames
        Unsupported name type, skipping
wolfSSL Enter   FreeingwolfSSL SignaturwolfSSL wolfSSL ShrinkinreceivedprocessiwolfSSL wolfSSL wolfSSL wolfSSL Leaving RsaVerify, return 51
wolfSSL Leaving DoServerKeyExchange, return 0
Shrinking input buffer

wolfSSL Leaving DoHandShakeMsgType(), return 0
wolfSSL Leaving DoHandShakwolfSSL Leaving EccMakeKey, return 0
wolfSSL Entering EccSharedSecret
wolfSSL Leaving EccSharedSecret, return 0
growing output buffer

Shrinking output buffer

wolfSSL Leaving SendClientKeyExchange, return 0
sent: client key exchange
connect state: FIRST_REPLY_SECOND
connect state: FIRST_REPLY_THIRD
growing output buffer

Shrinking output buffer

sent: change cipher spec
connect state: FIRST_REPLY_FOURTH
wolfSSL Entering SendFinished
growing output buffer

wolfSSL Entering BuildMessage
wolfSSL Leaving BuildMessage, return 0
Shrinking output buffer

wolfSSL Leaving SendFinished, return 0
sent: finished
connect state: FINISHED_DONE
wolfSSL error occurred, error = -323
wolfSSL Entering SSL_get_error
wolfSSL Leaving SSL_get_error, return -323
wolfSSL Entering SSL_connect()
wolfSSL error occurred, error = -323
wolfSSL Entering SSL_get_error
wolfSSL Leaving SSL_get_error, return -323
wolfSSL Entering SSL_connect()
wolfSSL error occurred, error = -323
wolfSSL Entering SSL_get_error
wolfSSL Leaving SSL_get_error, return -323
wolfSSL Entering SSL_connect()
wolfSSL error occurred, error = -323
wolfSSL Entering SSL_get_error
wolfSSL Leaving SSL_get_error, return -323
wolfSSL Entering SSL_connect()
wolfSSL error occurred, error = -323
wolfSSL Entering SSL_get_error
wolfSSL Leaving SSL_get_error, return -323
wolfSSL Entering SSL_connect()
wolwolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL receivedwolfSSL wolfSSL wolfSSL wolfSSL wolfSSL MQTT TaswolfSSL wolfSSL wolfSSL wolfSSL MQTT Tas

Re: WolfMQTT PIC32

Thanks, Eric. I will test it.

Share

Re: WolfMQTT PIC32

Hi, Eric. I got this:


TCP/IP Stack: Initialization Started
TCP/IP Stack: Initialization Ended - success
    Interface PIC32INT on host MCHPBOARD_E     - NBNS disabled
Created the mqtt Commands
PIC32INT IP Address: 0.0.0.0
PIC32INT IP Address: 172.16.1.124
mqtt start
MQTT pub/sub demo has been started
>MQTT Task - Client Start: QoS 0, broker a3oellqp4u1niz-ats.iot.us-east-2.amazonaws.com
MQTT Task - run message: WMQTT_NETGlue_Initialize, res: 0
MQTT Task - run message: MqttClient_Init, res: 0
MQTT Task - run message: MqttClient_SetDisconnectCallback, res: 0
WMQTT_NET_GLUE Info: Started Connect
WMQTT_NET_GLUE Info: Connected Successfully
WMQTT_NET_GLUE Info: Start TLS
wolfSSL Entering wolfSSL_Init
wolfSSL Entering wolfCrypt_Init
wolfSSL Entering SSLv23_client_method_ex
wolfSSL Entering wolfSSL_CTX_new_ex
wolfSSL Entering wolfSSL_CertManagerNew
wolfSSL Leaving WOLFSSL_CTX_new, return 0
wolfSSL Entering wolfSSL_CTX_set_verify
wolfSSL Entering wolfSSL_CTX_load_verify_buffer_ex
wolfSSL Leaving wolfSSL_CTX_load_verify_buffer_ex, return -140
wolfSSL Entering SSL_CTX_free
CTX ref count down to 0, doing full free
wolfSSL Entering wolfSSL_CertManagerFree
wolfSSL Leaving SSL_CTX_free, return 0
WMQTT_NET_GLUE Error: TLS Negotiation, occurred in func: WMQTT_NETGlue_Connect, line: 328,
MQTT Task - run message: MqttClient_NetConnect, res: -6
wolfSSL Entering SSL_free
wolfSSL Leaving SSL_free, return 0
MQTT Task - MQTT cycle Failed in state: 6, error code: -6!


