Hi,
I am still unable to build MBedTLS without PSA - I get the following error:
In file included from mbedtls/library/psa_crypto_driver_wrappers.c:10: mbedtls/library/psa_crypto_aead.h:12:24: psa/crypto.h: No such file or directory In file included from mbedtls/library/psa_crypto_driver_wrappers.c:10: mbedtls/library/psa_crypto_aead.h:67: error: syntax error before "mbedtls_psa_aead_encrypt" mbedtls/library/psa_crypto_aead.h:68: warning: type defaults to `int' in declaration of `psa_key_attributes_t' mbedtls/library/psa_crypto_aead.h:68: error: syntax error before '*' token mbedtls/library/psa_crypto_aead.h:74: warning: type defaults to `int' in declaration of `mbedtls_psa_aead_encrypt' mbedtls/library/psa_crypto_aead.h:74: warning: data definition has no type or storage class mbedtls/library/psa_crypto_aead.h:130: error: syntax error before "mbedtls_psa_aead_decrypt" mbedtls/library/psa_crypto_aead.h:131: warning: type defaults to `int' in declaration of `psa_key_attributes_t' mbedtls/library/psa_crypto_aead.h:131: error: syntax error before '*' token mbedtls/library/psa_crypto_aead.h:137: warning: type defaults to `int' in declaration of `mbedtls_psa_aead_decrypt' mbedtls/library/psa_crypto_aead.h:137: warning: data definition has no type or storage class In file included from mbedtls/library/psa_crypto_driver_wrappers.c:11: mbedtls/library/psa_crypto_cipher.h:28: error: syntax error before "alg" mbedtls/library/psa_crypto_cipher.h:55: error: syntax error before "mbedtls_psa_cipher_encrypt_setup" mbedtls/library/psa_crypto_cipher.h:56: error: syntax error before '*' token mbedtls/library/psa_crypto_cipher.h:59: warning: type defaults to `int' in declaration of `mbedtls_psa_cipher_encrypt_setup' mbedtls/library/psa_crypto_cipher.h:59: warning: data definition has no type or storage class mbedtls/library/psa_crypto_cipher.h:85: error: syntax error before "mbedtls_psa_cipher_decrypt_setup" mbedtls/library/psa_crypto_cipher.h:86: error: syntax error before '*' token mbedtls/library/psa_crypto_cipher.h:89: warning: type defaults to `int' in declaration of `mbedtls_psa_cipher_decrypt_setup' mbedtls/library/psa_crypto_cipher.h:89: warning: data definition has no type or storage class mbedtls/library/psa_crypto_cipher.h:113: error: syntax error before "mbedtls_psa_cipher_set_iv" mbedtls/library/psa_crypto_cipher.h:114: error: syntax error before '*' token mbedtls/library/psa_crypto_cipher.h:115: warning: type defaults to `int' in declaration of `mbedtls_psa_cipher_set_iv' mbedtls/library/psa_crypto_cipher.h:115: warning: data definition has no type or storage class mbedtls/library/psa_crypto_cipher.h:138: error: syntax error before "mbedtls_psa_cipher_update" mbedtls/library/psa_crypto_cipher.h:139: error: syntax error before '*' token mbedtls/library/psa_crypto_cipher.h:141: warning: type defaults to `int' in declaration of `mbedtls_psa_cipher_update' mbedtls/library/psa_crypto_cipher.h:141: warning: data definition has no type or storage class mbedtls/library/psa_crypto_cipher.h:169: error: syntax error before "mbedtls_psa_cipher_finish" mbedtls/library/psa_crypto_cipher.h:170: error: syntax error before '*' token mbedtls/library/psa_crypto_cipher.h:171: warning: type defaults to `int' in declaration of `mbedtls_psa_cipher_finish' mbedtls/library/psa_crypto_cipher.h:171: warning: data definition has no type or storage class mbedtls/library/psa_crypto_cipher.h:188: error: syntax error before "mbedtls_psa_cipher_abort" mbedtls/library/psa_crypto_cipher.h:188: error: syntax error before '*' token mbedtls/library/psa_crypto_cipher.h:188: warning: type defaults to `int' in declaration of `mbedtls_psa_cipher_abort' mbedtls/library/psa_crypto_cipher.h:188: warning: data definition has no type or storage class mbedtls/library/psa_crypto_cipher.h:232: error: syntax error before "mbedtls_psa_cipher_encrypt" mbedtls/library/psa_crypto_cipher.h:232: warning: type defaults to `int' in declaration of `psa_key_attributes_t' mbedtls/library/psa_crypto_cipher.h:232: error: syntax error before '*' token
Regards, Prakash
On Fri, Mar 15, 2024 at 6:13 AM Satya Prakash Prasad satyaprakash.developer.unix@gmail.com wrote:
Hi,
Please also let me know the features of PSA in MbedTLS. I found this related document - https://mbed-tls.readthedocs.io/en/latest/getting_started/psa/.
