nrf5340 NCS 2.8 cannot get TLS socket to load CA certif due to net_sock_tls / mbedtls error -0x262e

RE: nrf5340 NCS 2.8 cannot get TLS socket to load CA certif due to net_sock_tls / mbedtls error -0x262e

dave-dev — Wed, 14 Jan 2026 02:42:14 GMT

Hi all,

I'm stuck with this situation as well. Of course, I want to use PSA but it's not fully developed for offloaded sockets yet.

It should be noted that offloaded sockets can't use ECC keys either, if those keys have RSA signatures, which is what Amazon AWS signs ECC keys with. There's no way to change this that I've found, hence we are unable to connect to AWS using offloaded sockets.

Any update on improving support for X.509 certificates when using mbedTLS, Amanda Hsieh ?

Since there's not enough RAM on the nRF9160/61/51 to use PSA and mbedTLS together, the way forward is disabling PSA and all hardware crypto and using mbedTLS only, but this is not ideal.

RE: nrf5340 NCS 2.8 cannot get TLS socket to load CA certif due to net_sock_tls / mbedtls error -0x262e

BrianW — Fri, 28 Mar 2025 13:27:34 GMT

I am now on NCS 2.9, but still with just mbedtls as it seems the PSA integration in Zephyr/NCS is not yet fully operational.

I stil find it incredible how much flash/RAM is required to do a 'simple' https GET over wifi using the nordic solution. It would be (IMHO) very much to Nordics benefit if they put some effort into providing a minimal config setup that actually works in the real world (ie with mix of RSA up to 4K, common ECC curves etc) and doesn't use up 2/3 of the available resources to do so....

btw one of the reasons to move to 2.9 was to get fixes in the wifi, and to put the "wifi patches' (aka the nrf70 firmware) into the external flash as a DFU able image - that saved me nearly 80kB flash right there.... I lost a little to mcuboot (68kB) to be able to get 3 image DFUable system with the serial recovery over USB vcom, but it was worth it to gain the 80kB of wifi fw space....

RE: nrf5340 NCS 2.8 cannot get TLS socket to load CA certif due to net_sock_tls / mbedtls error -0x262e

Dominic — Thu, 27 Mar 2025 18:24:08 GMT

nRF9160: Offloaded sockets can't use MBEDTLS_USE_PSA_CRYPTO with RSA Certificates

This is the problem I think.

RE: nrf5340 NCS 2.8 cannot get TLS socket to load CA certif due to net_sock_tls / mbedtls error -0x262e

Dominic — Thu, 27 Mar 2025 17:50:30 GMT

Hi all,

I'm working with the nRF9151 and running into a similar frustrating issue around using PSA Crypto with mbedTLS in the nRF Connect SDK. Specifically, I'm trying to minimize flash and RAM usage for a secure HTTP client like BrianW , and I’m finding the documentation around PSA integration with mbedTLS to be very limited and unclear.

I started from the https_client sample in NCS. While it works, the flash and RAM footprint is quite large. I then explored using offloaded TLS (via modem firmware) to save space, but then had errors due to the 2048 KB secure socket buffer limit. So I went back to the built-in mbedTLS stack with a goal of trimming it down by disabling unused features.That’s when things broke.

I'm trying to use PSA Crypto for all cryptographic operations, expecting that mbedTLS would then act as a thin wrapper over PSA. In particular, I enabled:

CONFIG_MBEDTLS_PSA_CRYPTO_C=y
CONFIG_MBEDTLS_USE_PSA_CRYPTO=y

My understanding is that CONFIG_MBEDTLS_USE_PSA_CRYPTO=y tells mbedTLS to delegate all crypto (hashing, ECDSA, RSA, etc.) to PSA (TF-M or the CC3XX backend). This should ideally reduce flash usage by avoiding duplication.

But here's the issue: the TLS handshake fails on certificate parsing when using certificates signed with RSA (e.g., sha256WithRSAEncryption). The root cause appears to be that:

The X.509 parser in mbedTLS still needs to recognize and handle RSA signature OIDs, even if PSA is doing the actual verification.
However, enabling CONFIG_MBEDTLS_RSA_C=y (which defines RSA support in mbedTLS) is not allowed when CONFIG_MBEDTLS_USE_PSA_CRYPTO=y is enabled. These configs are mutually exclusive.

