Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SecureStore requires MBEDTLS_CIPHER_MODE_CTR to compile #8865

Closed
artokin opened this issue Nov 26, 2018 · 5 comments · Fixed by #8987
Closed

SecureStore requires MBEDTLS_CIPHER_MODE_CTR to compile #8865

artokin opened this issue Nov 26, 2018 · 5 comments · Fixed by #8987
Assignees
@davidsaada

Comments

@artokin
Copy link
Contributor

artokin commented Nov 26, 2018

Description

SecureStore requires mbedtls configuration flag MBEDTLS_CIPHER_MODE_CTR in order to compile.

We are using custom mbedtls configuration but we don't use SecureStore and we get following compilation error if MBEDTLS_CIPHER_MODE_CTR is not defined:

22:54:41 Compile [ 51.3%]: SecureStore.cpp
22:54:41
[Error] SecureStore.cpp@109,0: #20: identifier "mbedtls_aes_crypt_ctr" is undefined
22:54:42 [ERROR] "./mbed-os/features/storage/kvstore/securestore/SecureStore.cpp", line 109: Error: #20: identifier "mbedtls_aes_crypt_ctr" is undefined
22:54:42 ./mbed-os/features/storage/kvstore/securestore/SecureStore.cpp: 0 warnings, 1 error
22:54:42
22:54:42 [mbed] ERROR: "/usr/bin/python" returned error.

Would it be possible to have conditional compilation in the SecureStore component in order to avoid such compilation error? If all prerequisites are not met then component should not compile.

Issue request type

[ ] Question
[x] Enhancement
[ ] Bug
@0xc0170
Copy link
Contributor

0xc0170 commented Nov 26, 2018

@ARMmbed/mbed-os-storage Please review

@ciarmcom
Copy link
Member

Internal Jira reference: https://jira.arm.com/browse/MBOCUSTRIA-195

@davidsaada
Copy link
Contributor

Will push a fix soon to fix this - SecureStore will depend on this flag (as well as on the CMAC one), meaning that by default, SecureStore will be enabled, but if a custom MBETLS config file is there - SecureStore will only be enabled if these flags are included.

@davidsaada davidsaada mentioned this issue Nov 26, 2018
Closed
@Patater
Copy link
Contributor

Patater commented Nov 28, 2018

K64F has PSA enabled by default. PSA depends on the SecureStore for implementing PSA internal storage (ITS). Will we also be making TARGET_PSA get conditionally defined based on whether SecureStore is available?

CC @alzix

@alzix
Copy link
Contributor

alzix commented Nov 29, 2018

@Patater it is not related to PSA internal storage PSA internal storage depends on internal TDBStore.
Thus i think it is not related to TARGET_PSA

@davidsaada davidsaada mentioned this issue Dec 6, 2018
Merged
artokin pushed a commit to PelionIoT/nanostack-border-router that referenced this issue Dec 12, 2018
Revert "Update mbedtls configuration (#148)"
49212df 
This reverts commit 020b4b3.

Issue ARMmbed/mbed-os#8865 is fixed in
mbed-os-5.11-rc3 and thus this commit can be reverted.
artokin pushed a commit to ARMmbed/mbed-os-example-mesh-minimal that referenced this issue Dec 12, 2018
Revert "Update mbedtls config (#231)"
aaaf58c 
This reverts commit 4221c41.

Issue ARMmbed/mbed-os#8865 is fixed in
mbed-os-5.11-rc3 and thus this commit can be reverted.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@davidsaada davidsaada

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix a few SecureStore issues (following preliminary security review) davidsaada/mbed-os
6 participants
@Patater @alzix @0xc0170 @artokin @ciarmcom @davidsaada