Cypress Enterprise Security Library
Overview

Cypress Enterprise Security library provides the capability for Cypress' best-in-class Wi-Fi enabled PSoC6 devices to connect to enterprise Wi-Fi networks. This library implements a collection of the most commonly used Extensible Authentication Protocols (EAP) that are commonly used in enterprise networks. This library is an embedded variant of the Wi-Fi supplicant (minimal features) that runs on an RTOS and provides the ability to securely join enterprise security networks (802.1x) using various EAP authentication protocols.

Features and Functionality

  • Supports the following EAP security protocols:
    • EAP-TLS
    • PEAPv0 with MSCHAPv2
    • EAP-TTLS with EAP-MSCHAPv2 (Phase 2 tunnel authentication supports only EAP methods)
  • Supports TLS session (session ID based) resumption
  • Supports 'PEAP Fast reconnect' (applicable only for PEAP protocol)
  • Supports roaming across APs in the enterprise network (vanilla roaming)
  • Supports TLS versions 1.0, 1.1, and 1.2

This library provides application developers an easy-to-use, unified interface for quickly enabling enterprise security in their applications. The library provides a single interface to join and leave 802.1x networks using different protocols.

Supported Frameworks

  • AnyCloud Framework: AnyCloud is a FreeRTOS-based solution. Enterprise Security Library uses the abstraction-rtos library that provides the RTOS abstraction API and the wcm library for network functions.
  • Mbed Framework: Mbed framework is an Mbed OS-based solution. Enterprise Security Library uses the abstraction-rtos library that provides RTOS abstraction API, and uses the Mbed socket API for implementing network functions.

Supported Platforms

AnyCloud

Mbed OS

Dependent Libraries

AnyCloud

Mbed OS

RADIUS Servers

This library has been verified with enterprise Wi-Fi networks configured using the following RADIUS server(s):

  • FreeRadius 3.0.15

Quick Start

This library is supported on both AnyCloud and Mbed OS frameworks. The section below provides information on how to build the library in those frameworks.

AnyCloud

A set of pre-defined configuration files have been bundled with the wifi-mw-core library for FreeRTOS, lwIP, and mbed TLS. Review the configuration and make the required adjustments. See the "Quick Start" section in README.md.

  • Make the following changes to the default mbed TLS configurations in mbedtls_user_config.h:
    • Enable the following flags:
      MBEDTLS_DES_C, MBEDTLS_MD4_C, MBEDTLS_MD5_C, MBEDTLS_SHA1_C, MBEDTLS_SSL_PROTO_TLS1, MBEDTLS_SSL_PROTO_TLS1_1, and MBEDTLS_SSL_EXPORT_KEYS
    • Disable the following flags:
      MBEDTLS_POLY1305_C, MBEDTLS_CHACHAPOLY_C, and MBEDTLS_CHACHA20_C
  • Define the following COMPONENTS in the application's Makefile for the Enterprise Security library.
    COMPONENTS=FREERTOS PSOC6HAL MBEDTLS LWIP WCM
  • Enterprise Security library disables all the debug log messages by default. To enable log messages, the application must perform the following:
    • Add ENABLE_ENTERPRISE_SECURITY_LOGS macro to the DEFINES in the application's Makefile. The Makefile entry would look as follows:
      DEFINES+=ENABLE_ENTERPRISE_SECURITY_LOGS
    • Call the cy_log_init() function provided by the cy-log module. cy-log is part of the connectivity-utilities library. See connectivity-utilities library API documentation for cy-log details.
  • By default, the macro MBEDTLS_HAVE_TIME_DATE is undefined in mbedtls_user_config.h. If application wishes to perform time and date validation on the certificate, then define the MBEDTLS_HAVE_TIME_DATE flag in mbedtls_user_config.h.