Is PSA related to Platform Security Architecture how the same is related to TLS security?
Please provide some more information on it.
Regards, Prakash
On Thu, Mar 14, 2024 at 5:09 AM Satya Prakash Prasad satyaprakash.developer.unix@gmail.com wrote:
Hi,
Many thanks for your reply. Can you please also let me know the features of PSA in MbedTLS. I found this related document - https://mbed-tls.readthedocs.io/en/latest/getting_started/psa/.
Is PSA related to Platform Security Architecture?
Please provide some more information on it.
Regards, Prakash
On Wed, Mar 13, 2024 at 8:54 PM Gilles Peskine gilles.peskine@arm.com wrote:
Hi Prakash,
To disable PSA crypto, disable all the options that start with MBEDTLS_PSA. From the default configuration, that means commenting out these three options:
//#define MBEDTLS_PSA_CRYPTO_C //#define MBEDTLS_PSA_CRYPTO_STORAGE_C //#define MBEDTLS_PSA_ITS_FILE_C
The errors you list show that you started from a different configuration that has a lot more enabled. It's difficult to help without knowing what, but I recommend that you just start with the default configuration, or start with an empty configuration and build up to what you want.
Best regards,
-- Gilles Peskine Mbed TLS developer
On 13/03/2024 05:12, Satya Prakash Prasad via mbed-tls wrote:
Hi,
I am trying to compile MbedTLS 3.5.2 release without PSA but get below error message:
mbedtls/check_config.h:62:2: #error "MBEDTLS_ECP_DP_BP256R1_ENABLED defined, but not its PSA counterpart" mbedtls/check_config.h:66:2: #error "MBEDTLS_ECP_DP_BP384R1_ENABLED defined, but not its PSA counterpart" mbedtls/check_config.h:70:2: #error "MBEDTLS_ECP_DP_BP512R1_ENABLED defined, but not its PSA counterpart" mbedtls/check_config.h:74:2: #error "MBEDTLS_ECP_DP_CURVE25519_ENABLED defined, but not its PSA counterpart" mbedtls/check_config.h:78:2: #error "MBEDTLS_ECP_DP_CURVE448_ENABLED defined, but not its PSA counterpart" mbedtls/check_config.h:82:2: #error "MBEDTLS_ECP_DP_SECP192R1_ENABLED defined, but not its PSA counterpart" mbedtls/check_config.h:86:2: #error "MBEDTLS_ECP_DP_SECP224R1_ENABLED defined, but not its PSA counterpart" mbedtls/check_config.h:90:2: #error "MBEDTLS_ECP_DP_SECP256R1_ENABLED defined, but not its PSA counterpart" mbedtls/check_config.h:94:2: #error "MBEDTLS_ECP_DP_SECP384R1_ENABLED defined, but not its PSA counterpart" mbedtls/check_config.h:98:2: #error "MBEDTLS_ECP_DP_SECP521R1_ENABLED defined, but not its PSA counterpart" mbedtls/check_config.h:102:2: #error "MBEDTLS_ECP_DP_SECP192K1_ENABLED defined, but not its PSA counterpart" mbedtls/check_config.h:111:2: #error "MBEDTLS_ECP_DP_SECP256K1_ENABLED defined, but not its PSA counterpart" mbedtls/check_config.h:391:2: #error "MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED defined, but not all prerequisites" mbedtls/check_config.h:397:2: #error "MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED defined, but not all prerequisites" mbedtls/check_config.h:406:2: #error "MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED defined, but not all prerequisites" mbedtls/check_config.h:418:2: #error "MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED defined, but not all prerequisites" mbedtls/check_config.h:425:2: #error "MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED defined, but not all prerequisites" mbedtls/check_config.h:481:2: #error "MBEDTLS_LMS_C requires MBEDTLS_PSA_CRYPTO_C and PSA_WANT_ALG_SHA_256" mbedtls/check_config.h:725:2: #error "MBEDTLS_PLATFORM_NV_SEED_ALT defined, but not all prerequisites" mbedtls/check_config.h:879:2: #error "MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_EPHEMERAL_ENABLED defined, but not all prerequisites" mbedtls/check_config.h:885:2: #error "MBEDTLS_SSL_TLS1_3_KEY_EXCHANGE_MODE_PSK_EPHEMERAL_ENABLED defined, but not all prerequisites"
Regards, Prakash