So I’m stuck in this awkward spot where:

PSA can handle RSA signatures,
But mbedTLS won't parse or recognize them because RSA is not compiled into the legacy code.
I end up disabling CONFIG_MBEDTLS_USE_PSA_CRYPTO and back to square one with my flash size.

What’s confusing is that the boundaries between PSA and legacy mbedTLS are poorly documented:

Which parts of mbedTLS are "legacy"?
What gets offloaded to PSA?
What minimal configuration is required for PSA-only builds?

It seems like mbedTLS still depends on legacy code for parsing and algorithm mapping, even when crypto execution is handled by PSA. But this isn’t documented clearly, and the Kconfig dependencies make it easy to break things by disabling unused features.

It would also to have to some examples of MINIMAL builds. Please can you let me know if the above is a bug?

RE: nrf5340 NCS 2.8 cannot get TLS socket to load CA certif due to net_sock_tls / mbedtls error -0x262e

BrianW — Thu, 23 Jan 2025 16:27:26 GMT

Just to provide a quick summary of the prj.conf I required to get my https connection to work

CONFIG_NRF_SECURITY=y

CONFIG_MBEDTLS_LIBRARY_NRF_SECURITY=y

# TLS configuration - don't want everything in mbedtls as far too big

#CONFIG_CUSTOM_MBEDTLS_CFG_FILE=y

#CONFIG_MBEDTLS_CFG_FILE="config-mini-tls1_2.h"

CONFIG_MBEDTLS=y

CONFIG_MBEDTLS_DTLS=n

CONFIG_MBEDTLS_TLS_VERSION_1_2=y

CONFIG_MBEDTLS_RSA_C=y

CONFIG_MBEDTLS_ECP_C=n

#CONFIG_MBEDTLS_ECDH_C=n this breaks kconfig

#CONFIG_MBEDTLS_ECDSA_C=n this fixes kconfig, but breaks compile of hostap

# PSA WANT request does nothing as PSA is not actually enabled?

CONFIG_PSA_WANT_RSA_KEY_SIZE_4096=y

CONFIG_PSA_WANT_RSA_KEY_SIZE_2048=y

CONFIG_MBEDTLS_HAVE_TIME_DATE=n

CONFIG_MBEDTLS_SSL_SERVER_NAME_INDICATION=y

CONFIG_MBEDTLS_SSL_IN_CONTENT_LEN=16384

CONFIG_MBEDTLS_SSL_OUT_CONTENT_LEN=16384

CONFIG_MBEDTLS_MPI_MAX_SIZE=512

CONFIG_NET_SOCKETS_TLS_SET_MAX_FRAGMENT_LENGTH=n

CONFIG_MBEDTLS_SSL_RENEGOTIATION=y

CONFIG_NET_SOCKETS_TLS_MAX_CONTEXTS=3

CONFIG_PSA_WANT_ECC_SECP_R1_256=y

CONFIG_PSA_WANT_ECC_MONTGOMERY_255=y

# use TLS in socket directly

CONFIG_NET_SOCKETS_SOCKOPT_TLS=y

CONFIG_TLS_CREDENTIALS=y

CONFIG_TLS_MAX_CREDENTIALS_NUMBER=10

CONFIG_NET_SOCKETS_TLS_MAX_CREDENTIALS=10

As I said above, it was the requirement for SNI that was the last stumbling block... but the rest is probably required for me to use 2048 and 4096 RSA signed DER certificates loaded into the TLS socket.

This does not include the various memory / buffer / max configs neccessary to get the code and the RAM to fit in a nrf53; your milage will definitely vary for the optimum values for your app!

Thanks Amanda!

RE: nrf5340 NCS 2.8 cannot get TLS socket to load CA certif due to net_sock_tls / mbedtls error -0x262e

BrianW — Thu, 23 Jan 2025 13:41:58 GMT

[quote userid="77782" url="~/f/nordic-q-a/117913/nrf5340-ncs-2-8-cannot-get-tls-socket-to-load-ca-certif-due-to-net_sock_tls-mbedtls-error--0x262e/519652"]

BrianW said:
is it not possible to provide TLS with the server's certificate directly? Does it have to have a CA/CA certificate to work?

You can add with TLS_CREDENTIAL_SERVER_CERTIFICATE. See TLS credentials subsystem.

