I'm encountering a build error when compiling a project with both Wi-Fi and the PSA Driver for CryptoCell enabled in nRF Connect SDK v2.9.0. The error occurs in crypto_mbedtls_alt.c, indicating that mbedtls_dhm_context does not have a member named private_X.
Error log:
~/ncs/v2.9.0/modules/lib/hostap/src/crypto/crypto_mbedtls_alt.c: In function 'crypto_mbedtls_dh_init_public':
~/ncs/v2.9.0/modules/lib/hostap/src/crypto/crypto_mbedtls_alt.c:1479:41: error: 'mbedtls_dhm_context' has no member named 'private_X'
1479 | return mbedtls_mpi_write_binary(&ctx->MBEDTLS_PRIVATE(X), privkey, prime_len) ? -1 : 0;
| ^~
~/ncs/v2.9.0/modules/lib/hostap/src/crypto/crypto_mbedtls_alt.c: In function 'crypto_dh_derive_secret':
~/ncs/v2.9.0/modules/lib/hostap/src/crypto/crypto_mbedtls_alt.c:1540:45: error: 'mbedtls_dhm_context' has no member named 'private_X'
1540 | mbedtls_mpi_read_binary(&ctx.MBEDTLS_PRIVATE(X), privkey, privkey_len) ||
| ^
It seems that the alternative MbedTLS headers in the nrf_cc3xx_mbedcrypto lib do not follow the MBEDTLS_PRIVATE macro convention for defining private struct members in more recent versions of MbedTLS. However, I’m not certain if this is the actual cause or how to resolve it.
I will attach a minimal example that replicates the issue.
Setup:
- Board: nRF7002DK (nRF5340)
- nRF Connect SDK version: v2.9.0
- Build command:
west build --board nrf7002dk/nrf5340/cpuapp --sysbuild
proj.conf (for quick reference):
CONFIG_NETWORKING=y CONFIG_WIFI=y CONFIG_WIFI_NRF70=y CONFIG_NRF_SECURITY=y CONFIG_PSA_CRYPTO_DRIVER_CC3XX=y
Is this a known issue, or is there a recommended workaround? Any guidance would be appreciated.