Comparing results, the problem starts at wolfSSL Leaving wolfSSL_CTX_load_verify_buffer_ex, return -140. I have the CA file, the client's certificate and the client's private key.
With a MQTT client it connects to the Amazon broker. I add the values from the files to certs_test.h doing the conversion to DER format and got the above results.
I must be doing something wrong, could it be the conversion or misplacing the values in certs_test.h? Or do I need any additional information? I will keeping testing.


Thanks for your attention.

Share

Re: WolfMQTT PIC32

Hi Juan,

"-140" corresponds to a ASN_PARSE_E error. So yes, probably something is wrong in the cert buffer you are passing in.

Here is a perl script we use that coverts DER to a C array:
https://github.com/wolfSSL/wolfssl/blob … /dertoc.pl

You could also try getting the wolfMQTT AWS example to work first, then try modifying for your specific project:
https://github.com/wolfSSL/wolfMQTT/blo … s/awsiot.c

The example uses PEM certs / keys in buffers.

Thanks,

11 (edited by juan.arboleda 2022-08-23 15:02:28)

Re: WolfMQTT PIC32

Hi Eric.
I had to do other things and stopped the project, but I'm picking it up now. Using part of the example in awsiot.c I changed APP_MQTT_TLSHandler to mqtt_aws_tls_cb but it doesn't seem to call this function.
I use the certificates for my connection as in the example but it doesn't work.

mqtt start
MQTT pub/sub demo has been started
>MQTT Task - Client Start: QoS 0, broker a2dujmi05ideo2.iot.us-west-2.amazonaws.com
MQTT Task - run message: WMQTT_NETGlue_Initialize, res: 0
MQTT Task - run message: MqttClient_Init, res: 0
MQTT Task - run message: MqttClient_SetDisconnectCallback, res: 0
WMQTT_NET_GLUE Info: Started Connect
WMQTT_NET_GLUE Info: Connected Successfully
WMQTT_NET_GLUE Info: Start TLS
WMQTT_NET_GLUE Error: Skt Reset, occurred in func: WMQTT_NETGlue_Connect, line: 319,
MQTT Task - run message: MqttClient_NetConnect, res: -8
MQTT Task - MQTT cycle Failed in state: 6, error code: -8!

Thanks for your attention.

Share

Re: WolfMQTT PIC32

Hi, Eric.

If I use the example certificates and the broker I get:

mqtt start
MQTT pub/sub demo has been started
>MQTT Task - Client Start: QoS 0, broker a2dujmi05ideo2.iot.us-west-2.amazonaws.com
MQTT Task - run message: WMQTT_NETGlue_Initialize, res: 0
MQTT Task - run message: MqttClient_Init, res: 0
MQTT Task - run message: MqttClient_SetDisconnectCallback, res: 0
WMQTT_NET_GLUE Info: Started Connect
WMQTT_NET_GLUE Info: Connected Successfully
WMQTT_NET_GLUE Info: Start TLS
wolfSSL Entering wolfSSL_Init
wolfSSL Entering wolfCrypt_Init
wolfSSL Entering SSLv23_client_method_ex
wolfSSL Entering wolfSSL_CTX_new_ex
wolfSSL Entering wolfSSL_CertManagerNew
wolfSSL Leaving WOLFSSL_CTX_new, return 0
wolfSSL Entering wolfSSL_CTX_set_verify
wolfSSL Entering wolfSSL_CTX_load_verify_buffer_ex
Adding a CA
wolfSSL Entering GetExplicitVersion
wolfSSL Entering GetSerialNumber
Got Cert Header
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Algo ID
Getting Cert Name
Getting Cert Name
Got Subject Name
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
Got Key
Parsed Past Key
wolfSSL Entering DecodeCertExtensions
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeSubjKeyId
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeAuthKeyId
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeBasicCaConstraint
wolfSSL Entering GetObjectId()
wolfSSL Entering DecodeAltNames
        Unsupported name type, skipping
wolfSSL Entering GetObjectId()
DecodeExtKeyUsage
wolfSSL Entering GetObjectId()
wolfSSL Entering GetObjectId()
wolfSSL Entering GetAlgoId
wolfSSL Entering GetObjectId()
        Parsed new CA
        Freeing Parsed CA
        Freeing der CA
                OK FreeinwolfSSL wolfSSL growing output buffer

