Forums - SSL cannot work

4 posts / 0 new
Last post
SSL cannot work
544038381
Join Date: 13 Sep 15
Posts: 16
Posted: Mon, 2019-06-24 06:10

Dear Qualcomm, 

I have a question,  i use a "SharkSSLParseCAList.exe" parse a rootca file to the bin file, but i use the bin file the wifi module can not connect successfully. I use these apis to complete the processing:  Using qca_ssl_socket() to creat a ssl socket, then using qca_ssl_client_start((unsigned char *)calist_cert__, sizeof(calist_cert__)); to lead to the cert file, next using qca_ssl_connect(&fd, ip_addr, 443); to connect the server. But the final step shows connect failed. ip_addr is 120.25.70.225, My cert file is:

-----BEGIN CERTIFICATE-----

MIIFazCCA1OgAwIBAgIRAIIQz7DSQONZRGPgu2OCiwAwDQYJKoZIhvcNAQELBQAw
TzELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIEludGVybmV0IFNlY3VyaXR5IFJlc2Vh
cmNoIEdyb3VwMRUwEwYDVQQDEwxJU1JHIFJvb3QgWDEwHhcNMTUwNjA0MTEwNDM4
WhcNMzUwNjA0MTEwNDM4WjBPMQswCQYDVQQGEwJVUzEpMCcGA1UEChMgSW50ZXJu
ZXQgU2VjdXJpdHkgUmVzZWFyY2ggR3JvdXAxFTATBgNVBAMTDElTUkcgUm9vdCBY
MTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBAK3oJHP0FDfzm54rVygc
h77ct984kIxuPOZXoHj3dcKi/vVqbvYATyjb3miGbESTtrFj/RQSa78f0uoxmyF+
0TM8ukj13Xnfs7j/EvEhmkvBioZxaUpmZmyPfjxwv60pIgbz5MDmgK7iS4+3mX6U
A5/TR5d8mUgjU+g4rk8Kb4Mu0UlXjIB0ttov0DiNewNwIRt18jA8+o+u3dpjq+sW
T8KOEUt+zwvo/7V3LvSye0rgTBIlDHCNAymg4VMk7BPZ7hm/ELNKjD+Jo2FR3qyH
B5T0Y3HsLuJvW5iB4YlcNHlsdu87kGJ55tukmi8mxdAQ4Q7e2RCOFvu396j3x+UC
B5iPNgiV5+I3lg02dZ77DnKxHZu8A/lJBdiB3QW0KtZB6awBdpUKD9jf1b0SHzUv
KBds0pjBqAlkd25HN7rOrFleaJ1/ctaJxQZBKT5ZPt0m9STJEadao0xAH0ahmbWn
OlFuhjuefXKnEgV4We0+UXgVCwOPjdAvBbI+e0ocS3MFEvzG6uBQE3xDk3SzynTn
jh8BCNAw1FtxNrQHusEwMFxIt4I7mKZ9YIqioymCzLq9gwQbooMDQaHWBfEbwrbw
qHyGO0aoSCqI3Haadr8faqU9GY/rOPNk3sgrDQoo//fb4hVC1CLQJ13hef4Y53CI
rU7m2Ys6xt0nUW7/vGT1M0NPAgMBAAGjQjBAMA4GA1UdDwEB/wQEAwIBBjAPBgNV
HRMBAf8EBTADAQH/MB0GA1UdDgQWBBR5tFnme7bl5AFzgAiIyBpY9umbbjANBgkq
hkiG9w0BAQsFAAOCAgEAVR9YqbyyqFDQDLHYGmkgJykIrGF1XIpu+ILlaS/V9lZL
ubhzEFnTIZd+50xx+7LSYK05qAvqFyFWhfFQDlnrzuBZ6brJFe+GnY+EgPbk6ZGQ
3BebYhtF8GaV0nxvwuo77x/Py9auJ/GpsMiu/X1+mvoiBOv/2X/qkSsisRcOj/KK
NFtY2PwByVS5uCbMiogziUwthDyC3+6WVwW6LLv3xLfHTjuCvjHIInNzktHCgKQ5
ORAzI4JMPJ+GslWYHb4phowim57iaztXOoJwTdwJx4nLCgdNbOhdjsnvzqvHu7Ur
TkXWStAmzOVyyghqpZXjFaH3pO3JLF+l+/+sKAIuvtd7u+Nxe5AW0wdeRlN8NwdC
jNPElpzVmbUq4JUagEiuTDkHzsxHpFKVK7q4+63SM1N95R1NbdWhscdCb+ZAJzVc
oyi3B43njTOQ5yOf+1CceWxG1bQVs5ZufpsMljq4Ui0/1lvh+wjChP4kqKOJ2qxq
4RgqsahDYVvTH9w7jXbyLeiNdd8XM2w9U/t7y0Ff/9yi0GE44Za4rF2LN9d11TPA
mRGunUHBcnWEvgJBQl9nJEiU0Zsnvgc/ubhPgXRR4Xq37Z0j4r7g1SgEEzwxA57d
emyPxgcYxn/eR44/KJ4EBs+lVDR3veyJm+kXQ99b21/+jh5Xos1AnX5iItreGCc=
-----END CERTIFICATE-----
 
