1a8e1175bSopenharmony_ciBuilding Mbed TLS with PSA cryptoprocessor drivers 2a8e1175bSopenharmony_ci================================================== 3a8e1175bSopenharmony_ci 4a8e1175bSopenharmony_ci**This is a specification of work in progress. The implementation is not yet merged into Mbed TLS.** 5a8e1175bSopenharmony_ciFor a description of the current state of drivers Mbed TLS, see our [PSA Cryptoprocessor driver development examples](../psa-driver-example-and-guide.html). 6a8e1175bSopenharmony_ci 7a8e1175bSopenharmony_ciThis document describes how to build Mbed TLS with additional cryptoprocessor drivers that follow the PSA cryptoprocessor driver interface. 8a8e1175bSopenharmony_ci 9a8e1175bSopenharmony_ciThe interface is not fully implemented in Mbed TLS yet. Please note that the interface may still change: until further notice, we do not guarantee backward compatibility with existing driver code. 10a8e1175bSopenharmony_ci 11a8e1175bSopenharmony_ci## Introduction 12a8e1175bSopenharmony_ci 13a8e1175bSopenharmony_ciThe PSA cryptography driver interface provides a way to build Mbed TLS with additional code that implements certain cryptographic primitives. This is primarily intended to support platform-specific hardware. 14a8e1175bSopenharmony_ci 15a8e1175bSopenharmony_ciNote that such drivers are only available through the PSA cryptography API (crypto functions beginning with `psa_`, and X.509 and TLS interfaces that reference PSA types). 16a8e1175bSopenharmony_ci 17a8e1175bSopenharmony_ciConcretely speaking, a driver consists of one or more **driver description files** in JSON format and some code to include in the build. The driver code can either be provided in binary form as additional object file to link, or in source form. 18a8e1175bSopenharmony_ci 19a8e1175bSopenharmony_ci## How to build Mbed TLS with drivers 20a8e1175bSopenharmony_ci 21a8e1175bSopenharmony_ciTo build Mbed TLS with drivers: 22a8e1175bSopenharmony_ci 23a8e1175bSopenharmony_ci1. Pass the driver description files through the Make variable `PSA_DRIVERS` when building the library. 24a8e1175bSopenharmony_ci 25a8e1175bSopenharmony_ci ``` 26a8e1175bSopenharmony_ci cd /path/to/mbedtls 27a8e1175bSopenharmony_ci make PSA_DRIVERS="/path/to/acme/driver.json /path/to/nadir/driver.json" lib 28a8e1175bSopenharmony_ci ``` 29a8e1175bSopenharmony_ci 30a8e1175bSopenharmony_ci2. Link your application with the implementation of the driver functions. 31a8e1175bSopenharmony_ci 32a8e1175bSopenharmony_ci ``` 33a8e1175bSopenharmony_ci cd /path/to/application 34a8e1175bSopenharmony_ci ld myapp.o -L/path/to/acme -lacmedriver -L/path/to/nadir -lnadirdriver -L/path/to/mbedtls -lmbedcrypto 35a8e1175bSopenharmony_ci ``` 36a8e1175bSopenharmony_ci 37a8e1175bSopenharmony_ci<!-- TODO: what if the driver is provided as C source code? --> 38a8e1175bSopenharmony_ci 39a8e1175bSopenharmony_ci<!-- TODO: what about additional include files? --> 40