Key Share extension to write
Supported Versions extension to write
Signature Algorithms extension to write
Point Formats extension to write
Supported Groups extension to write
Shrinking output buffer

wolfSSL Leaving SendTls13ClientHello, return 0
connect state: CLIENT_HELLO_SENT
wolfSSL error occurred, error = -323
wolfSSL Entering SSL_get_error
wolfSSL Leaving SSL_get_error, return -323
wolfSSL Entering SSL_connect()
wolfSSL error occurred, error = -323
wolfSSL Entering SSL_get_error
wolfSSL Leaving SSL_get_error, return -323
wolfSSL Entering SSL_connect()
wolfSSL error occurred, error = -323
wolfSSL Entering SSL_get_error
wolfSSL Leaving SSL_get_error, return -323
wolfSSL Entering SSL_connect()
wolfSSL error occurred, error = -323
wolfSSL Entering SSL_get_error
wolfSSL Leaving SSL_get_error, return -323
wolfSSL Entering SSL_connect()
wolfSSL error occurred, error = -323
wolfSSL Entering SSL_get_error
wolfSSL Leaving SSL_get_error, return -323
wolfSSL Entering SSL_connect()
wolfSSL error occurred, error = -323
wolfSSL Entering SSL_get_error
wolfSSL Leaving SSL_get_error, return -323
wolfSSL Entering SSL_connect()
wolfSSL error occurred, error = -323
wolfSwolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL processing certificate
wolfSSL Entering DoCertiwolfSSL wolfSSL wolfSSL processiwolfSSL wolfSSL Leaving RsaVerify, return 51
wolfSSL Leaving DoServerKeyExchange, return 0
Shrinking input buffer

wolfSSL Leaving DoHandShakeMsgType(), return 0
wolfSSL Leaving DoHandShakShrinkinwolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL wolfSSL receivedwolfSSL Leaving EccMakeKey, return 0
wolfSSL Entering EccSharedSecret
wolfSSL Entering wc_ecc_shared_secret_gen_sync
wolfSSL Leaving wc_ecc_shared_secret_gen_sync, return 0
wolfSSL Leaving wc_ecc_shared_secret_ex, return 0
wolfSSL Leaving EccSharedSecret, return 0
growing output buffer

Shrinking output buffer

wolfSSL Leaving SendClientKeyExchange, return 0
sent: client key exchange
connect state: FIRST_REPLY_SECOND
wolfSSL Entering SendCertificateVerify
sent: certificate verify
connect state: FIRST_REPLY_THIRD
growing output buffer

Shrinking output buffer

sent: change cipher spec
connect state: FIRST_REPLY_FOURTH
wolfSSL Entering SendFinished
growing output buffer

wolfSSL Entering BuildMessage
wolfSSL Leaving BuildMessage, return 0
Shrinking output buffer

wolfSSL Leaving SendFinished, return 0
sent: finished
connect state: FINISHED_DONE
wolfSSL error occurred, error = -323
wolfSSL Entering SSL_get_error
wolfSSL Leaving SSL_get_error, return -323
wolfSSL Entering SSL_connect()
wolfSSL error occurred, error = -323
wolfSSL Entering SSL_get_error
wolfSSL Leaving SSL_get_error, return -323
wolfSSL Entering SSL_connect()
wolfSSL error occurred, error = -323
wolfSSL Entering SSL_get_error
wolfSSL Leaving SSL_get_error, return -323
WMQTT_NET_GLUE Error: Skt Reset, occurred in func: WMQTT_NETGlue_Connect, line: 319,
MQTT Task - run message: MqttClient_NetConnect, res: -8
wolfSSL EwolfSSL

Share

Re: WolfMQTT PIC32

Here is a pcap of the wolfMQTT example awsiot running from linux. From your log, it seems there is a problem with the cipher change after the handshake. Can you please share the wolfSSL settings from configuration.h?

14 (edited by juan.arboleda 2022-08-24 10:16:42)

Re: WolfMQTT PIC32

/*** wolfMQTT configuration ***/
#define WOLFMQTT_NONBLOCK
#define WOLFMQTT_USER_SETTINGS
// #define WOLFMQTT_NO_TIMEOUT
// #define WOLFMQTT_NO_STDIN_CAP

#define WOLFMQTT_DISCONNECT_CB
#define WOLFMQTT_NO_ERROR_STRINGS
#define WOLFMQTT_NO_STDIO

#define ENABLE_MQTT_TLS
    
#define DEBUG_WOLFSSL    

/*** wolMQTT Net Glue configuration ***/
#define WMQTT_NET_GLUE_FORCE_TLS            true
#define WMQTT_NET_GLUE_IPV6                    false
#define WMQTT_NET_GLUE_MAX_BROKER_NAME        70
#define WMQTT_NET_GLUE_DEBUG_ENABLE            true
#define WMQTT_NET_GLUE_ERROR_STRINGS        true
#define WMQTT_NET_GLUE_MALLOC                malloc
#define WMQTT_NET_GLUE_FREE                    free
#define WMQTT_NET_SKT_TX_BUFF                2048
#define WMQTT_NET_SKT_RX_BUFF                2048
/******************************************************************************/
/*wolfSSL TLS Layer Configuration*/
/******************************************************************************/

#define WOLFSSL_ALT_NAMES
#define WOLFSSL_DER_LOAD
#define KEEP_OUR_CERT
#define KEEP_PEER_CERT
#define HAVE_CRL_IO
#define HAVE_IO_TIMEOUT
#define TFM_NO_ASM
#define WOLFSSL_NO_ASM
#define SIZEOF_LONG_LONG 8
#define WOLFSSL_USER_IO
#define NO_WRITEV
#define MICROCHIP_TCPIP
#define HAVE_FFDHE_2048
#define HAVE_FFDHE_3072
#define HAVE_FFDHE_4096
#define NO_PWDBASED
#define HAVE_TLS_EXTENSIONS
#define WOLFSSL_TLS13
#define HAVE_SUPPORTED_CURVES
#define NO_ERROR_STRINGS
#define NO_OLD_TLS
/*** wolfCrypt Library Configuration ***/
#define MICROCHIP_PIC32
#define MICROCHIP_MPLAB_HARMONY
#define MICROCHIP_MPLAB_HARMONY_3
#define HAVE_MCAPI
#define SIZEOF_LONG_LONG 8
#define WOLFSSL_USER_IO
#define NO_WRITEV
#define NO_FILESYSTEM
#define USE_FAST_MATH
#define NO_PWDBASED
#define HAVE_MCAPI
#define WOLF_CRYPTO_CB  // provide call-back support
#if (__XC32_VERSION > 100000000)
#define WOLFSSL_HAVE_MIN
#define WOLFSSL_HAVE_MAX
#endif
// ---------- FUNCTIONAL CONFIGURATION START ----------
#define WOLFSSL_AES_SMALL_TABLES
#define NO_MD4
#define WOLFSSL_SHA224
#define WOLFSSL_SHA384
#define WOLFSSL_SHA512
#define HAVE_SHA512
#define HAVE_HKDF
#define WOLFSSL_AES_128
#define WOLFSSL_AES_192
#define WOLFSSL_AES_256
#define WOLFSSL_AES_DIRECT
#define HAVE_AES_DECRYPT
#define HAVE_AES_ECB
#define HAVE_AES_CBC
#define WOLFSSL_AES_COUNTER
#define WOLFSSL_AES_OFB
#define HAVE_AESGCM
#define HAVE_AESCCM
#define NO_RC4
#define NO_HC128
#define NO_RABBIT
#define HAVE_ECC
#define HAVE_DH
#define NO_DSA
#define FP_MAX_BITS 8192
#define USE_CERT_BUFFERS_2048
#define WC_RSA_PSS
#define NO_DEV_RANDOM
#define HAVE_HASHDRBG
#define WC_NO_HARDEN
#define SINGLE_THREADED
#define NO_ERROR_STRINGS
#define NO_WOLFSSL_MEMORY
// ---------- FUNCTIONAL CONFIGURATION END ----------

/* MPLAB Harmony Net Presentation Layer Definitions*/
#define NET_PRES_NUM_INSTANCE 1
#define NET_PRES_NUM_SOCKETS 10

Share

Re: WolfMQTT PIC32

Here is the pcap I mentioned earlier. Can you please provide the packet capture from the failed connection?

Post's attachments

wolfMQTT-aws.pcapng 10.46 kb, 2 downloads since 2022-08-24 

You don't have the permssions to download the attachments of this post.

Re: WolfMQTT PIC32

I have a problem with Wireshark, apparently the network I'm on is not promiscuous and I can't see the traffic on the PIC32MZ_EF_SK board, I'll check if I can solve it

Share

Re: WolfMQTT PIC32

Hi, Eric.

I'm having trouble sending you the capture, can I send you the project so you can test it? i'm running it on a pic32MZ_ef_sk board

Thanks for attention.

Share

Re: WolfMQTT PIC32

Hi Juan,

I'd suggest sending an email to support@wolfssl.com where we can better prioritize getting you some assistance.

Re: WolfMQTT PIC32

Hi, Eric.
Ok, thank you so much.

Share