OK, I was indeed making a mistake. In my test application, I was using a "finder" for MbedTLS (FindMbedTLS.cmake). The finder was properly looking for include files and libraries mbedtls, mbedtls_x509 and mbedtls_crypto. But it was exporting libraries in the wrong order, resulting in lots of linker errors. And looking at these errors I wrongly concluded that the PSA functions were not generated, and started messing with mbedtls_config.h. I fixed the order of the libraries as explained in a part of the README.md that I overlooked, and the default configuration just works.

-- Christian Huitema

On 5/12/2024 6:58 PM, Christian Huitema via mbed-tls wrote:

I am testing a test program in an Ubuntu VM, and I have an issue.

I started by configuring MbedTLS in "full" mode (scripts/config.py full), but in that case the linker fails, "in function `psa_load_builtin_key_into_slot`, psa_crypto_slot_management.c: undefined reference to 'mbedtls_psa_platform_get_builtin_key`.

I can suppress the error by editing `include\mbedtls\mbedtls_config.h` and removing the option `MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS`. The compile succeeds, but the call to `psa_crypto_init` fails when initializing the RNG module.

I am struggling. I must be making some mistake, I will keep trying to understand, but I would appreciate a little bit of help!

-- Christian Huitema