Hello,
Does nrf_cc3xx_platform_init takes care of initialization of the cryptocell hardware and also initialization of rng, ecb, ccm peripherals?
Hello,
Does nrf_cc3xx_platform_init takes care of initialization of the cryptocell hardware and also initialization of rng, ecb, ccm peripherals?
Hi,
The other blocks of the CryptoCell (ECB, CCM) do not need a specific initialization like the RNG block, they are enabled and initialized by the functions which use them.
Regards,
Amanda
Hello,
Could you please help and confirm our understanding that nrf_cc3xx_platform library and nrf_cc3xx_mbedcrypto library are built with mbedtls library 3.0.0?
This is based on information we got from this link Library built against Mbed TLS version 3.0.0.
But when we try to call APIs like psa_crypto_init() after including nrf_cc3xx_platform library and nrf_cc3xx_mbedcrypto library we see undefined reference error.
Hi,
What NCS version are you using? The compatibility with Mbed TLS 3.0.0 is from NCS v1.9.0.
Do you include psa/crypto.h as this sample?
-Amanda
Hello,
We have integrated the nrf_cc3xx_platform and nrf_cc3xx_mbedcrypto library to different OS and not using nrf-connect-sdk.
Would like to confirm if integrating these two libraries with psa/crypto.h header included be sufficient to call psa_crypto_init() API.
As this link Library built against Mbed TLS version 3.0.0 suggests that these libraries are built with mbedtls library.
We are using latest versions of nrf_cc3xx_platform and nrf_cc3xx_mbedcrypto libraries.
Hi,
We don't support the library in non-NCS environments, unfortunately.
In our SDK, we use the MbedTLS repository to provide the high-level interfaces (for the mbedtls_* APIs and for the psa_* APIs). We build the MbedTLS codebase and integrate them with our binary libraries. Because we do this integration the APIs provided by the binary libraries need to be compatible with the MbedTLS version that we use in our SDK. This is what the sentence that you are referring to means, it is a way to say that "we are compatible with this MbedTLS version".
The integration is not very simple and it is not a matter of integrating a single file.
On the other hand, the integration is open source and it can be found in nrf_security: https://github.com/nrfconnect/sdk-nrfxlib/tree/main/nrf_security
And in the cmake logic here: https://github.com/nrfconnect/sdk-nrfxlib/tree/main/crypto
-Amanda
Hi,
We don't support the library in non-NCS environments, unfortunately.
In our SDK, we use the MbedTLS repository to provide the high-level interfaces (for the mbedtls_* APIs and for the psa_* APIs). We build the MbedTLS codebase and integrate them with our binary libraries. Because we do this integration the APIs provided by the binary libraries need to be compatible with the MbedTLS version that we use in our SDK. This is what the sentence that you are referring to means, it is a way to say that "we are compatible with this MbedTLS version".
The integration is not very simple and it is not a matter of integrating a single file.
On the other hand, the integration is open source and it can be found in nrf_security: https://github.com/nrfconnect/sdk-nrfxlib/tree/main/nrf_security
And in the cmake logic here: https://github.com/nrfconnect/sdk-nrfxlib/tree/main/crypto
-Amanda