• State Not Answered
  • Replies 1 reply
  • Subscribers 71 subscribers
  • Views 77 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 340652
Options

[nRF5340 + nRF7002] MbedTLS + WiFi BLE Provisioning

Sagar.K

Hello,

Development Environment :
SDK version: nRF Connect SDK v2.7.0
Toolchain version: nRF Connect SDK Toolchain v2.7.0
Development environment: Ubuntu 22.04
Development tool: Visual Studio Code
Development board: nrf7002dk_nrf5340_cpuapp_ns
Example refference path: ~/ncs/v2.7.0/nrf/samples/wifi/provisioning/ble

I have tried building the mentioned sample application for nrf7002dk_nrf5340_cpuapp_ns board and i am getting below error at runtime.

[00:00:01.438,110] <err> os: ***** SECURE FAULT *****
[00:00:01.438,110] <err> os: Address: 0x3
[00:00:01.438,140] <err> os: Attribution unit violation

So, my question is that can we successfully build and run the mentioned sample application for nrf7002dk_nrf5340_cpuapp_ns board or in general _ns board type ?

Also, I want to use the MbedTLS in my project. We are not able to build the project for nrf7002dk_nrf5340_cpuapp board when MbedTLS is enabled.

Got these errors :

  In file included from /home/guest/ncs/v2.7.0/modules/crypto/mbedtls/library/pk_internal.h:26,
                 from /home/guest/ncs/v2.7.0/modules/crypto/mbedtls/library/pk_wrap.c:14:
  /home/guest/ncs/v2.7.0/modules/crypto/mbedtls/library/pk_wrap.c: In function 'mbedtls_pk_psa_rsa_sign_ext':
  /home/guest/ncs/v2.7.0/modules/crypto/mbedtls/library/pk_internal.h:29:67: error: 'psa_to_pk_rsa_errors' undeclared (first use in this function); did you mean 'psa_to_md_errors'?
     29 |                                                                   psa_to_pk_rsa_errors,            \
      |                                                                   ^~~~~~~~~~~~~~~~~~~~
  /home/guest/ncs/v2.7.0/modules/crypto/oberon-psa-crypto/library/psa_util_internal.h:103:35: note: in definition of macro 'PSA_TO_MBEDTLS_ERR_LIST'
    103 |     psa_status_to_mbedtls(status, error_list,                         \
      |                                   ^~~~~~~~~~
  /home/guest/ncs/v2.7.0/modules/crypto/mbedtls/library/pk_wrap.c:331:15: note: in expansion of macro 'PSA_PK_RSA_TO_MBEDTLS_ERR'
    331 |         ret = PSA_PK_RSA_TO_MBEDTLS_ERR(status);
      |               ^~~~~~~~~~~~~~~~~~~~~~~~~
  /home/guest/ncs/v2.7.0/modules/crypto/mbedtls/library/pk_internal.h:29:67: note: each undeclared identifier is reported only once for each function it appears in
     29 |                                                                   psa_to_pk_rsa_errors,            \
      |                                                                   ^~~~~~~~~~~~~~~~~~~~
  /home/guest/ncs/v2.7.0/modules/crypto/oberon-psa-crypto/library/psa_util_internal.h:103:35: note: in definition of macro 'PSA_TO_MBEDTLS_ERR_LIST'
    103 |     psa_status_to_mbedtls(status, error_list,                         \
      |                                   ^~~~~~~~~~
  /home/guest/ncs/v2.7.0/modules/crypto/mbedtls/library/pk_wrap.c:331:15: note: in expansion of macro 'PSA_PK_RSA_TO_MBEDTLS_ERR'
    331 |         ret = PSA_PK_RSA_TO_MBEDTLS_ERR(status);
      |               ^~~~~~~~~~~~~~~~~~~~~~~~~
  [108/960] Building C object modules/nrf/subsys/nrf_security/src/CMakeFiles/mbedcrypto.dir/home/guest/ncs/v2.7.0/modules/crypto/mbedtls/library/rsa.c.obj
  ninja: build stopped: subcommand failed.
  FATAL ERROR: command exited with status 1: /home/guest/ncs/toolchains/e9dba88316/usr/local/bin/cmake --build /home/guest/Documents/Codes/mx-ng/build

So, another question is can we build the project for secure board configuration (nrf7002dk_nrf5340_cpuapp) when MbedTLS is enabled ?

In short what i want to ask is that can these two functionalities work together or not ?

Thank you.

  • 0

    Hi Sagar,

    Thanks for checking with us.Let me explain you questions one by one.

    my question is that can we successfully build and run the mentioned sample application for nrf7002dk_nrf5340_cpuapp_ns board or in general _ns board type ?

    It should work with most Wi-Fi samples when built with ns, but this option is not fully tested, and as you can see, it may not always work.

    The SECURE FAULT likely means that code from the non-secure domain is attempting to access secure memory.

    This is probably caused by memory restrictions since nrf7002dk/nrf5340/cpuapp already consumes a significant amount of resources, as noted in the Memory requirements for Bluetooth LE-based provisioning.

    So, another question is can we build the project for secure board configuration (nrf7002dk_nrf5340_cpuapp) when MbedTLS is enabled ?

    In short what i want to ask is that can these two functionalities work together or not ?

    You can refer to the sample Cellular: nRF Cloud multi-service, it also support nRF7002DK. Here the combination of nrf7002dk/nrf5340/cpuapp/ns and MbedTLS are enabled, which are more commenly used due to all the crypto operations are run on the secure side of the device.  nrf7002dk/nrf5340/cpuapp and MbedTLS may be possible but we do not have much reference to share.

    Best regards,
    Charlie

Related
Terms of service