• State Not Answered
  • Replies 7 replies
  • Subscribers 65 subscribers
  • Views 179 views
  • Users 0 members are here
Attachments (1) Download All
Nordic Case Info
  • Case ID: 328757
Options

Support 2 simultaneous secure listening sockets. How to configure mbedTLS from nordic.

AR Jadhav

Hello All,

I am currently working with sdk-nrf 2.3.0 and nrf9160dk board. My requirement is to create 2 simultaneous secure listening sockets. Currently I am able to create 2 raw sockets and establish the communication.

I am using given sample code sdk-zephyr/samples/net/sockets/echo_server at 3611f46f85c0980c19b60bb842033cbaba35e023 · nrfconnect/sdk-zephyr (github.com). When I try to compile the individual application from only zephyr sdk I am able to compile it for qemu_x86 architecture and test the same with TLS enabled. I have verified through debug logs that both http client and server establish the TLS connection 

Now when I tried to use the zephyr's "echo_server" example with sdk-nrf 2.3.0 + nrf9160dk, I am observing compilation error.

CONFIG_NET_BUF_RX_COUNT=80
CONFIG_NET_BUF_TX_COUNT=80

# TLS configuration
CONFIG_MBEDTLS=y
CONFIG_MBEDTLS_BUILTIN=y
CONFIG_MBEDTLS_ENABLE_HEAP=y
CONFIG_MBEDTLS_HEAP_SIZE=60000
CONFIG_MBEDTLS_SSL_MAX_CONTENT_LEN=2048
CONFIG_NET_SOCKETS_SOCKOPT_TLS=y
CONFIG_NET_SOCKETS_TLS_MAX_CONTEXTS=6
CONFIG_NET_SOCKETS_ENABLE_DTLS=n

CONFIG_MBEDTLS_DEBUG=y
CONFIG_MBEDTLS_LOG_LEVEL_DBG=y
CONFIG_MBEDTLS_LOG_LEVEL_INF=y

CONFIG_ENTROPY_GENERATOR=y
CONFIG_TEST_RANDOM_GENERATOR=y

I am getting build warnings leading to errors, I have attached the errors in build_error.txt attached.

Development setup used is,
WSL Ubuntu, nrf9160dk, nrf version 2.3.0, zephyr version 3.2.99
Can you suggest me with the sample application which supports TLS on nordic. Also please suggest the configs to enable the TLS logs.
Also, can you please help me with listing the advantages of offloaded sockets over native sockets and a major difference between both.
Thanks. 

