Hi,
I'm trying to bring up the NXP SE050E on my embedded system.
According to the introduction here: https://github.com/NXP/plug-and-trust, I've decided to work with OpenSSL.
In the file fsl_sss_ftr.h I set the following definitions:
#define SSS_HAVE_SE05X_VER_03_XX 1
#define SSS_HAVE_APPLET_SE050_E 1
#define SSS_HAVE_HOSTCRYPTO_MBEDTLS 0
#define SSS_HAVE_HOSTCRYPTO_OPENSSL 1
#define SSS_HAVE_HOSTCRYPTO_USER 0
#define SSS_HAVE_HOSTCRYPTO_NONE 0
But unfortunately, I get a lot of previous definition warnings between fsl_sss_openssl_apis.h and fsl_sss_se05x_apis.h:
/sss/inc/fsl_sss_se05x_apis.h:642:16: warning: 'sss_session_create' macro redefined [-Wmacro-redefined]
# define sss_session_create(session,subsystem,application_id,connection_type,connectionData) \
^
/sss/inc/fsl_sss_openssl_apis.h:549:16: note: previous definition is here
# define sss_session_create(session,subsystem,application_id,connection_type,connectionData) \
^
In file included from /se05x/seTool/seTool.c:8:
/sss/inc/fsl_sss_se05x_apis.h:644:16: warning: 'sss_session_open' macro redefined [-Wmacro-redefined]
# define sss_session_open(session,subsystem,application_id,connection_type,connectionData) \
^
/sss/inc/fsl_sss_openssl_apis.h:551:16: note: previous definition is here
# define sss_session_open(session,subsystem,application_id,connection_type,connectionData) \
So I would like to understand what I'm doing wrong.
I do want that all the secured actions will be done in the NXP hardware but cannot compile it without Openssl or MbTLS.
Thank you for your help!
已解决! 转到解答。
Hi @nehadad ,
Good to know, and we use OpenSSL in this example to create the certificate, so maybe this is the cause.
Have a great day,
Kan
-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------
Hi @nehadad ,
Would you please tell me what your platform is? Actually the Github just contains the mini package of the MW which is shrinked to be useable on one platform only: Linux, so only necessary files for compilation of Plug & Trust on Linux are included in this package. I noticed you define _ANDROID_ in the flags, is your application an Android App? If so , maybe you have to use the full version, you may refer to https://www.nxp.com/webapp/Download?colCode=SE05x-PLUG-TRUST-MW&appType=license for more details.
Hope that makes sense,
Have a great day,
Kan
-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------
Hi @Kan_Li ,
Thanks for your response.
I've used the GitHub since the Linux source code is the same as the Android code.
All I needed is to create the Android.mk compiler.
According to the warnings, I think my problem is because I set SSS_HAVE_APPLET_SE050_E and SSS_HAVE_HOSTCRYPTO_OPENSSL in the fsl_sss_ftr.h file.
But I don't understand why it conflicts.
Hi @nehadad ,
There is no conflicts between SSS_HAVE_APPLET_SE050_E and SSS_HAVE_HOSTCRYPTO_OPENSSL, the Github version just support Linux platform and out of box platform is Raspberry Pi, if you want to built it for Android, please use the full version as mentioned above. You may refer to "simw-top/doc/dev-platforms/platform_android.html" for more details.
Hope that makes sense,
Have a great day,
Kan
-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------
Thanks again for your response.
I already tried it but failed in the apply patch keymaster_sepolicy.patch since my ASOP was different than the example.
I didn't have the "Keymaster HAL" in my AOSP.
Anyway, I can compile the simw-top by the Android.mk file I've created from the CMake list file.
Now I fail in trying to generate the certificate but this is for a different post
App :INFO :PlugAndTrust_v04.03.00_20221122
App :INFO :Running /dev/generate_certificate
App :INFO :Using PortName='/dev/i2c-0:0x48' (CLI)
sss :INFO :atr (Len=35)
01 A0 00 00 03 96 04 03 E8 00 FE 02 0B 03 E8 00
01 00 00 00 00 64 13 88 0A 00 65 53 45 30 35 31
00 00 00
sss :INFO :Newer version of Applet Found
sss :INFO :Compiled for 0x30100. Got newer 0x70200
sss :WARN :Communication channel is Plain.
sss :WARN :!!!Not recommended for production use.!!!
sss :WARN :nxEnsure:'connectionData' failed. At Line:367 Function:sss_se05x_session_open
App :ERROR:Failed to open mbedtls Session
App :INFO :sss_key_store_get_key status 3c3c0000
App :INFO :ex_sss Finished
App :ERROR:ex_sss_entry Failed
App :ERROR:!ERROR! ret != 0.
Hi @nehadad ,
Good to know, and we use OpenSSL in this example to create the certificate, so maybe this is the cause.
Have a great day,
Kan
-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------