[/quote]

This doesn't seem to work for me. Specifically for the test site

https://eu.httpbin.org

if I load the DER certificate for the root CA of this site (as TLS_CREDENTIAL_CA_CERTIFICATE), it works. If I don't load it, but instead load the server's DER certificate (as TLS_CREDENTIAL_SERVER_CERTIFICATE), then it fails with -0x2700...

(both certificates retrieved from Chrome web browser)

The documentation as to exactly what the TLS_CREDENTIAL_SERVER_CERTIFICATE is expected to do is missing; but when I looked in the code it seemed more like provision of a certificate used to validate TLS operations when running a http server locally (ie server side not client side). Is this correct?

[quote userid="77782" url="~/f/nordic-q-a/117913/nrf5340-ncs-2-8-cannot-get-tls-socket-to-load-ca-certif-due-to-net_sock_tls-mbedtls-error--0x262e/519652"]Yes, the device needs to have the correct time and date to properly validate certificate validity periods. See the Sensor Device Threat Model documentation. [/quote]

I found this discussion https://github.com/zephyrproject-rtos/zephyr/issues/35401, where it appears that it should be possible to disable the date/time validity check (my device does not have a secure date/time source) by doing

CONFIG_MBEDTLS_HAVE_TIME_DATE=n

However this made no difference to the operation and the kconfig says it was 'n' anyway!

This makes sense, as the eu.httpbin.org CA certificate also has validity dates, but works....

[quote userid="77782" url="~/f/nordic-q-a/117913/nrf5340-ncs-2-8-cannot-get-tls-socket-to-load-ca-certif-due-to-net_sock_tls-mbedtls-error--0x262e/519652"]Could you try with adding CONFIG_MBEDTLS_SSL_SERVER_NAME_INDICATION=y in the prj.conf?[/quote]

YES! this seems to be the magic for my server - fixes it for both 2048bit RSA CA certificates (which I had reconfigured my server to use, and also for 4096bit ones as served by the LetsEncrypt CA server.

I was not aware of the SNI part of TLS, nor indeed that my server using multiple domains on the same host would need it! And hence https to my server failed, but other work...

(obligatory moan : if the code had a slightly more explicit log than error -0x2700, or if this error was documented as being "you need SNI enabled" then I might have got here quicker...)

RE: nrf5340 NCS 2.8 cannot get TLS socket to load CA certif due to net_sock_tls / mbedtls error -0x262e

Amanda Hsieh — Wed, 22 Jan 2025 21:44:36 GMT

Hi,

[quote user="BrianW"]Even if I provision this certificate in the TLS socket, the connection fails with the handsshake error -0x2700. This happens both with a generated certificate and also with the traefik auto generated certificate.[/quote]

Could you try with adding CONFIG_MBEDTLS_SSL_SERVER_NAME_INDICATION=y in the prj.conf? Please see refer to https://academy.nordicsemi.com/courses/wi-fi-fundamentals/lessons/lesson-5-wifi-fundamentals/topic/lesson-5-exercise-2-2/

[quote user="BrianW"] is it not possible to provide TLS with the server's certificate directly? Does it have to have a CA/CA certificate to work?[/quote]

You can add with TLS_CREDENTIAL_SERVER_CERTIFICATE. See TLS credentials subsystem.

[quote user="BrianW"]- the certificates have validaity dates. Does this mean that my device has to have the correct time/date to be able to validate this info?[/quote]

Yes, the device needs to have the correct time and date to properly validate certificate validity periods. See the Sensor Device Threat Model documentation.

-Amanda H.

RE: nrf5340 NCS 2.8 cannot get TLS socket to load CA certif due to net_sock_tls / mbedtls error -0x262e

BrianW — Wed, 22 Jan 2025 15:33:20 GMT

My server now serves a self-signed certificate, with a 2048bit RSA key.

Even if I provision this certificate in the TLS socket, the connection fails with the handsshake error -0x2700. This happens both with a generated certificate and also with the traefik auto generated certificate.

2 questions:

- is it not possible to provide TLS with the server's certificate directly? Does it have to have a CA/CA certificate to work?

- the certificates have validaity dates. Does this mean that my device has to have the correct time/date to be able to validate this info?