Fullscreen 3465.build_error.txt Download 
FAILED: zephyr/zephyr_pre0.elf zephyr/zephyr_pre0.map /home/arjadhav/GA_9160/ga-nrf9160/build/zephyr/zephyr_pre0.map 
: && ccache /home/arjadhav/zephyr-sdk/arm-zephyr-eabi/bin/arm-zephyr-eabi-g++  -gdwarf-4 /home/arjadhav/zephyr-sdk/arm-zephyr-eabi/bin/../lib/gcc/arm-zephyr-eabi/12.1.0/thumb/v8-m.main/nofp/crtbegin.o zephyr/CMakeFiles/zephyr_pre0.dir/misc/empty_file.c.obj -o zephyr/zephyr_pre0.elf  zephyr/CMakeFiles/offsets.dir/./arch/arm/core/offsets/offsets.c.obj  tfm/secure_fw/s_veneers.o  -fuse-ld=bfd  -Wl,-T  zephyr/linker_zephyr_pre0.cmd  -Wl,-Map=/home/arjadhav/GA_9160/ga-nrf9160/build/zephyr/zephyr_pre0.map  -Wl,--whole-archive  app/libapp.a  zephyr/libzephyr.a  zephyr/arch/common/libarch__common.a  zephyr/arch/arch/arm/core/aarch32/libarch__arm__core__aarch32.a  zephyr/arch/arch/arm/core/aarch32/cortex_m/libarch__arm__core__aarch32__cortex_m.a  zephyr/arch/arch/arm/core/aarch32/cortex_m/cmse/libarch__arm__core__aarch32__cortex_m__cmse.a  zephyr/arch/arch/arm/core/aarch32/mpu/libarch__arm__core__aarch32__mpu.a  zephyr/lib/libc/newlib/liblib__libc__newlib.a  zephyr/soc/arm/common/cortex_m/libsoc__arm__common__cortex_m.a  zephyr/subsys/net/libsubsys__net.a  zephyr/subsys/net/ip/libsubsys__net__ip.a  zephyr/subsys/net/lib/config/libsubsys__net__lib__config.a  zephyr/subsys/random/libsubsys__random.a  zephyr/drivers/clock_control/libdrivers__clock_control.a  zephyr/drivers/console/libdrivers__console.a  zephyr/drivers/gpio/libdrivers__gpio.a  zephyr/drivers/serial/libdrivers__serial.a  zephyr/drivers/entropy/libdrivers__entropy.a  zephyr/drivers/timer/libdrivers__timer.a  zephyr/drivers/pinctrl/libdrivers__pinctrl.a  modules/nrf/lib/nrf_modem_lib/lib..__nrf__lib__nrf_modem_lib.a  modules/nrf/lib/at_monitor/lib..__nrf__lib__at_monitor.a  modules/nrf/lib/at_host/lib..__nrf__lib__at_host.a  modules/nrf/lib/at_cmd_parser/lib..__nrf__lib__at_cmd_parser.a  modules/nrf/lib/lte_link_control/lib..__nrf__lib__lte_link_control.a  modules/nrf/lib/modem_info/lib..__nrf__lib__modem_info.a  modules/nrf/modules/tfm/zephyr/libtfm_api_nrf.a  modules/trusted-firmware-m/libtfm_api.a  modules/hal_nordic/nrfx/libmodules__hal_nordic__nrfx.a  modules/segger/libmodules__segger.a  /home/arjadhav/GA_9160/nrfxlib/nrf_modem/lib/cortex-m33/soft-float/libmodem.a  modules/nrfxlib/nrfxlib/nrf_security/src/zephyr/libmbedtls_zephyr.a  -Wl,--no-whole-archive  zephyr/kernel/libkernel.a  -L"/home/arjadhav/zephyr-sdk/arm-zephyr-eabi/bin/../lib/gcc/arm-zephyr-eabi/12.1.0/thumb/v8-m.main/nofp"  -L/home/arjadhav/GA_9160/ga-nrf9160/build/zephyr  -lgcc  zephyr/arch/common/libisr_tables.a  -no-pie  -Wl,--gc-sections  -Wl,--build-id=none  -Wl,--sort-common=descending  -Wl,--sort-section=alignment  -Wl,-u,_OffsetAbsSyms  -Wl,-u,_ConfigAbsSyms  -nostdlib  -static  -Wl,-X  -Wl,-N  -Wl,--orphan-handling=warn  -lstdc++  -lm  -Wl,-lc  -L"/home/arjadhav/zephyr-sdk/arm-zephyr-eabi/arm-zephyr-eabi"/lib/thumb/v8-m.main/nofp  -Wl,-lgcc  -lc  modules/nrfxlib/nrfxlib/nrf_security/src/libmbedcrypto.a  /home/arjadhav/GA_9160/nrfxlib/crypto/nrf_oberon/lib/cortex-m33/soft-float/liboberon_mbedtls_3.0.12.a  modules/nrfxlib/nrfxlib/nrf_security/src/libmbedcrypto_base.a  -mcpu=cortex-m33  -mthumb  -mabi=aapcs  -mfp16-format=ieee  /home/arjadhav/GA_9160/nrfxlib/crypto/nrf_oberon/lib/cortex-m33/soft-float/liboberon_3.0.12.a  -lc /home/arjadhav/zephyr-sdk/arm-zephyr-eabi/bin/../lib/gcc/arm-zephyr-eabi/12.1.0/thumb/v8-m.main/nofp/crtend.o && cd /home/arjadhav/GA_9160/ga-nrf9160/build/zephyr && /usr/bin/cmake -E echo