Mbed OS

  • Add the .lib file(s) for dependent libraries.
    • Create a folder named deps.
    • Create a file with name mbed-os.lib and add the following line to this file:
      https://github.com/ARMmbed/mbed-os/#a2ada74770f043aff3e61e29d164a8e78274fcd4
    • Create a file with name connectivity-utilities.lib and add the following line to this file:
      https://github.com/cypresssemiconductorco/connectivity-utilities/#<commit-SHA-for-latest-release-v3.X>
    • Replace <commit-SHA-for-latest-release-v3.X> in the above line with commit SHA of 'latest-v3.X' tag available in the GitHub repository.
      • Example: For tag release-v3.0.1
        https://github.com/cypresssemiconductorco/connectivity-utilities/#68bd1bc9883a0ab424eb6daf1e726f0aba2c54a6
  • Add MBED and MBEDTLS to the components_add section in the application's JSON file. The JSON file entry would look as follows:
    "target.components_add": ["MBED", "MBEDTLS"]
  • Enterprise Security library disables all the debug log messages by default. To enable log messages, the application must perform the following:
    • Add ENABLE_ENTERPRISE_SECURITY_LOGS macro to the macros section in the application's JSON file. The JSON file entry would look as follows:
      "macros": ["ENABLE_ENTERPRISE_SECURITY_LOGS"]
    • Call the cy_log_init() function provided by the cy-log module. cy-log is part of the connectivity-utilities library. See connectivity-utilities library API documentation for cy-log details.
  • Add an mbed TLS user config file (for e.g. mbedtls_user_config.h) with the following changes to the default mbed TLS configuration:
    • Enable the following flags:
      MBEDTLS_DES_C, MBEDTLS_MD4_C, MBEDTLS_MD5_C, `MBEDTLS_SHA1_C, MBEDTLS_SSL_PROTO_TLS1, MBEDTLS_SSL_PROTO_TLS1_1, and MBEDTLS_TLS_DEFAULT_ALLOW_SHA1_IN_CERTIFICATES
    • Disable the following flags:
      MBEDTLS_POLY1305_C, MBEDTLS_CHACHAPOLY_C, and MBEDTLS_CHACHA20_C
  • If the application wishes to perform time and date validation on the certificate, then enable the MBEDTLS_HAVE_TIME_DATE flag in the mbed TLS user config file created in the step above.
  • Provide the path to the mbed TLS user config file in the application's JSON file. The JSON file entry would look as follows:
    "macros": ["MBEDTLS_USER_CONFIG_FILE=\"mbedtls_user_config.h\""]

Code Snippets

This section provides code snippets for this library on AnyCloud and Mbed OS frameworks. The code snippets given under the AnyCloud section uses C APIs, whereas the snippets given under Mbed OS use C++ Class to demonstrate the library usage. In general, the library features are tested on Mbed OS using C++ Class interface, and tested on AnyCloud using C APIs.

  • AnyCloud - Snippets for HTTP Server create, start, stop, and delete (C implementation).
  • Mbed OS - Snippets for HTTP server create, start, stop, and delete (C++ implementation).

AnyCloud

Code Snippet 1: Enterprise Security Join and Leave (EAP-TLS)

Creates an Enterprise Security instance and performs join and leave using cy_enterprise_security_join and cy_enterprise_security_leave APIs respectively with EAP-TLS.

#include <stdio.h>
#include "cy_enterprise_security.h"
#include "certificate.h"
/******************************************************
* Macros
******************************************************/
#define RADIUS_SERVER_IDENTITY "svtuser"
#define RADIUS_SERVER_PASSWORD "hnd@123"
#define ENTERPRISE_SECURITY_NW_SSID "ENT_SEC_NW_2G"
#define APP_INFO( x ) printf x
/************************************************************
* Global Variables *
************************************************************/
/* Enterprise Security parameters */
/* Enterprise Security instance handle */
cy_rslt_t ent_sec_join_leave_eap_tls()
{
cy_rslt_t result = CY_RSLT_SUCCESS;
/* Set the Enterprise Security parameters. */
ent_parameters.ca_cert = (char*) WIFI_ROOT_CERTIFICATE_STRING; /* Defined in certificate.h */
ent_parameters.client_cert = (char*) WIFI_USER_CERTIFICATE_STRING; /* Defined in certificate.h */
ent_parameters.client_key = (char*) WIFI_USER_PRIVATE_KEY_STRING; /* Defined in certificate.h */
memcpy(ent_parameters.ssid, (char *)ENTERPRISE_SECURITY_NW_SSID, strlen(ENTERPRISE_SECURITY_NW_SSID) + 1);
memcpy(ent_parameters.outer_eap_identity, (char *)RADIUS_SERVER_IDENTITY, strlen(RADIUS_SERVER_IDENTITY) + 1);
/* Create the Enterprise Security instance and get the handle. */
result = cy_enterprise_security_create(&handle, &ent_parameters);
if( result != CY_RSLT_SUCCESS )
{
APP_INFO(("Failed to create Enterprise Security instance with error %u\n", (unsigned int)result));
return CY_RSLT_ERROR;
}
/* Join the enterprise security network. */
result = cy_enterprise_security_join(handle);
if( result == CY_RSLT_SUCCESS )
{
APP_INFO(("Joining an Enterprise Security network is successful.\n"));
}
else
{
APP_INFO(("Joining an Enterprise Security network failed with error %u\n", (unsigned int)result));
goto cleanup;
}
/* Enterprise Security join is successful. Insert other logic here. */
/* Leave the enterprise security network. */
result = cy_enterprise_security_leave(handle);
if( result == CY_RSLT_SUCCESS )
{
APP_INFO(("Leaving an Enterprise Security network is successful.\n"));
}
else
{
APP_INFO(("Leaving an Enterprise Security network failed with error %u\n", (unsigned int)result));
goto cleanup;
}
cleanup:
/* Dispose the Enterprise Security instance. */
if( result != CY_RSLT_SUCCESS )
{
APP_INFO(("Failed to delete Enterprise Security instance with error %u\n", (unsigned int)result));
return CY_RSLT_ERROR;
}
return result;
}

