Page 1 of 1
With Hardware AES enabled, mbedtls_aes_init is not available anymore
Posted: Thu Mar 26, 2020 5:11 pm
by jumjum123
In our application we use some mbedtls_aes-functions.
If Hardware AES is enabled, linker runs into undefined reference
With Hardware AES disabled, this does not happen.
Is this a bug ? Or what is the reason ?
Re: With Hardware AES enabled, mbedtls_aes_init is not available anymore
Posted: Thu Mar 26, 2020 10:41 pm
by ESP_Angus
Hi jumjum,
When hardware AES is enabled in the project config, we enable the MBEDTLS_AES_ALT config option for the mbedtls build and use the header in components/mbedtls/port/include/aes_alt.h to redefine functions such as mbedtls_aes_init to esp_aes_init at compile time (all the mbedtls_aes_* functions are redefined in this way).
This means that if the project configuration setting for Hardware AES is changed, all source files need to be compiled to include the new mbedTLS config header. This should happen automatically if all the source files are built as part of the ESP-IDF build system. However if you have (for example) a prebuilt static library then you may need to rebuild this yourself against the new config.
If you think this is a bug in the ESP-IDF build system then please provide some more details (ESP-IDF version, what file(s) have the linker errors, how these files are built, etc) and we can help you debug.
Angus
Re: With Hardware AES enabled, mbedtls_aes_init is not available anymore
Posted: Fri Mar 27, 2020 12:17 pm
by jumjum123
Hello Angus,
thanks for feedback. Let me try to give some more information.
Somewhere in my mind is something about this problem already appeared in esp-idf V3.2 but I'm not sure on that
Anyway, I was able to drill it down to this, using esp-idf master some days old.
1. clone esp-idf-template to directory named app
2. run . ./export.sh
3. cd to directory app (which holds everything from esp-idf-template now)
4. idf.py menuconfig
5. in component config -> mbedtls, disable option Enable hardware AES acceleration
6. exit menuconfig with save
7. idf.py fullclean
8. idf.py build
9. cd app/build/esp-idf/mbedtls/mbedtls/library
10. nm libmbedcrypto.a >libmbedcryptoNoHW.lst
goto step 5 but this time Enable option Enable hardware AES acceleration
do step 6 to 9
do step 10 to libmbedcryptoHW.lst
In libmbedcryptoNoHW.lst is a long list of 00000000 T mbedtls_aes_XXXXX where XXXXX is init,free, etc.
In libmbedcryptoHW.lst is no entry for mbedtls_aes_....
Hope this information is helpful to help me.