/home/arjadhav/zephyr-sdk/arm-zephyr-eabi/bin/../lib/gcc/arm-zephyr-eabi/12.1.0/../../../../arm-zephyr-eabi/bin/ld.bfd: zephyr/libzephyr.a(sockets_tls.c.obj): in function `tls_release':
/home/arjadhav/GA_9160/zephyr/subsys/net/lib/sockets/sockets_tls.c:471: undefined reference to `mbedtls_ssl_config_free'
/home/arjadhav/zephyr-sdk/arm-zephyr-eabi/bin/../lib/gcc/arm-zephyr-eabi/12.1.0/../../../../arm-zephyr-eabi/bin/ld.bfd: /home/arjadhav/GA_9160/zephyr/subsys/net/lib/sockets/sockets_tls.c:472: undefined reference to `mbedtls_ssl_free'
/home/arjadhav/zephyr-sdk/arm-zephyr-eabi/bin/../lib/gcc/arm-zephyr-eabi/12.1.0/../../../../arm-zephyr-eabi/bin/ld.bfd: zephyr/libzephyr.a(sockets_tls.c.obj): in function `tls_mbedtls_init':
/home/arjadhav/GA_9160/zephyr/subsys/net/lib/sockets/sockets_tls.c:1176: undefined reference to `mbedtls_ssl_set_bio'
/home/arjadhav/zephyr-sdk/arm-zephyr-eabi/bin/../lib/gcc/arm-zephyr-eabi/12.1.0/../../../../arm-zephyr-eabi/bin/ld.bfd: /home/arjadhav/GA_9160/zephyr/subsys/net/lib/sockets/sockets_tls.c:1187: undefined reference to `mbedtls_ssl_config_defaults'
/home/arjadhav/zephyr-sdk/arm-zephyr-eabi/bin/../lib/gcc/arm-zephyr-eabi/12.1.0/../../../../arm-zephyr-eabi/bin/ld.bfd: /home/arjadhav/GA_9160/zephyr/subsys/net/lib/sockets/sockets_tls.c:1254: undefined reference to `mbedtls_ssl_conf_rng'
/home/arjadhav/zephyr-sdk/arm-zephyr-eabi/bin/../lib/gcc/arm-zephyr-eabi/12.1.0/../../../../arm-zephyr-eabi/bin/ld.bfd: /home/arjadhav/GA_9160/zephyr/subsys/net/lib/sockets/sockets_tls.c:1288: undefined reference to `mbedtls_ssl_setup'
/home/arjadhav/zephyr-sdk/arm-zephyr-eabi/bin/../lib/gcc/arm-zephyr-eabi/12.1.0/../../../../arm-zephyr-eabi/bin/ld.bfd: /home/arjadhav/GA_9160/zephyr/subsys/net/lib/sockets/sockets_tls.c:1250: undefined reference to `mbedtls_ssl_conf_authmode'
/home/arjadhav/zephyr-sdk/arm-zephyr-eabi/bin/../lib/gcc/arm-zephyr-eabi/12.1.0/../../../../arm-zephyr-eabi/bin/ld.bfd: /home/arjadhav/GA_9160/zephyr/subsys/net/lib/sockets/sockets_tls.c:1266: undefined reference to `mbedtls_ssl_conf_ciphersuites'
/home/arjadhav/zephyr-sdk/arm-zephyr-eabi/bin/../lib/gcc/arm-zephyr-eabi/12.1.0/../../../../arm-zephyr-eabi/bin/ld.bfd: zephyr/libzephyr.a(sockets_tls.c.obj): in function `tls_session_get':
/home/arjadhav/GA_9160/zephyr/subsys/net/lib/sockets/sockets_tls.c:586: undefined reference to `mbedtls_ssl_session_load'
/home/arjadhav/zephyr-sdk/arm-zephyr-eabi/bin/../lib/gcc/arm-zephyr-eabi/12.1.0/../../../../arm-zephyr-eabi/bin/ld.bfd: zephyr/libzephyr.a(sockets_tls.c.obj): in function `tls_session_restore':
/home/arjadhav/GA_9160/zephyr/subsys/net/lib/sockets/sockets_tls.c:641: undefined reference to `mbedtls_ssl_session_init'