Code Snippet 2: Enterprise Security Join and Leave (PEAP)

Creates an Enterprise Security instance and performs join and leave using cy_enterprise_security_join and cy_enterprise_security_leave APIs respectively with PEAP.

#include <stdio.h>
#include "cy_enterprise_security.h"
#include "certificate.h"
/******************************************************
* Macros
******************************************************/
#define RADIUS_SERVER_IDENTITY "svtuser"
#define RADIUS_SERVER_PASSWORD "hnd@123"
#define ENTERPRISE_SECURITY_NW_SSID "ENT_SEC_NW_2G"
#define APP_INFO( x ) printf x
/************************************************************
* Global Variables *
************************************************************/
/* Enterprise Security parameters */
/* Enterprise Security instance handle */
cy_rslt_t ent_sec_join_leave_peap()
{
cy_rslt_t result = CY_RSLT_SUCCESS;
/* Set the Enterprise Security parameters. */
ent_parameters.ca_cert = (char*) WIFI_ROOT_CERTIFICATE_STRING; /* Defined in certificate.h */
ent_parameters.client_cert = (char*) WIFI_USER_CERTIFICATE_STRING; /* Defined in certificate.h */
ent_parameters.client_key = (char*) WIFI_USER_PRIVATE_KEY_STRING; /* Defined in certificate.h */
memcpy(ent_parameters.ssid, (char *)ENTERPRISE_SECURITY_NW_SSID, strlen(ENTERPRISE_SECURITY_NW_SSID) + 1);
memcpy(ent_parameters.outer_eap_identity, (char *)RADIUS_SERVER_IDENTITY, strlen(RADIUS_SERVER_IDENTITY) + 1);
memcpy(ent_parameters.phase2.inner_identity, (char *)RADIUS_SERVER_IDENTITY, strlen(RADIUS_SERVER_IDENTITY) + 1);
memcpy(ent_parameters.phase2.inner_password, (char *)RADIUS_SERVER_PASSWORD, strlen(RADIUS_SERVER_PASSWORD) + 1);
/* Create the Enterprise Security instance and get the handle. */
result = cy_enterprise_security_create(&handle, &ent_parameters);
if( result != CY_RSLT_SUCCESS )
{
APP_INFO(("Failed to create Enterprise Security instance with error %u\n", (unsigned int)result));
return CY_RSLT_ERROR;
}
/* Join the enterprise security network. */
result = cy_enterprise_security_join(handle);
if( result == CY_RSLT_SUCCESS )
{
APP_INFO(("Joining an Enterprise Security network is successful.\n"));
}
else
{
APP_INFO(("Joining an Enterprise Security network failed with error %u\n", (unsigned int)result));
goto cleanup;
}
/* Enterprise Security join is successful. Insert other logic here. */
/* Leave the enterprise security network. */
result = cy_enterprise_security_leave(handle);
if( result == CY_RSLT_SUCCESS )
{
APP_INFO(("Leaving an Enterprise Security network is successful.\n"));
}
else
{
APP_INFO(("Leaving an Enterprise Security network failed with error %u\n", (unsigned int)result));
goto cleanup;
}
cleanup:
/* Dispose the Enterprise Security instance. */
if( result != CY_RSLT_SUCCESS )
{
APP_INFO(("Failed to delete Enterprise Security instance with error %u\n", (unsigned int)result));
return CY_RSLT_ERROR;
}
return result;
}

Code Snippet 3: Enterprise Security Join and Leave (EAP-TTLS)

Creates an Enterprise Security instance and performs join and leave using cy_enterprise_security_join and cy_enterprise_security_leave APIs respectively with EAP-TTLS.

