1

I am building an application for a Nordic NRF5240 with Zephyr. In my security code I am attempting to derive a session key with the following function:

int derive_session_key(const uint8_t *device_token_key,
                       const uint8_t *nonce1,
                       const uint8_t *nonce2,
                       uint16_t out_key_len,
                       uint8_t *output_key) {

    const uint8_t *ikm = device_token_key;
    const size_t ikm_len = TOKEN_KEY_SIZE;
    uint8_t salt[NONCE_SIZE];
    add_arrays(nonce1, nonce2, salt, NONCE_SIZE);
    const size_t salt_len = NONCE_SIZE;
    const uint8_t *info = (const uint8_t *)INFO_STR;
    const size_t info_len = strlen(INFO_STR);

    int ret = mbedtls_hkdf(
        mbedtls_md_info_from_type(MBEDTLS_MD_SHA256),
        salt, salt_len,
        ikm, ikm_len,
        info, info_len,
        output_key, out_key_len
    );

    if (ret != 0 ) {
        LOG_ERR("Error! Creating session key. Ret : %d", ret);
        return RET_ERROR;
    }

    return RET_OK;
}

My prj.conf contains the required configurations as follows :

# Enable Nordic Crypto backend
CONFIG_NRF_SECURITY=y

CONFIG_MBEDTLS=y
CONFIG_MBEDTLS_SHA256_C=y
CONFIG_MBEDTLS_PSA_CRYPTO_C=y
CONFIG_MBEDTLS_HKDF_C=y
CONFIG_MBEDTLS_BUILTIN=y
CONFIG_MBEDTLS_CIPHER_MODE_CBC=y
CONFIG_MBEDTLS_AES_C=y
CONFIG_MBEDTLS_HEAP_SIZE=8192
CONFIG_HEAP_MEM_POOL_SIZE=4096
CONFIG_MBEDTLS_ENABLE_HEAP=y

CONFIG_PSA_WANT_KEY_TYPE_AES=y
CONFIG_PSA_WANT_AES_KEY_SIZE_128=y
CONFIG_PSA_WANT_ALG_CMAC=y
CONFIG_PSA_WANT_ALG_ECB_NO_PADDING=y
CONFIG_PSA_WANT_ALG_CBC_NO_PADDING=y

The build keeps failing no matter what with the following linker errors. It can't find functions mbedtls_md_info_from_type or mbedtls_hkdf

/home/src/app_auth.c:356: undefined reference to `mbedtls_md_info_from_type'
/home/user/zephyr-sdk-0.17.0/arm-zephyr-eabi/bin/../lib/gcc/arm-zephyr-eabi/12.2.0/../../../../arm-zephyr-eabi/bin/ld.bfd: /home/src/app_auth.c:356: undefined reference to `mbedtls_hkdf'
collect2: error: ld returned 1 exit status
4
  • Which library contains those functions? Did you list the library on the linking command line after your object files? Commented Jul 20 at 13:41
  • @JonathanLeffler By using Zephyr the libraries to link against gets defined in the prj.conf file, the line CONFIG_MBEDTLS_HKDF_C=y should include this. Commented Jul 20 at 13:52
  • Please give us more context for the build, like the line containing the linker command. Commented Jul 20 at 16:02
  • Also make sure you're editing the right configuration file. Add something stupid to it that should lead to an error, and try to build again. If you don't get the error you're working on the wrong file. Commented Jul 20 at 16:03

0

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.