/home/arjadhav/zephyr-sdk/arm-zephyr-eabi/bin/../lib/gcc/arm-zephyr-eabi/12.1.0/../../../../arm-zephyr-eabi/bin/ld.bfd: /home/arjadhav/GA_9160/zephyr/subsys/net/lib/sockets/sockets_tls.c:649: undefined reference to `mbedtls_ssl_set_session'
/home/arjadhav/zephyr-sdk/arm-zephyr-eabi/bin/../lib/gcc/arm-zephyr-eabi/12.1.0/../../../../arm-zephyr-eabi/bin/ld.bfd: /home/arjadhav/GA_9160/zephyr/subsys/net/lib/sockets/sockets_tls.c:655: undefined reference to `mbedtls_ssl_session_free'
/home/arjadhav/zephyr-sdk/arm-zephyr-eabi/bin/../lib/gcc/arm-zephyr-eabi/12.1.0/../../../../arm-zephyr-eabi/bin/ld.bfd: zephyr/libzephyr.a(sockets_tls.c.obj): in function `tls_mbedtls_reset':
/home/arjadhav/GA_9160/zephyr/subsys/net/lib/sockets/sockets_tls.c:1060: undefined reference to `mbedtls_ssl_session_reset'
/home/arjadhav/zephyr-sdk/arm-zephyr-eabi/bin/../lib/gcc/arm-zephyr-eabi/12.1.0/../../../../arm-zephyr-eabi/bin/ld.bfd: zephyr/libzephyr.a(sockets_tls.c.obj): in function `tls_mbedtls_handshake':
/home/arjadhav/GA_9160/zephyr/subsys/net/lib/sockets/sockets_tls.c:1103: undefined reference to `mbedtls_ssl_handshake'
/home/arjadhav/zephyr-sdk/arm-zephyr-eabi/bin/../lib/gcc/arm-zephyr-eabi/12.1.0/../../../../arm-zephyr-eabi/bin/ld.bfd: zephyr/libzephyr.a(sockets_tls.c.obj): in function `tls_opt_ciphersuite_list_set':
/home/arjadhav/GA_9160/zephyr/subsys/net/lib/sockets/sockets_tls.c:1400: undefined reference to `mbedtls_ssl_conf_ciphersuites'
/home/arjadhav/zephyr-sdk/arm-zephyr-eabi/bin/../lib/gcc/arm-zephyr-eabi/12.1.0/../../../../arm-zephyr-eabi/bin/ld.bfd: zephyr/libzephyr.a(sockets_tls.c.obj): in function `tls_session_save':
/home/arjadhav/GA_9160/zephyr/subsys/net/lib/sockets/sockets_tls.c:544: undefined reference to `mbedtls_ssl_session_save'
/home/arjadhav/zephyr-sdk/arm-zephyr-eabi/bin/../lib/gcc/arm-zephyr-eabi/12.1.0/../../../../arm-zephyr-eabi/bin/ld.bfd: /home/arjadhav/GA_9160/zephyr/subsys/net/lib/sockets/sockets_tls.c:552: undefined reference to `mbedtls_ssl_session_save'
/home/arjadhav/zephyr-sdk/arm-zephyr-eabi/bin/../lib/gcc/arm-zephyr-eabi/12.1.0/../../../../arm-zephyr-eabi/bin/ld.bfd: zephyr/libzephyr.a(sockets_tls.c.obj): in function `tls_session_store':
/home/arjadhav/GA_9160/zephyr/subsys/net/lib/sockets/sockets_tls.c:611: undefined reference to `mbedtls_ssl_session_init'
/home/arjadhav/zephyr-sdk/arm-zephyr-eabi/bin/../lib/gcc/arm-zephyr-eabi/12.1.0/../../../../arm-zephyr-eabi/bin/ld.bfd: /home/arjadhav/GA_9160/zephyr/subsys/net/lib/sockets/sockets_tls.c:613: undefined reference to `mbedtls_ssl_get_session'
/home/arjadhav/zephyr-sdk/arm-zephyr-eabi/bin/../lib/gcc/arm-zephyr-eabi/12.1.0/../../../../arm-zephyr-eabi/bin/ld.bfd: /home/arjadhav/GA_9160/zephyr/subsys/net/lib/sockets/sockets_tls.c:625: undefined reference to `mbedtls_ssl_session_free'
/home/arjadhav/zephyr-sdk/arm-zephyr-eabi/bin/../lib/gcc/arm-zephyr-eabi/12.1.0/../../../../arm-zephyr-eabi/bin/ld.bfd: zephyr/libzephyr.a(sockets_tls.c.obj): in function `ztls_poll_prepare_pollin':
/home/arjadhav/GA_9160/zephyr/subsys/net/lib/sockets/sockets_tls.c:2353: undefined reference to `mbedtls_ssl_get_bytes_avail'
/home/arjadhav/zephyr-sdk/arm-zephyr-eabi/bin/../lib/gcc/arm-zephyr-eabi/12.1.0/../../../../arm-zephyr-eabi/bin/ld.bfd: zephyr/libzephyr.a(sockets_tls.c.obj): in function `ztls_socket_data_check':
/home/arjadhav/GA_9160/zephyr/subsys/net/lib/sockets/sockets_tls.c:2424: undefined reference to `mbedtls_ssl_read'
/home/arjadhav/zephyr-sdk/arm-zephyr-eabi/bin/../lib/gcc/arm-zephyr-eabi/12.1.0/../../../../arm-zephyr-eabi/bin/ld.bfd: /home/arjadhav/GA_9160/zephyr/subsys/net/lib/sockets/sockets_tls.c:2451: undefined reference to `mbedtls_ssl_get_bytes_avail'
/home/arjadhav/zephyr-sdk/arm-zephyr-eabi/bin/../lib/gcc/arm-zephyr-eabi/12.1.0/../../../../arm-zephyr-eabi/bin/ld.bfd: zephyr/libzephyr.a(sockets_tls.c.obj): in function `ztls_poll_update_pollin':
/home/arjadhav/GA_9160/zephyr/subsys/net/lib/sockets/sockets_tls.c:2461: undefined reference to `mbedtls_ssl_get_bytes_avail'
/home/arjadhav/zephyr-sdk/arm-zephyr-eabi/bin/../lib/gcc/arm-zephyr-eabi/12.1.0/../../../../arm-zephyr-eabi/bin/ld.bfd: zephyr/libzephyr.a(sockets_tls.c.obj): in function `recv_tls':
/home/arjadhav/GA_9160/zephyr/subsys/net/lib/sockets/sockets_tls.c:2085: undefined reference to `mbedtls_ssl_read'
/home/arjadhav/zephyr-sdk/arm-zephyr-eabi/bin/../lib/gcc/arm-zephyr-eabi/12.1.0/../../../../arm-zephyr-eabi/bin/ld.bfd: zephyr/libzephyr.a(sockets_tls.c.obj): in function `tls_alloc':
/home/arjadhav/GA_9160/zephyr/subsys/net/lib/sockets/sockets_tls.c:403: undefined reference to `mbedtls_ssl_init'
/home/arjadhav/zephyr-sdk/arm-zephyr-eabi/bin/../lib/gcc/arm-zephyr-eabi/12.1.0/../../../../arm-zephyr-eabi/bin/ld.bfd: /home/arjadhav/GA_9160/zephyr/subsys/net/lib/sockets/sockets_tls.c:404: undefined reference to `mbedtls_ssl_config_init'
/home/arjadhav/zephyr-sdk/arm-zephyr-eabi/bin/../lib/gcc/arm-zephyr-eabi/12.1.0/../../../../arm-zephyr-eabi/bin/ld.bfd: zephyr/libzephyr.a(sockets_tls.c.obj): in function `send_tls':
/home/arjadhav/GA_9160/zephyr/subsys/net/lib/sockets/sockets_tls.c:1905: undefined reference to `mbedtls_ssl_write'
/home/arjadhav/zephyr-sdk/arm-zephyr-eabi/bin/../lib/gcc/arm-zephyr-eabi/12.1.0/../../../../arm-zephyr-eabi/bin/ld.bfd: zephyr/libzephyr.a(sockets_tls.c.obj): in function `tls_opt_ciphersuite_list_get':
/home/arjadhav/GA_9160/zephyr/subsys/net/lib/sockets/sockets_tls.c:1418: undefined reference to `mbedtls_ssl_list_ciphersuites'
/home/arjadhav/zephyr-sdk/arm-zephyr-eabi/bin/../lib/gcc/arm-zephyr-eabi/12.1.0/../../../../arm-zephyr-eabi/bin/ld.bfd: zephyr/libzephyr.a(sockets_tls.c.obj): in function `tls_opt_ciphersuite_used_get':
/home/arjadhav/GA_9160/zephyr/subsys/net/lib/sockets/sockets_tls.c:1446: undefined reference to `mbedtls_ssl_get_ciphersuite'
/home/arjadhav/zephyr-sdk/arm-zephyr-eabi/bin/../lib/gcc/arm-zephyr-eabi/12.1.0/../../../../arm-zephyr-eabi/bin/ld.bfd: /home/arjadhav/GA_9160/zephyr/subsys/net/lib/sockets/sockets_tls.c:1451: undefined reference to `mbedtls_ssl_get_ciphersuite_id'
/home/arjadhav/zephyr-sdk/arm-zephyr-eabi/bin/../lib/gcc/arm-zephyr-eabi/12.1.0/../../../../arm-zephyr-eabi/bin/ld.bfd: zephyr/libzephyr.a(sockets_tls.c.obj): in function `ztls_close_ctx':
/home/arjadhav/GA_9160/zephyr/subsys/net/lib/sockets/sockets_tls.c:1772: undefined reference to `mbedtls_ssl_close_notify'

Related