RE: nrf5340 NCS 2.8 cannot get TLS socket to load CA certif due to net_sock_tls / mbedtls error -0x262e

BrianW — Tue, 21 Jan 2025 17:08:49 GMT

[quote userid="77782" url="~/f/nordic-q-a/117913/nrf5340-ncs-2-8-cannot-get-tls-socket-to-load-ca-certif-due-to-net_sock_tls-mbedtls-error--0x262e/518919"]CONFIG_MBEDTLS_HEAP_SIZE=80000[/quote]

No change, I already have

CONFIG_HEAP_MEM_POOL_SIZE=89000

and mbedtls uses the sys heap as far as I understand

I reduced this to 84000 as the increased number of SOCKETS_TLS contexts overflows the RAM otherwise.

[by the way, I have logs to monitor the heap usage every 60s during dev, and check that I don't run out of sysheap free space (which it doesn't)]

[quote userid="77782" url="~/f/nordic-q-a/117913/nrf5340-ncs-2-8-cannot-get-tls-socket-to-load-ca-certif-due-to-net_sock_tls-mbedtls-error--0x262e/518919"]CONFIG_MBEDTLS_SSL_RENEGOTIATION=y
CONFIG_NET_SOCKETS_TLS_MAX_CONTEXTS=6[/quote]

This made no difference to the https tests.

https://eu.httpbin.org/get : ok

- if I provision the top level amazon certif

https://server.infrafon.club/test : fails

<err> net_sock_tls: TLS handshake error: -0x2700
<wrn> app: httpmgr: Failed to connect socket (-1), [113]

- this is my server, normally has a self-signed certificate RSA 2048 bits, which I provision in the TLS socket

https://example.com : fails

<err> net_sock_tls: TLS handshake error: -0x2700
<wrn> app: httpmgr: Failed to connect socket (-1), [113]

- no CA certificate provisioned as they have 4096bit RSA keys and fail when these are enabled, so instead it fails when they are sent during TLS process (I assume)

RE: nrf5340 NCS 2.8 cannot get TLS socket to load CA certif due to net_sock_tls / mbedtls error -0x262e

Amanda Hsieh — Fri, 17 Jan 2025 21:43:17 GMT

Could you also add the following configs? and Let me know they can help or not.

CONFIG_MBEDTLS_HEAP_SIZE=80000
CONFIG_MBEDTLS_SSL_RENEGOTIATION=y
CONFIG_NET_SOCKETS_TLS_MAX_CONTEXTS=6

RE: nrf5340 NCS 2.8 cannot get TLS socket to load CA certif due to net_sock_tls / mbedtls error -0x262e

BrianW — Fri, 17 Jan 2025 11:35:37 GMT

Well, depends which of the suggestions you mean?

CONFIG_MBEDTLS_MPI_MAX_SIZE=512

- my build already has this as the default (maybe due to NCS 2.8?)

CONFIG_MBEDTLS_SSL_IN_CONTENT_LEN=16384
CONFIG_MBEDTLS_SSL_OUT_CONTENT_LEN=16384

CONFIG_NET_SOCKETS_TLS_SET_MAX_FRAGMENT_LENGTH=n

- again, already set to these values by default apparently

Also, it doesn't seem that the issue in that post is in fact resolved anyway?

RE: nrf5340 NCS 2.8 cannot get TLS socket to load CA certif due to net_sock_tls / mbedtls error -0x262e

Amanda Hsieh — Thu, 16 Jan 2025 17:31:45 GMT

Could you try my colleague's suggestion in this post?

RE: nrf5340 NCS 2.8 cannot get TLS socket to load CA certif due to net_sock_tls / mbedtls error -0x262e

BrianW — Thu, 16 Jan 2025 15:59:22 GMT

So, today I have managed to get a state where:

- can build the app

- can parse RSA certificates if they only have a key up to 2048 bits

- can do a https request successfully to a web server when its CA chain only includes certs that have RSA keys <2048 bits

Example url that works (16 jan 2025)

https://eu.httpbin.org/get

but I cannot manage to build TLS code that can:

- parse a certificate with a 4096bit RSA key (gives a "Failed to parse CA certificate, err: -0x3b00)

- parse a certificate with a EC key (not sure what algo)

- connect to a server where the certificate chain will include a 4096 bit key (code gets an error during the TLS connect phase "net_sock_tls: TLS handshake error: -0x2700")

- connect to a server using a certificate with EC algo (again, not sure of the algo)

Example of a site using EC certificates (16 jan 2025):

https://example.com

Note : site USED to use a RSA certifcate with 2048 bits, and therefore used to work for me... the new certificate is marked as 'valid from 15/1/2025!

