-
Notifications
You must be signed in to change notification settings - Fork 7.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
mbedtls_aes_crypt_ofb unavailable if AES hardware acceleration is enabled (IDFGH-1050) #3372
Comments
mbedtls allows to use default config.h or user defined config file #if !defined(MBEDTLS_CONFIG_FILE) For esp32 default config.h file is overridden by esp_config.h in esp-idf/components/mbedtls/port/include/mbedtls/esp_config.h. You will have to define MBEDTLS_CIPHER_MODE_OFB in this file |
Well, i am defining
|
OFB mode support is not yet added for AES ALT implementation (https://github.com/espressif/esp-idf/blob/master/components/mbedtls/port/esp32/aes.c). Since you have enabled AES hardware accelerator (CONFIG_MBEDTLS_HARDWARE_AES=y) there is no corresponding hardware API in esp-idf/components/mbedtls/port/include/aes_alt.h and that is why you get this error. For the time being you can continue to use software implementation |
@ghemal Thanks you are trying to help, but i have mbedtls working. The only thing that is not working is ofb encryption, all other types are working. You can check it in my test code, link you can find in OP. |
@chegewara I have looked at your code. In your sdkconfig CONFIG_MBEDTLS_HARDWARE_AES=y which means alternate implementation (using hardware acceleartor) is being used. I understand mbedtls is working for all modes except ofb. This is expected since other modes except OFB are supported through alternate implementation. All the alternate implementation (except OFB) using hardware acceleration are available in esp-idf/components/mbedtls/port/esp32/aes.c As you might be already aware the software implementation of mbedtls_aes_crypt_ofb() is available in esp-idf/components/mbedtls/mbedtls/library/aes.c but this is not implemented in above file |
this is exactly what ive been asking for. Thanks @ghemal |
This is a bug, and we should fix it. |
Hi. I know there is self test function in aes.c, but i just found that
mbedtls_aes_crypt_ofb
cant be used on esp32.In theory
MBEDTLS_CIPHER_MODE_OFB
is defined herehttps://github.com/espressif/mbedtls/blob/19eb57f7f7b2f4312d497ddbcb5f104fc6877c70/include/mbedtls/config.h#L558
but it has to be undefined somewhere else because compiling with
mbedtls_aes_crypt_ofb
is causing error:Here is my test app:
https://github.com/chegewara/esp32-mbedtls-aes-test
The text was updated successfully, but these errors were encountered: