https://github.com/Mbed-TLS/mbedtls
python3 -m pip install –user -r scripts/basic.requirements.txt
git clone https://github.com/Mbed-TLS/mbedtls.git
git checkout mbedtls-3.6
git submodule update
配置:
cp configs/config-tfm.h include/mbedtls/mbedtls_config.h
依照需求修改 mbedtls_config.h
例如 MCU 平台定義:
#define MBEDTLS_NO_PLATFORM_ENTROPY
可以移除不用的功能減少 size
編譯:
CC=xxx \
LD=xxx \
AR=xxx \
LD_FLAGS=”-v xxx ” \
CFLAGS=” -Os -target xxx –sysroot xxx -I/opt/QualComm/xxx/include/” \
make lib
ls library/*.a
library/libmbedcrypto.a library/libmbedtls.a library/libmbedx509.a
如果MCU不支援某些重要的 function 需要自己做個 HAL,並注意相對應的 define 是否在 mbedtls_config.h
可參考以下 api 定義;
mbedtls\library\platform.c:
18: * configuration via mbedtls_platform_set_calloc_free(). So, omit everything
57: int mbedtls_platform_set_calloc_free(void *(*calloc_func)(size_t, size_t),
104: int mbedtls_platform_set_snprintf(int (*snprintf_func)(char *s, size_t n,
160: int mbedtls_platform_set_vsnprintf(int (*vsnprintf_func)(char *s, size_t n,
185: int mbedtls_platform_set_printf(int (*printf_func)(const char *, …))
210: int mbedtls_platform_set_fprintf(int (*fprintf_func)(FILE *, const char *, …))
217: #if defined(MBEDTLS_PLATFORM_SETBUF_ALT)
232: int mbedtls_platform_set_setbuf(void (*setbuf_func)(FILE *stream, char *buf))
237: #endif /* MBEDTLS_PLATFORM_SETBUF_ALT */
254: int mbedtls_platform_set_exit(void (*exit_func)(int status))
279: int mbedtls_platform_set_time(mbedtls_time_t (*time_func)(mbedtls_time_t *timer))
371: int mbedtls_platform_set_nv_seed(
382: #if !defined(MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT)
386: int mbedtls_platform_setup(mbedtls_platform_context *ctx)
400: #endif /* MBEDTLS_PLATFORM_SETUP_TEARDOWN_ALT */
例如:
使用的 malloc free 不是標準的,xxxx_alloc xxxx_release
需要自己寫一個 API,使用 mbedtls_platform_set_calloc_free 設定給 mbedtls。
static void * (*mbedtls_calloc_func)(size_t, size_t) = MBEDTLS_PLATFORM_STD_CALLOC;
static void (*mbedtls_free_func)(void *) = MBEDTLS_PLATFORM_STD_FREE;
int mbedtls_platform_set_calloc_free(void *(*calloc_func)(size_t, size_t),
void (*free_func)(void *))
{
mbedtls_calloc_func = calloc_func;
mbedtls_free_func = free_func;
return 0;
}