Example of a site url using 4096 bit RSA certificates in its chain:

https://timeapi.io/api/time/current/zone?timeZone=Europe%2FParis

(another thing I don't understand : if I give the TLS the certificate of the site itself, it doesn't seem to work, I have to give it the certif of one of the CA in the signature chain above it? Is this normal?)

I cannot find a prj.conf that enables either 4096bit RSA, or EC keys for whatever example.com uses.

Relevant chunk of prj.conf : note the commented out keys are stuff I tried but it broke the build in one way or another. Networking is wifi (nrf7002) with wpa-supp from NCS 2.8.

CONFIG_NRF_SECURITY=y
CONFIG_MBEDTLS_LIBRARY_NRF_SECURITY=y
# TLS configuration - don't want everything in mbedtls as far too big
#CONFIG_CUSTOM_MBEDTLS_CFG_FILE=y
#CONFIG_MBEDTLS_CFG_FILE="config-mini-tls1_2.h"
CONFIG_MBEDTLS=y
CONFIG_MBEDTLS_DTLS=n
CONFIG_MBEDTLS_TLS_VERSION_1_2=y
CONFIG_MBEDTLS_RSA_C=y
CONFIG_MBEDTLS_ECP_C=n
#CONFIG_MBEDTLS_ECDH_C=n    this breaks kconfig
#CONFIG_MBEDTLS_ECDSA_C=n   this fixes kconfig, but breaks compile of hostap

#CONFIG_MBEDTLS_PSA_CRYPTO_C=y
#CONFIG_MBEDTLS_USE_PSA_CRYPTO=y
#CONFIG_PSA_CRYPTO_ENABLE_ALL=n
CONFIG_PSA_WANT_RSA_KEY_SIZE_4096=y
CONFIG_PSA_WANT_RSA_KEY_SIZE_2048=y

#CONFIG_MBEDTLS_MAC_ALL_ENABLED=n
#CONFIG_MBEDTLS_ECP_ALL_ENABLED=y  Failed, dont have some crypto implementations?
#CONFIG_MBEDTLS_KEY_EXCHANGE_SOME_PSK_ENABLED=n
#CONFIG_MBEDTLS_PK_C=y
#CONFIG_MBEDTLS_PK_PARSE_C=y
#CONFIG_MBEDTLS_PK_WRITE_C=y
#CONFIG_MBEDTLS_PKCS5_C=y

# save some flash by not having the PEM translate code (default is n)
#CONFIG_MBEDTLS_PEM_CERTIFICATE_FORMAT=n

# use CryptoCell backend not Oberon to avoid 0x3b00 error parsing certificates?
#CONFIG_CC3XX_BACKEND=y
#CONFIG_OBERON_BACKEND=n
# Use PSA
#CONFIG_MBEDTLS_LEGACY_CRYPTO_C=n

Any comments or hints welcome, maybe this will help someone else. My way forward now is to create a "IOT device" specific web url on my server with a self-signed certif (RSA 2048) and hope that will work.

RE: nrf5340 NCS 2.8 cannot get TLS socket to load CA certif due to net_sock_tls / mbedtls error -0x262e

BrianW — Thu, 16 Jan 2025 08:31:59 GMT

Yes, I have already applied the principals from this page: however it does NOT offer any information about reducing the size of the crypto or wpa-supp code.

I have already found that 2 methods can be useful : reducing the 'compiled in logs level' in zephyr modules (using CONIFG_XXX_LOG_LEVEL_WRN=y to avoid info logs for module XXX) and disabling wpa-supplicant features (WPA3/AP/WEP/P2P etc).

[quote userid="77782" url="~/f/nordic-q-a/117913/nrf5340-ncs-2-8-cannot-get-tls-socket-to-load-ca-certif-due-to-net_sock_tls-mbedtls-error--0x262e/518506"]That config file is only usable with MBEDTLS_BUILTIN. It can't use a preconfigured header file with our system. You can however configure the features equivalent to what is the content of this file. [/quote]

Any examples of a config that does that? I would like to disable EC crypto for example, but even when I request this

CONFIG_MBEDTLS_ECP_C=n

The autoconf.h still has

#define CONFIG_MBEDTLS_ECP_C 1

which is not the case for the 'mini' TLS config!

RE: nrf5340 NCS 2.8 cannot get TLS socket to load CA certif due to net_sock_tls / mbedtls error -0x262e

Amanda Hsieh — Wed, 15 Jan 2025 18:00:26 GMT

[quote user=""]CONFIG_MBEDTLS_CFG_FILE="config-mini-tls1_2.h"[/quote]

That config file is only usable with MBEDTLS_BUILTIN. It can't use a preconfigured header file with our system. You can however configure the features equivalent to what is the content of this file.

[quote user="BrianW"] is it possible to reduce its footprint?[/quote]

You can refer to the Memory footprint optimization.

RE: nrf5340 NCS 2.8 cannot get TLS socket to load CA certif due to net_sock_tls / mbedtls error -0x262e

BrianW — Tue, 14 Jan 2025 15:39:03 GMT

[quote userid="77782" url="~/f/nordic-q-a/117913/nrf5340-ncs-2-8-cannot-get-tls-socket-to-load-ca-certif-due-to-net_sock_tls-mbedtls-error--0x262e/518219"]Why do you insist to use the config-min-tls1_2.h config file?[/quote]

Because I am very short of flash space, and the networking code is a huge reason for that. So I want to ensure I only have the minimum set of crypto to run tls1.2 with RSA certifs.

For example, the https_client sample has exactly 372 lines in its app source file (main.c), but builds an image that is 658kB (>75% of available flash on an nrf5340). And the default RAM setup uses >75% of available RAM!

Memory region Used Size Region Size %age Used
FLASH: 658596 B 848 KB 75.84%
RAM: 310240 B 400 KB 75.74%

And thats only zephyr+networking! If I also want NFC, BLE GATT server, BLE scanning, USB etc (and maybe some space for my app code eh?) it just doesn't work with the sample config.

So I need to trim the network to the minimum for TLS1.2 (and this is obviously a common requirement as mbedtls went to the trouble of creating a specific config file for that!).

Any ideas on a config for that?

Also, wpa_supp has a lot of functionality- is it possible to reduce its footprint? (for example, I really only need to handle WPA2-PER type APs, not all the other possibilities...)

RE: nrf5340 NCS 2.8 cannot get TLS socket to load CA certif due to net_sock_tls / mbedtls error -0x262e

Amanda Hsieh — Mon, 13 Jan 2025 17:21:01 GMT

Hi,

[quote user="BrianW"]what is the correct KConfig setup to get a minimum TLS1.2 setup (ie functionally as per the config-min-tls1_2.h config file) when using nrf-security (as this seems to be obligatory) and PSA mode?[/quote]

Why do you insist to use the config-min-tls1_2.h config file?

The default configs setting of the http_client sample can support TLS 1.2, and the MBEDTLS_RSA_C is also shown in the build/generated/library_nrf_security_psa/nrf-config.h

-Amanda H.

RE: nrf5340 NCS 2.8 cannot get TLS socket to load CA certif due to net_sock_tls / mbedtls error -0x262e

BrianW — Mon, 13 Jan 2025 09:41:23 GMT

Thanks, but

a) the wif connection is working fine thanks

b) the 'https' client sample is where I started from

And lets be clear, the https client sample is not even close to a real usable https client. It's a http client implementation that is so basic and dumb that it's not useful for any real https server (no handling of headers, async operation, etc), it serves only to say 'look, you can ping a https server on a nordic chip'. As the basis for any real application its just a dead-end. And as the selection of the prj.conf options are not explained (why these options, and what the impacts are) it doesn't even serve as a good training example!

Therefore as soon as it becomes necessary to work in the real world it doesn't answer questions like 'how to get tls to work in a restricted memory size' or 'which KConfig options do what' and in particular 'between all the different architectural options (mbedtls 'standard', 'zephyr', 'nrf-security', with/without 'PSA') which are useable and which are not.

So, to return to my question: what is the correct KConfig setup to get a minimum TLS1.2 setup (ie functionally as per the config-min-tls1_2.h config file) when using nrf-security (as this seems to be obligatory) and PSA mode?

thanks

RE: nrf5340 NCS 2.8 cannot get TLS socket to load CA certif due to net_sock_tls / mbedtls error -0x262e

Amanda Hsieh — Fri, 10 Jan 2025 22:49:22 GMT

Please check out the HTTPS Client Sample and the Wi-Fi Fundamentals Course.

