-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
STM FreeRtos LWIP mbedtls #2707
Comments
@cabralfortiss maybe you can help out with stm32 stuff? |
I never worked with encryption but I gave it a quick try. I pulled the https://github.com/ARMmbed/mbedtls repo, and tried to compiled to my platform. The error I receive is: #error "Platform entropy sources only work on Unix and Windows, see MBEDTLS_NO_PLATFORM_ENTROPY in config.h" So I think that's the problem. I took the configs/config-no-entropy.h (the name says literally that it has no entropy) paste it in the include/ folder, renamed as config.h and compiled without any problem. (this isn't news, the procedure is described in the repo). With my encryption library compiled, I set CMake for open62541 with the proper values. In your case I think you might have a problem since your MBEDXXX variables are pointing to the folder and not the library itself. Anyway, I pointed to the libraries, the include folder of the repo and compiled. I have my cool open62541 library with (I assume) encruption there. Of course, it doesn't have entropy, since "Platform entropy sources only work on Unix and Windows, see MBEDTLS_NO_PLATFORM_ENTROPY in config.h". Now, I have a library, but I didn't test it and have no idea if it works. But it compiles |
@cabralfortiss , I have comment out these line , and Now i can also compile without erorr but I am not sure that ,it is great idea to comment these lines . |
I think it's a bad idea. Did you try as I did using the configs/config-no-entropy.h file? |
yes i did but it still have erorrs .. let me try it again will come to you back . /* Load certificate and private key */
|
@cabralfortiss I did the same as you mentioned , it complies fin BUT when I call the encryptions functions, i have same issue ::::::::: error: 'mbedtls_platform_entropy_poll' undeclared (first use in this function) |
Hello @embbo and @cabralfortiss , I have also faced with the same issue and IMHO it is not logical to support entropy for "freertosLWIP" architecture build of open62541, since it is only supported for Windows and Linux in the mbedtls side; I am not familiar with entropy and encryption topics but it seems security policy plugins should be architecture dependent. ua_securitypolicy_basic128rsa15.c Otherwise, it is not logical to support UA_ENABLE_ENCRYTPTION flag with ‘freertosLWIP’. |
@cmbahadir, exctaly what I am thiking , but i don't have any clue how to do it, i hope , someone from the group will help . |
// mbedErr = mbedtls_entropy_add_source(&pc->entropyContext, I think we can comment out this function , beacuse we are are using config-no-entropy and this is netropy based or we can change that fucntion with mbedtls_null_entropy |
Hi @embbo , I am not sure about the impact of the commenting out mbedtls_entropy_add_source function. For me the safest way is to use open62541 without UA_ENABLE_ENCRYPTION, but i guess it is not useful for you. So as a result i am not sure how encryption would be supported on embedded platforms. :) Regards |
@cabralfortiss . I tried to connect and it gives error Baddecooding Error... |
@Pro @cabralfortiss ...I think, you can replace "mbedtls_platform_entropy_poll" with mbedtls_null_entropy_poll it complies fine and i think also works fine . I am still testing and will coem back to you . (I am talking about stm32 and freertos) |
@cabralfortiss .. it works fine |
can I use .PEM and .key string alternative instead key use certificate.der and ker.key.der ? if anyone can help .. @Pro @Pro @cmbahadir |
You can use .PEM, you just have to add a '\n' at the end of the ByteString.
|
@schroeder- I don't want to read from card my intensions are just to write a string like this ..
|
You need to add a "\0" to your string like:
|
Thank you .. @schroeder- with above, I got error BadEncodingLimitsExceeded.. |
@schroeder- to find size of strinf is problem here .. |
Can I only use .DER formate . can I used .pem, .cert or .key for certification. anyone can aswer ? |
i just also run in this problem. And just to conclude all problems: Certificats and keys need to be zeroterminated. I also run the code on a STM32, I am not able to test if it also works without the manual calls of mbedtls_entropy_add_source on a linux or win plattform, But i expect that it does. If so, somebody should remove those calls in the next version. |
I want to use stm32 to set up a server, but I don't know how much ROM and ram I need, can you tell me |
Hello all |
Does your problem still exist? Have you tried the 1.2 version in the meantime? |
@NoelGraf id you try ? |
@embbo No, I didn't try it. |
@NoelGraf what your version are you working ? |
@embbo Not sure what you mean? I just wanted to know if you could still detect the problem on the current master or on the 1.3 branch. |
Description
I am trying to compile for stm32 (LWIP ,Freertos) certificate using mbetls libraries using Eclispe.
-> Its works fine if I Disabaled //#define UA_ENABLE_ENCRYPTION
-> after giving all the paths of mbedtls library i still have problem ""mbedtls_platform_entropy_poll' undeclared (first use in this function)""
Can anyone help about it .
Used CMake options:
../cmake .. -G "Eclipse CDT4 - Unix Makefiles" -DUA_ARCHITECTURE=freertosLWIP -DUA_ENABLE_ENCRYPTION=ON -DUA_ENABLE_AMALGAMATION=ON -DMBEDTLS_INCLUDE_DIRS="/../mbedtls/mbedtls-development/build/include" -DMBEDTLS_LIBRARY="/../mbedtls/mbedtls-development/build/library" -DMBEDX509_LIBRARY="/../mbedtls/mbedtls-development/build/library" -DMBEDCRYPTO_LIBRARY="/../mbedtls/mbedtls-development/build/library"
Checklist
Please provide the following information:
UA_LOGLEVEL
set as low as necessary) attachedThe text was updated successfully, but these errors were encountered: