• State Not Answered
  • Replies 3 replies
  • Subscribers 74 subscribers
  • Views 1767 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 249693
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

nrfxlib: Undefined reference 'mbedtls_entropy_func'

trembel

Hi,

Trying to implement ECDH I struggled creating the random seed. Using Nordic Security Backend and Vanilla Mbedtls on the nRF5340 I get the following errors:

path/mbedtls/ecdh-p256/build/../src/main.c:19: undefined reference to `mbedtls_entropy_init'
path/mbedtls/ecdh-p256/build/../src/main.c:25: undefined reference to `mbedtls_entropy_func'

Minimal non working example:

prj.conf

CONFIG_NORDIC_SECURITY_BACKEND=y

CONFIG_ENTROPY_GENERATOR=y
CONFIG_MBEDTLS_ENTROPY_ENABLED=y
CONFIG_NRF_SECURITY_RNG=y

CONFIG_MBEDTLS_ENABLE_HEAP=y
CONFIG_MBEDTLS_HEAP_SIZE=4096

main.c

#include <mbedtls/ctr_drbg.h>
#include <mbedtls/entropy.h>
#include <stdio.h>
#include <zephyr.h>

void main(void) {
  mbedtls_entropy_context entropy;
  mbedtls_ctr_drbg_context ctr_drbg; // random number generator

  mbedtls_ctr_drbg_init(&ctr_drbg);

  mbedtls_entropy_init(&entropy);

  int res =
      mbedtls_ctr_drbg_seed(&ctr_drbg, mbedtls_entropy_func, &entropy, NULL, 0);
  printf("%d", res);

}

I assume there is an error or in my configuration, or in the Nordic Security Backend - since it seems that <mbedtls/entropy.h> does not work correctly.

Following change lets the example compile (but is not what I want, since I later woud like to change to CC-312):

prj.conf

CONFIG_MBEDTLS=y

CONFIG_ENTROPY_GENERATOR=y
CONFIG_MBEDTLS_ENTROPY_ENABLED=y
CONFIG_NRF_SECURITY_RNG=y

CONFIG_MBEDTLS_ENABLE_HEAP=y
CONFIG_MBEDTLS_HEAP_SIZE=4096

  • 0

    Hi,

    The nordic security backend does not provide an entropy source on the nRF5340 yet since the CC312 driver is not yet available. The other alternative, the RNG peripheral, is not accessible from the application core. Since you anyway cannot get an entry source now nor ECDH HW accelerated, I suggest just using "CONFIG_MBEDTLS=y" for now (in evaluation or early development I assume), and switching to the nordic security backend once the CC312 driver is available.

  • 0 in reply to Einar Thorsrud

    Hmm... I tried switching to CONFIG_MBEDTLS=y (without nrf sec backend). Now it compiles, but returns:

    CTR_DRBG - The entropy source failed

    Do I have to call entropy_add_source()? If yes, what do I take as source for the entropy generator (software-entropy)?

  • 0 in reply to trembel

    Hi,

    If you want to make an entropy source based on some other HW peripheral (SAADC for instance), then you could write some SW fro that an add it. But assuming this is just for testing development and that you currently don't need real randomness, then you can configure mbedTLS to use seed from flash by defining MBEDTLS_ENTROPY_NV_SEED and doing as described here, or even define MBEDTLS_TEST_NULL_ENTROPY which is the simplest. This is of course only suitable for testing and should never be used in production.

Related
Terms of service