RE: nrf5340 NCS 2.8 cannot get TLS socket to load CA certif due to net_sock_tls / mbedtls error -0x262e

BrianW — Fri, 10 Jan 2025 11:29:49 GMT

[quote userid="134465" url="~/f/nordic-q-a/117913/nrf5340-ncs-2-8-cannot-get-tls-socket-to-load-ca-certif-due-to-net_sock_tls-mbedtls-error--0x262e"]So finally my question : how do I get the nrf wrappers round the zephyr KConfig to accept that I want to use a specific mbedtls config, which includes MBEDTLS_RSA_C?[/quote]

If I add CONFIG_MBEDTLS_RSA_C=y, then my flash overflows...

prj.conf:

CONFIG_NRF_SECURITY=y

CONFIG_MBEDTLS_LIBRARY_NRF_SECURITY=y

# TLS configuration - don't want everything in mbedtls as far too big

#CONFIG_CUSTOM_MBEDTLS_CFG_FILE=y

#CONFIG_MBEDTLS_CFG_FILE="config-mini-tls1_2.h"

CONFIG_MBEDTLS=y

CONFIG_MBEDTLS_DTLS=n

CONFIG_MBEDTLS_TLS_VERSION_1_2=y

CONFIG_MBEDTLS_RSA_C=y

So, I thought I'd remove EC crypto (as I can use just RSA certificates)?

CONFIG_MBEDTLS_ECDH_C=n

but KConfig is conflicted about this.

warning: MBEDTLS_PK_WRITE_C (defined at C:/ncs/v2.8.0/nrf\subsys\nrf_security\Kconfig.legacy:875, C:/ncs/v2.8.0/zephyr/modules/mbedtls\Kconfig.tls-generic:470, modules\mbedtls\Kconfig.tls-generic:470) has direct dependencies (MBEDTLS_PK_C && NRF_SECURITY) || (MBEDTLS_BUILTIN && MBEDTLS_CFG_FILE = "config-tls-generic.h" && MBEDTLS) || (MBEDTLS_BUILTIN && MBEDTLS_CFG_FILE = "config-tls-generic.h" && MBEDTLS && 0) with value n, but is currently being y-selected by the following symbols:
- WIFI_NM_WPA_SUPPLICANT_CRYPTO_ALT_LEGACY_NCS (defined at C:/ncs/v2.8.0/zephyr/modules/hostap/Kconfig:215, modules/hostap/Kconfig:215, modules\hostap\Kconfig:215), with value y, direct dependencies <choice WIFI_NM_WPA_SUPPLICANT_CRYPTO_BACKEND> || <choice WIFI_NM_WPA_SUPPLICANT_CRYPTO_BACKEND> || <choice WIFI_NM_WPA_SUPPLICANT_CRYPTO_BACKEND> (value: y), and select condition <choice WIFI_NM_WPA_SUPPLICANT_CRYPTO_BACKEND> (value: y)

Adding

CONFIG_MBEDTLS_ECDSA_C=n

fixed KConfig, but now the compile fails:

