- Forums
- Product Forums
- General Purpose MicrocontrollersGeneral Purpose Microcontrollers
- i.MX Forumsi.MX Forums
- QorIQ Processing PlatformsQorIQ Processing Platforms
- Identification and SecurityIdentification and Security
- Power ManagementPower Management
- MCX Microcontrollers
- S32G
- S32K
- S32V
- MPC5xxx
- Other NXP Products
- Wireless Connectivity
- S12 / MagniV Microcontrollers
- Powertrain and Electrification Analog Drivers
- Sensors
- Vybrid Processors
- Digital Signal Controllers
- 8-bit Microcontrollers
- ColdFire/68K Microcontrollers and Processors
- PowerQUICC Processors
- OSBDM and TBDML
-
- Solution Forums
- Software Forums
- MCUXpresso Software and ToolsMCUXpresso Software and Tools
- CodeWarriorCodeWarrior
- MQX Software SolutionsMQX Software Solutions
- Model-Based Design Toolbox (MBDT)Model-Based Design Toolbox (MBDT)
- FreeMASTER
- eIQ Machine Learning Software
- Embedded Software and Tools Clinic
- S32 SDK
- S32 Design Studio
- GUI Guider
- Zephyr Project
- Voice Technology
- Application Software Packs
- Secure Provisioning SDK (SPSDK)
- Processor Expert Software
- MCUXpresso Training Hub
-
- Topics
- Mobile Robotics - Drones and RoversMobile Robotics - Drones and Rovers
- NXP Training ContentNXP Training Content
- University ProgramsUniversity Programs
- Rapid IoT
- NXP Designs
- SafeAssure-Community
- OSS Security & Maintenance
- Using Our Community
-
- Cloud Lab Forums
-
- Knowledge Bases
- Home
- :
- Identification and Security
- :
- Secure Authentication
- :
- macro redefined when se05x_apis work with openssl
macro redefined when se05x_apis work with openssl
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
I'm trying to bring up the NXP SE050E on my embedded system.
According to the introduction here: https://github.com/NXP/plug-and-trust, I've decided to work with OpenSSL.
In the file fsl_sss_ftr.h I set the following definitions:
#define SSS_HAVE_SE05X_VER_03_XX 1
#define SSS_HAVE_APPLET_SE050_E 1
#define SSS_HAVE_HOSTCRYPTO_MBEDTLS 0
#define SSS_HAVE_HOSTCRYPTO_OPENSSL 1
#define SSS_HAVE_HOSTCRYPTO_USER 0
#define SSS_HAVE_HOSTCRYPTO_NONE 0
But unfortunately, I get a lot of previous definition warnings between fsl_sss_openssl_apis.h and fsl_sss_se05x_apis.h:
/sss/inc/fsl_sss_se05x_apis.h:642:16: warning: 'sss_session_create' macro redefined [-Wmacro-redefined]
# define sss_session_create(session,subsystem,application_id,connection_type,connectionData) \
^
/sss/inc/fsl_sss_openssl_apis.h:549:16: note: previous definition is here
# define sss_session_create(session,subsystem,application_id,connection_type,connectionData) \
^
In file included from /se05x/seTool/seTool.c:8:
/sss/inc/fsl_sss_se05x_apis.h:644:16: warning: 'sss_session_open' macro redefined [-Wmacro-redefined]
# define sss_session_open(session,subsystem,application_id,connection_type,connectionData) \
^
/sss/inc/fsl_sss_openssl_apis.h:551:16: note: previous definition is here
# define sss_session_open(session,subsystem,application_id,connection_type,connectionData) \
So I would like to understand what I'm doing wrong.
I do want that all the secured actions will be done in the NXP hardware but cannot compile it without Openssl or MbTLS.
Thank you for your help!
Solved! Go to Solution.
Kan_Li
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @nehadad ,
Good to know, and we use OpenSSL in this example to create the certificate, so maybe this is the cause.
Have a great day,
Kan
-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------
Kan_Li
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @nehadad ,
Would you please tell me what your platform is? Actually the Github just contains the mini package of the MW which is shrinked to be useable on one platform only: Linux, so only necessary files for compilation of Plug & Trust on Linux are included in this package. I noticed you define _ANDROID_ in the flags, is your application an Android App? If so , maybe you have to use the full version, you may refer to https://www.nxp.com/webapp/Download?colCode=SE05x-PLUG-TRUST-MW&appType=license for more details.
Hope that makes sense,
Have a great day,
Kan
-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @Kan_Li ,
Thanks for your response.
I've used the GitHub since the Linux source code is the same as the Android code.
All I needed is to create the Android.mk compiler.
According to the warnings, I think my problem is because I set SSS_HAVE_APPLET_SE050_E and SSS_HAVE_HOSTCRYPTO_OPENSSL in the fsl_sss_ftr.h file.
But I don't understand why it conflicts.
Kan_Li
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @nehadad ,
There is no conflicts between SSS_HAVE_APPLET_SE050_E and SSS_HAVE_HOSTCRYPTO_OPENSSL, the Github version just support Linux platform and out of box platform is Raspberry Pi, if you want to built it for Android, please use the full version as mentioned above. You may refer to "simw-top/doc/dev-platforms/platform_android.html" for more details.
Hope that makes sense,
Have a great day,
Kan
-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks again for your response.
I already tried it but failed in the apply patch keymaster_sepolicy.patch since my ASOP was different than the example.
I didn't have the "Keymaster HAL" in my AOSP.
Anyway, I can compile the simw-top by the Android.mk file I've created from the CMake list file.
Now I fail in trying to generate the certificate but this is for a different post
App :INFO :PlugAndTrust_v04.03.00_20221122
App :INFO :Running /dev/generate_certificate
App :INFO :Using PortName='/dev/i2c-0:0x48' (CLI)
sss :INFO :atr (Len=35)
01 A0 00 00 03 96 04 03 E8 00 FE 02 0B 03 E8 00
01 00 00 00 00 64 13 88 0A 00 65 53 45 30 35 31
00 00 00
sss :INFO :Newer version of Applet Found
sss :INFO :Compiled for 0x30100. Got newer 0x70200
sss :WARN :Communication channel is Plain.
sss :WARN :!!!Not recommended for production use.!!!
sss :WARN :nxEnsure:'connectionData' failed. At Line:367 Function:sss_se05x_session_open
App :ERROR:Failed to open mbedtls Session
App :INFO :sss_key_store_get_key status 3c3c0000
App :INFO :ex_sss Finished
App :ERROR:ex_sss_entry Failed
App :ERROR:!ERROR! ret != 0.
Kan_Li
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @nehadad ,
Good to know, and we use OpenSSL in this example to create the certificate, so maybe this is the cause.
Have a great day,
Kan
-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------