I hope to get your help ASA.
 

Can someone help me out here ? 

Regards,

 

  • Up0
  • Down0
jbhanu Moderator
Join Date: 6 Feb 17
Posts: 80
Posted: Tue, 2019-06-25 07:11

Hi , 

Can you please let me know the sequence of calling qcom API  & if possible , please shared your fake/demo code to check .

 

  • Up0
  • Down0
544038381
Join Date: 13 Sep 15
Posts: 16
Posted: Wed, 2019-06-26 07:44
Dear jbhanu
 
Thank you for your reply.
The sources codes as follow:
 
#include "qcom_common.h"
#include "qcom/socket.h"
#include "qcom/select_api.h"
#include "qcom/socket_api.h"
#include "qca_ssl_client.h"
#include "app_type.h"
 
/* Private define ------------------------------------------------------------*/
 
/* Private typedef -----------------------------------------------------------*/
/* Private variables ---------------------------------------------------------*/
 
#define QCADEBUG
 
/* Private functions ---------------------------------------------------------*/
 
/**
* @fn void Parse_DNS(unsigned int arg)
* @brief 
* @param arg 
* @return 
*/
static char SERVERIP[]="8.8.8.8";//"114.114.114.114";
int parse_DNS(A_UINT32 *ip_dns, A_CHAR *name)
{
A_UINT8  retVal = 0;
A_STATUS  status = A_ERROR;
A_UINT32  ip_addr = 0;
A_UINT8  dnsSerIp[16]={0};
 
memset(dnsSerIp, 0, 16);
if (0 != (ip_addr = _inet_addr(SERVERIP))){
memcpy(dnsSerIp, (char*)&ip_addr, 4);
}
qcom_dnsc_enable(1);
 
qcom_dnsc_add_server_address(dnsSerIp, AF_INET);
qcom_thread_msleep(100);
 
status = qcom_dnsc_get_host_by_name((char *)name, ip_dns);
if (status == A_OK) {
retVal = 1;
}
qcom_dnsc_enable(0);
 
extern void dnc_clear(void); 
dnc_clear();
 
return retVal;
}
 
/**
* @fn void socket_run(void)
* @brief 
* @param arg 
* @return 
*/
int socket_fd = -1;
unsigned char resocket_num = 0;
void socket_run(void)
{
A_INT32 retVal = -1;
struct sockaddr_in remoteAddr;
A_CHAR domain_name[50]= {0};
A_UINT32 ip_addr = 0;
char data_server_name[50] = {0};
unsigned char len = 0;
#ifdef QCADEBUG
unsigned char tmp[50]={0};
#endif
 
/* Creat Socket */
if(socket_fd > 0){
qca_ssl_close(socket_fd);
socket_fd = -1;
socket_fd = qca_ssl_socket();//qcom_socket(PF_INET, SOCK_STREAM, 0);
qcom_thread_msleep(5);
if (socket_fd < 0){//printf("open tcp client socket error.\r\n");
// Send_WIFI_Status(SOCKET_CONNECT_FAILE);
return;
}
/*domain */
memset(data_server_name, 0, sizeof(data_server_name));
 
len = sprintf(data_server_name, "connect.xingcon.com"); 
memset(domain_name, 0, sizeof(domain_name));
memcpy(domain_name, data_server_name, strlen(data_server_name));
 
if(parse_DNS(&ip_addr, (A_CHAR *)domain_name) > 0){
if(ip_addr > 0 && ip_addr < 0xC0000000){ 
#ifdef QCADEBUG
memset(tmp, 0, sizeof(tmp));
len = sprintf((char *)tmp,"domain: %08x\n",ip_addr);
USART_Send(gOtherData.uart_fd, (char *)tmp, len);
#endif
}else{ 
ip_addr = 0x781946E1;
}
resocket_num = 0;
}else{
#ifdef QCADEBUG
memset(tmp, 0, sizeof(tmp));
len = sprintf((char *)tmp,"domain failed\n");
USART_Send(gOtherData.uart_fd, (char *)tmp, len);
#endif
resocket_num++;
if(resocket_num > 2){
resocket_num = 0;
ip_addr = 0x781946E1;
}else{ 
// Send_WIFI_Status(SOCKET_CONNECT_FAILE);
return;
}
}
/* Connect Socket */
memset(&remoteAddr, 0, sizeof (struct sockaddr_in));
remoteAddr.sin_family = AF_INET;
remoteAddr.sin_addr.s_addr = htonl(ip_addr);//htonl(_inet_addr(IP));
remoteAddr.sin_port = htons(port);
 
#ifdef QCADEBUG
memset(tmp, 0, sizeof(tmp));
len = sprintf((char *)tmp,"ip&port: %08x,%d\n",ip_addr,port);
USART_Send(gOtherData.uart_fd, (char *)tmp, len);
#endif 
 
qca_ssl_client_start((unsigned char *)calist_cert__, 2593);
 
retVal = -1;
// retVal = qcom_connect(socket_fd, (struct sockaddr *)&remoteAddr, sizeof(struct sockaddr_in));
retVal = qca_ssl_connect(&socket_fd, ip_addr, 443);//global_param.Server_Port
qcom_thread_msleep(100);
 
if (retVal == A_ERROR)
    {
       USART_Send(gOtherData.uart_fd, (char *)"connect failed\n", 14);
       qca_ssl_close(&socket_fd);
   qca_ssl_client_stop();
   qcom_thread_msleep(2000);
//    continue;
    }else{
    Send_WIFI_Status(SOCKET_CONNECT_OK);
USART_Send(gOtherData.uart_fd, (char *)"connect success\n", 14);
}
}
 
I test these code to get the result that is "connect failed"
 
I hope to get your reply again.
 

Regards,

 
 

 

  • Up0
  • Down0
544038381
Join Date: 13 Sep 15
Posts: 16
Posted: Wed, 2019-06-26 07:48
Dear jbhanu
 
Thank you for your reply again.
 
I give the souces code above reply message.
 
I use the SDK message: 
QCA4004.TX.1.4 CS 0.0.006.1.113370.1.133872.1 OEM 5D002.C.1 149708
 
Build Components:
 
Image Build/Label Distro Path Format
CNSS.KF.3.6 CNSS.KF.3.6-00006-KF112-1.113370.1.133872.1 target SRC-FW
CNSS.KF.3.6 CNSS.KF.3.6-00006-KF112-1.113370.1.133872.1 target HDR
CNSS.KF.3.6 CNSS.KF.3.6-00006-KF112-1.113370.1.133872.1 target SRC-AJHL
 
Regards
  • Up0
  • Down0
or Register

Opinions expressed in the content posted here are the personal opinions of the original authors, and do not necessarily reflect those of Qualcomm Incorporated or its subsidiaries (“Qualcomm”). The content is provided for informational purposes only and is not meant to be an endorsement or representation by Qualcomm or any other party. This site may also provide links or references to non-Qualcomm sites and resources. Qualcomm makes no representations, warranties, or other commitments whatsoever about any non-Qualcomm sites or third-party resources that may be referenced, accessible from, or linked to this site.