#include <stdio.h>
#include "cy_enterprise_security.h"
#include "certificate.h"
/******************************************************
* Macros
******************************************************/
#define RADIUS_SERVER_IDENTITY "svtuser"
#define RADIUS_SERVER_PASSWORD "hnd@123"
#define ENTERPRISE_SECURITY_NW_SSID "ENT_SEC_NW_2G"
#define APP_INFO( x ) printf x
/************************************************************
* Global Variables *
************************************************************/
/* Enterprise Security parameters */
/* Enterprise Security instance handle */
cy_rslt_t ent_sec_join_leave_eap_ttls()
{
cy_rslt_t result = CY_RSLT_SUCCESS;
/* Set the Enterprise Security parameters. */
ent_parameters.ca_cert = (char*) WIFI_ROOT_CERTIFICATE_STRING; /* Defined in certificate.h */
ent_parameters.client_cert = (char*) WIFI_USER_CERTIFICATE_STRING; /* Defined in certificate.h */
ent_parameters.client_key = (char*) WIFI_USER_PRIVATE_KEY_STRING; /* Defined in certificate.h */
memcpy(ent_parameters.ssid, (char *)ENTERPRISE_SECURITY_NW_SSID, strlen(ENTERPRISE_SECURITY_NW_SSID) + 1);
memcpy(ent_parameters.outer_eap_identity, (char *)RADIUS_SERVER_IDENTITY, strlen(RADIUS_SERVER_IDENTITY) + 1);
memcpy(ent_parameters.phase2.inner_identity, (char *)RADIUS_SERVER_IDENTITY, strlen(RADIUS_SERVER_IDENTITY) + 1);
memcpy(ent_parameters.phase2.inner_password, (char *)RADIUS_SERVER_PASSWORD, strlen(RADIUS_SERVER_PASSWORD) + 1);
/* Create the Enterprise Security instance and get the handle. */
result = cy_enterprise_security_create(&handle, &ent_parameters);
if( result != CY_RSLT_SUCCESS )
{
APP_INFO(("Failed to create Enterprise Security instance with error %u\n", (unsigned int)result));
return CY_RSLT_ERROR;
}
/* Join the enterprise security network. */
result = cy_enterprise_security_join(handle);
if( result == CY_RSLT_SUCCESS )
{
APP_INFO(("Joining an Enterprise Security network is successful.\n"));
}
else
{
APP_INFO(("Joining an Enterprise Security network failed with error %u\n", (unsigned int)result));
goto cleanup;
}
/* Enterprise Security join is successful. Insert other logic here. */
/* Leave the enterprise security network. */
result = cy_enterprise_security_leave(handle);
if( result == CY_RSLT_SUCCESS )
{
APP_INFO(("Leaving an Enterprise Security network is successful.\n"));
}
else
{
APP_INFO(("Leaving an Enterprise Security network failed with error %u\n", (unsigned int)result));
goto cleanup;
}
cleanup:
/* Dispose the Enterprise Security instance. */
if( result != CY_RSLT_SUCCESS )
{
APP_INFO(("Failed to delete Enterprise Security instance with error %u\n", (unsigned int)result));
return CY_RSLT_ERROR;
}
return result;
}

Mbed OS

Code Snippet 1: Enterprise Security Join and Leave (EAP-TLS)

Creates an EnterpriseSecurity instance and performs join and leave using the class methods with EAP-TLS.