C:/ncs/v2.8.0/modules/lib/hostap/src/crypto/crypto_mbedtls_alt.c: In function 'crypto_ec_key_parse_priv':
C:/ncs/v2.8.0/modules/lib/hostap/src/crypto/crypto_mbedtls_alt.c:2354:5: error: unknown type name 'mbedtls_pk_context'; did you mean 'mbedtls_dhm_context'?
 2354 |     mbedtls_pk_context *ctx = os_malloc(sizeof(*ctx));
      |     ^~~~~~~~~~~~~~~~~~
      |     mbedtls_dhm_context
C:/ncs/v2.8.0/modules/lib/hostap/src/crypto/crypto_mbedtls_alt.c:2357:5: warning: implicit declaration of function 'mbedtls_pk_init'; did you mean 'mbedtls_mpi_init'? [-Wimplicit-function-declaration]
 2357 |     mbedtls_pk_init(ctx);
      |     ^~~~~~~~~~~~~~~
      |     mbedtls_mpi_init
C:/ncs/v2.8.0/modules/lib/hostap/src/crypto/crypto_mbedtls_alt.c:2361:9: warning: implicit declaration of function 'mbedtls_pk_parse_key'; did you mean 'mbedtls_ecp_write_key'? [-Wimplicit-function-declaration]
 2361 |     if (mbedtls_pk_parse_key(ctx, der, der_len, NULL, 0, mbedtls_ctr_drbg_random, crypto_mbedtls_ctr_drbg()) == 0)
      |         ^~~~~~~~~~~~~~~~~~~~
      |         mbedtls_ecp_write_key
C:/ncs/v2.8.0/modules/lib/hostap/src/crypto/crypto_mbedtls_alt.c:2365:5: warning: implicit declaration of function 'mbedtls_pk_free'; did you mean 'mbedtls_mpi_free'? [-Wimplicit-function-declaration]
 2365 |     mbedtls_pk_free(ctx);
      |     ^~~~~~~~~~~~~~~
      |     mbedtls_mpi_free
In file included from C:/ncs/v2.8.0/modules/crypto/mbedtls/include/mbedtls/oid.h:17,
                 from C:/ncs/v2.8.0/modules/lib/hostap/src/crypto/crypto_mbedtls_alt.c:2371:
C:/ncs/v2.8.0/modules/crypto/mbedtls/include/mbedtls/pk.h: At top level:
C:/ncs/v2.8.0/modules/crypto/mbedtls/include/mbedtls/pk.h:310:6: warning: conflicting types for 'mbedtls_pk_init'; have 'void(mbedtls_pk_context *)'
  310 | void mbedtls_pk_init(mbedtls_pk_context *ctx);
      |      ^~~~~~~~~~~~~~~
C:/ncs/v2.8.0/modules/lib/hostap/src/crypto/crypto_mbedtls_alt.c:2357:5: note: previous implicit declaration of 'mbedtls_pk_init' with type 'void(mbedtls_pk_context *)'
 2357 |     mbedtls_pk_init(ctx);
      |     ^~~~~~~~~~~~~~~
C:/ncs/v2.8.0/modules/crypto/mbedtls/include/mbedtls/pk.h:323:6: warning: conflicting types for 'mbedtls_pk_free'; have 'void(mbedtls_pk_context *)'
  323 | void mbedtls_pk_free(mbedtls_pk_context *ctx);
      |      ^~~~~~~~~~~~~~~
C:/ncs/v2.8.0/modules/lib/hostap/src/crypto/crypto_mbedtls_alt.c:2365:5: note: previous implicit declaration of 'mbedtls_pk_free' with type 'void(mbedtls_pk_context *)'
 2365 |     mbedtls_pk_free(ctx);
      |     ^~~~~~~~~~~~~~~
C:/ncs/v2.8.0/modules/lib/hostap/src/crypto/crypto_mbedtls_alt.c: In function 'crypto_mbedtls_pk_parse_subpubkey_compressed':
C:/ncs/v2.8.0/modules/lib/hostap/src/crypto/crypto_mbedtls_alt.c:2473:14: warning: implicit declaration of function 'crypto_mbedtls_short_weierstrass_derive_y' [-Wimplicit-function-declaration]
 2473 |           || crypto_mbedtls_short_weierstrass_derive_y(ecp_kp_grp, Y, (*p & 1));
      |              ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[246/718] Building C object zephyr/lib/libc/common/CMakeFiles/lib__libc__common.dir/source/time/asctime.c.obj
ninja: build stopped: subcommand failed.
FATAL ERROR: command exited with status 1: 'C:\ncs\toolchains\2d382dcd92\opt\bin\cmake.EXE' --build 'C:\work\dev\if-device-nrf53\cc1-med\build'

How can I get a minimum TLS1.2 capable mbedtls build?

RE: nrf5340 NCS 2.8 cannot get TLS socket to load CA certif due to net_sock_tls / mbedtls error -0x262e

BrianW — Fri, 10 Jan 2025 10:56:03 GMT

[quote userid="134465" url="~/f/nordic-q-a/117913/nrf5340-ncs-2-8-cannot-get-tls-socket-to-load-ca-certif-due-to-net_sock_tls-mbedtls-error--0x262e"]

Also, it seems the sockets TLS code is hardcoded to use mbedtls functions : is there an alternative (which might take up less flash space, eg tinycrypt?

Naively I though I could just do

CONFIG_NRF_SECURITY=n

CONFIG_MBEDTLS=n

CONFIG_TINYCRYPT=y

but no joy (although maybe this is because its forcing mbedtls/nrf_security?)

[/quote]

I note the latest Zephyr release notes indicate that tinycrypt is effectively depreciated in favour of mbedtls, and also that it maybe never supported networking TLS operation...

RE: nrf5340 NCS 2.8 cannot get TLS socket to load CA certif due to net_sock_tls / mbedtls error -0x262e

Amanda Hsieh — Thu, 09 Jan 2025 19:55:25 GMT

Hi,

Check out this post.

Regards,
Amanda H.