undefined reference to `mbedtls_aes_init' in SDK_2.9.0

Hi,

Do you have AES enabled in your project?

CONFIG_MBEDTLS_AES_C=y

Please upload the full build log as text using Insert > Code.

Best regards,
Marte

Hi,

I have already added this configuration, but it didn't change anything, so I created this thread.

c:/ncs/toolchains/b620d30767/opt/zephyr-sdk/arm-zephyr-eabi/bin/../lib/gcc/arm-zephyr-eabi/12.2.0/../../../../arm-zephyr-eabi/bin/ld.bfd.exe: app/libapp.a(Sunion_BleCmd.cpp.obj): in function `Sunion::BleCmd::SendBack(bt_conn*, unsigned char, unsigned char, unsigned char const*)':
C:/nordic_prj/DL02_S2MB_KPD_Small/src/Sunion_Function/Sunion_BleCmd.cpp:1374: undefined reference to `mbedtls_aes_init'
c:/ncs/toolchains/b620d30767/opt/zephyr-sdk/arm-zephyr-eabi/bin/../lib/gcc/arm-zephyr-eabi/12.2.0/../../../../arm-zephyr-eabi/bin/ld.bfd.exe: C:/nordic_prj/DL02_S2MB_KPD_Small/src/Sunion_Function/Sunion_BleCmd.cpp:1378: undefined reference to `mbedtls_aes_crypt_ecb'
c:/ncs/toolchains/b620d30767/opt/zephyr-sdk/arm-zephyr-eabi/bin/../lib/gcc/arm-zephyr-eabi/12.2.0/../../../../arm-zephyr-eabi/bin/ld.bfd.exe: C:/nordic_prj/DL02_S2MB_KPD_Small/src/Sunion_Function/Sunion_BleCmd.cpp:1380: undefined reference to `mbedtls_aes_free'
c:/ncs/toolchains/b620d30767/opt/zephyr-sdk/arm-zephyr-eabi/bin/../lib/gcc/arm-zephyr-eabi/12.2.0/../../../../arm-zephyr-eabi/bin/ld.bfd.exe: app/libapp.a(Sunion_BleCmd.cpp.obj): in function `Sunion::BleCmd::BLE_DataProcessor(unsigned char const*, unsigned char)':
C:/nordic_prj/DL02_S2MB_KPD_Small/src/Sunion_Function/Sunion_BleCmd.cpp:99: undefined reference to `mbedtls_aes_init'
c:/ncs/toolchains/b620d30767/opt/zephyr-sdk/arm-zephyr-eabi/bin/../lib/gcc/arm-zephyr-eabi/12.2.0/../../../../arm-zephyr-eabi/bin/ld.bfd.exe: C:/nordic_prj/DL02_S2MB_KPD_Small/src/Sunion_Function/Sunion_BleCmd.cpp:103: undefined reference to `mbedtls_aes_crypt_ecb'
c:/ncs/toolchains/b620d30767/opt/zephyr-sdk/arm-zephyr-eabi/bin/../lib/gcc/arm-zephyr-eabi/12.2.0/../../../../arm-zephyr-eabi/bin/ld.bfd.exe: C:/nordic_prj/DL02_S2MB_KPD_Small/src/Sunion_Function/Sunion_BleCmd.cpp:105: undefined reference to `mbedtls_aes_free'
collect2.exe: error: ld returned 1 exit status
ninja: build stopped: subcommand failed.
FATAL ERROR: command exited with status 1: 'C:\ncs\toolchains\b620d30767\opt\bin\cmake.EXE' --build C:/nordic_prj/DL02_S2MB_KPD_Small/build/DL02_S2MB_KPD_Small

Hi,

SunHuang said:

You can also create a new project, and you should be able to easily find the same error.

Alright, I may not have expressed myself clearly. Let me rephrase it. In a brand-new project, which configurations should I enable to use the AES functionality?

To prevent other potential issues, as per your request, I have attached all the modified files from the project.

7444.lock.zip

Hi,

You can solve the issue by enabling legacy mbedTLS crypto. However, Matter uses PSA crypto, and combining legacy and modern crypto drivers can cause issues. I strongly recommend using PSA crypto instead. You can find samples that use PSA crypto under the Cryptography samples section in our documentation.

To enable legacy crypto, set CONFIG_MBEDTLS_LEGACY_CRYPTO_C=y in prj.conf. Please note that this can result in issues and unexpected behavior.

Best regards,
Marte

Hi,

After using CONFIG_MBEDTLS_LEGACY_CRYPTO_C, many warnings appear during compilation, including prompts that CONFIG_MBEDTLS_LEGACY_CRYPTO_C has been deprecated. If you believe there are risks, please let me know how this version should be resolved.

Hi,

You should be fine if you use the PSA Crypto API, i.e., the modern crypto driver, instead of legacy. As I stated in my previous reply, PSA Crypto is used in our crypto samples, so I recommend looking at them to learn how to use it. You can see a list of samples here: Cryptograpghy samples.

Best regards,
Marte

Hi,

Due to some compatibility issues with the internal project, I am forced to use LEGACY encryption methods. If the current version can only be handled this way, I’ll have to make do. Nevertheless, I still appreciate your response.

Hi,

Due to some compatibility issues with the internal project, I am forced to use LEGACY encryption methods. If the current version can only be handled this way, I’ll have to make do. Nevertheless, I still appreciate your response.