#include <stdio.h>
#include "mbed.h"
#include "cy_enterprise_security.hpp"
#include "certificate.h"
/******************************************************
* Macros
******************************************************/
#define RADIUS_SERVER_IDENTITY "svtuser"
#define RADIUS_SERVER_PASSWORD "hnd@123"
#define ENTERPRISE_SECURITY_NW_SSID "ENT_SEC_NW_2G"
#define APP_INFO( x ) printf x
/************************************************************
* Global Variables *
************************************************************/
/* Enterprise Security parameters */
/* Enterprise Security instance */
static EnterpriseSecurity *ent_sec_obj = NULL;
cy_rslt_t ent_sec_join_leave_eap_tls()
{
cy_rslt_t result = CY_RSLT_SUCCESS;
/* Set the Enterprise Security parameters. */
ent_parameters.ca_cert = (char*) WIFI_ROOT_CERTIFICATE_STRING; /* Defined in certificate.h */
ent_parameters.client_cert = (char*) WIFI_USER_CERTIFICATE_STRING; /* Defined in certificate.h */
ent_parameters.client_key = (char*) WIFI_USER_PRIVATE_KEY_STRING; /* Defined in certificate.h */
memcpy(ent_parameters.ssid, (char *)ENTERPRISE_SECURITY_NW_SSID, strlen(ENTERPRISE_SECURITY_NW_SSID) + 1);
memcpy(ent_parameters.outer_eap_identity, (char *)RADIUS_SERVER_IDENTITY, strlen(RADIUS_SERVER_IDENTITY) + 1);
/* Create the Enterprise Security instance. */
ent_sec_obj = new EnterpriseSecurity(&ent_parameters);
if( ent_sec_obj == NULL )
{
APP_INFO( ( "Failed to allocate memory for EnterpriseSecurity object.\n" ) );
return CY_RSLT_ERROR;
}
/* Join the enterprise security network. */
result = ent_sec_obj->join();
if( result == CY_RSLT_SUCCESS )
{
APP_INFO(("Joining an Enterprise Security network is successful.\n"));
}
else
{
APP_INFO(("Joining an Enterprise Security network failed with error %u\n", (unsigned int)result));
goto cleanup;
}
/* Enterprise Security join is successful. Insert other logic here. */
/* Leave the enterprise security network. */
result = ent_sec_obj->leave();
if( result == CY_RSLT_SUCCESS )
{
APP_INFO(("Leaving an Enterprise Security network is successful.\n"));
}
else
{
APP_INFO(("Leaving an Enterprise Security network failed with error %u\n", (unsigned int)result));
goto cleanup;
}
cleanup:
/* Dispose the Enterprise Security instance. */
delete ent_sec_obj;
ent_sec_obj = NULL;
return result;
}

Code Snippet 2: Enterprise Security Join and Leave (PEAP)

Creates an EnterpriseSecurity instance and performs join and leave using the class methods with PEAP.

/******************************************************
* Macros
******************************************************/
#define RADIUS_SERVER_IDENTITY "svtuser"
#define RADIUS_SERVER_PASSWORD "hnd@123"
#define ENTERPRISE_SECURITY_NW_SSID "ENT_SEC_NW_2G"
#define APP_INFO( x ) printf x
/************************************************************
* Global Variables *
************************************************************/
/* Enterprise Security parameters */
/* Enterprise Security instance */
static EnterpriseSecurity *ent_sec_obj = NULL;
cy_rslt_t ent_sec_join_leave_peap()
{
cy_rslt_t result = CY_RSLT_SUCCESS;
/* Set the Enterprise Security parameters. */
ent_parameters.ca_cert = (char*) WIFI_ROOT_CERTIFICATE_STRING; /* Defined in certificate.h */
ent_parameters.client_cert = (char*) WIFI_USER_CERTIFICATE_STRING; /* Defined in certificate.h */
ent_parameters.client_key = (char*) WIFI_USER_PRIVATE_KEY_STRING; /* Defined in certificate.h */
memcpy(ent_parameters.ssid, (char *)ENTERPRISE_SECURITY_NW_SSID, strlen(ENTERPRISE_SECURITY_NW_SSID) + 1);
memcpy(ent_parameters.outer_eap_identity, (char *)RADIUS_SERVER_IDENTITY, strlen(RADIUS_SERVER_IDENTITY) + 1);
memcpy(ent_parameters.phase2.inner_identity, (char *)RADIUS_SERVER_IDENTITY, strlen(RADIUS_SERVER_IDENTITY) + 1);
memcpy(ent_parameters.phase2.inner_password, (char *)RADIUS_SERVER_PASSWORD, strlen(RADIUS_SERVER_PASSWORD) + 1);
/* Create the Enterprise Security instance. */
ent_sec_obj = new EnterpriseSecurity(&ent_parameters);
if( ent_sec_obj == NULL )
{
APP_INFO( ( "Failed to allocate memory for EnterpriseSecurity object.\n" ) );
return CY_RSLT_ERROR;
}
/* Join the enterprise security network. */
result = ent_sec_obj->join();
if( result == CY_RSLT_SUCCESS )
{
APP_INFO(("Joining an Enterprise Security network is successful.\n"));
}
else
{
APP_INFO(("Joining an Enterprise Security network failed with error %u\n", (unsigned int)result));
goto cleanup;
}
/* Enterprise Security join is successful. Insert other logic here. */
/* Leave the enterprise security network. */
result = ent_sec_obj->leave();
if( result == CY_RSLT_SUCCESS )
{
APP_INFO(("Leaving an Enterprise Security network is successful.\n"));
}
else
{
APP_INFO(("Leaving an Enterprise Security network failed with error %u\n", (unsigned int)result));
goto cleanup;
}
cleanup:
/* Dispose the Enterprise Security instance. */
delete ent_sec_obj;
ent_sec_obj = NULL;
return result;
}

Code Snippet 3: Enterprise Security Join and Leave (EAP-TTLS)

Creates an EnterpriseSecurity instance and performs join and leave using the class methods with EAP-TTLS.

/******************************************************
* Macros
******************************************************/
#define RADIUS_SERVER_IDENTITY "svtuser"
#define RADIUS_SERVER_PASSWORD "hnd@123"
#define ENTERPRISE_SECURITY_NW_SSID "ENT_SEC_NW_2G"
#define APP_INFO( x ) printf x
/************************************************************
* Global Variables *
************************************************************/
/* Enterprise Security parameters */
/* Enterprise Security instance */
static EnterpriseSecurity *ent_sec_obj = NULL;
cy_rslt_t ent_sec_join_leave_eap_ttls()
{
cy_rslt_t result = CY_RSLT_SUCCESS;
/* Set the Enterprise Security parameters. */
ent_parameters.ca_cert = (char*) WIFI_ROOT_CERTIFICATE_STRING; /* Defined in certificate.h */
ent_parameters.client_cert = (char*) WIFI_USER_CERTIFICATE_STRING; /* Defined in certificate.h */
ent_parameters.client_key = (char*) WIFI_USER_PRIVATE_KEY_STRING; /* Defined in certificate.h */
memcpy(ent_parameters.ssid, (char *)ENTERPRISE_SECURITY_NW_SSID, strlen(ENTERPRISE_SECURITY_NW_SSID) + 1);
memcpy(ent_parameters.outer_eap_identity, (char *)RADIUS_SERVER_IDENTITY, strlen(RADIUS_SERVER_IDENTITY) + 1);
memcpy(ent_parameters.phase2.inner_identity, (char *)RADIUS_SERVER_IDENTITY, strlen(RADIUS_SERVER_IDENTITY) + 1);
memcpy(ent_parameters.phase2.inner_password, (char *)RADIUS_SERVER_PASSWORD, strlen(RADIUS_SERVER_PASSWORD) + 1);
/* Create the Enterprise Security instance. */
ent_sec_obj = new EnterpriseSecurity(&ent_parameters);
if( ent_sec_obj == NULL )
{
APP_INFO( ( "Failed to allocate memory for EnterpriseSecurity object.\n" ) );
return CY_RSLT_ERROR;
}
/* Join the enterprise security network. */
result = ent_sec_obj->join();
if( result == CY_RSLT_SUCCESS )
{
APP_INFO(("Joining an Enterprise Security network is successful.\n"));
}
else
{
APP_INFO(("Joining an Enterprise Security network failed with error %u\n", (unsigned int)result));
goto cleanup;
}
/* Enterprise Security join is successful. Insert other logic here. */
/* Leave the enterprise security network. */
result = ent_sec_obj->leave();
if( result == CY_RSLT_SUCCESS )
{
APP_INFO(("Leaving an Enterprise Security network is successful.\n"));
}
else
{
APP_INFO(("Leaving an Enterprise Security network failed with error %u\n", (unsigned int)result));
goto cleanup;
}
cleanup:
/* Dispose the Enterprise Security instance. */
delete ent_sec_obj;
ent_sec_obj = NULL;
return result;
}