1*62c56f98SSadaf EbrahimiBuilding Mbed TLS with PSA cryptoprocessor drivers 2*62c56f98SSadaf Ebrahimi================================================== 3*62c56f98SSadaf Ebrahimi 4*62c56f98SSadaf Ebrahimi**This is a specification of work in progress. The implementation is not yet merged into Mbed TLS.** 5*62c56f98SSadaf EbrahimiFor a description of the current state of drivers Mbed TLS, see our [PSA Cryptoprocessor driver development examples](../psa-driver-example-and-guide.html). 6*62c56f98SSadaf Ebrahimi 7*62c56f98SSadaf EbrahimiThis document describes how to build Mbed TLS with additional cryptoprocessor drivers that follow the PSA cryptoprocessor driver interface. 8*62c56f98SSadaf Ebrahimi 9*62c56f98SSadaf EbrahimiThe interface is not fully implemented in Mbed TLS yet. Please note that the interface may still change: until further notice, we do not guarantee backward compatibility with existing driver code. 10*62c56f98SSadaf Ebrahimi 11*62c56f98SSadaf Ebrahimi## Introduction 12*62c56f98SSadaf Ebrahimi 13*62c56f98SSadaf EbrahimiThe PSA cryptography driver interface provides a way to build Mbed TLS with additional code that implements certain cryptographic primitives. This is primarily intended to support platform-specific hardware. 14*62c56f98SSadaf Ebrahimi 15*62c56f98SSadaf EbrahimiNote that such drivers are only available through the PSA cryptography API (crypto functions beginning with `psa_`, and X.509 and TLS interfaces that reference PSA types). 16*62c56f98SSadaf Ebrahimi 17*62c56f98SSadaf EbrahimiConcretely speaking, a driver consists of one or more **driver description files** in JSON format and some code to include in the build. The driver code can either be provided in binary form as additional object file to link, or in source form. 18*62c56f98SSadaf Ebrahimi 19*62c56f98SSadaf Ebrahimi## How to build Mbed TLS with drivers 20*62c56f98SSadaf Ebrahimi 21*62c56f98SSadaf EbrahimiTo build Mbed TLS with drivers: 22*62c56f98SSadaf Ebrahimi 23*62c56f98SSadaf Ebrahimi1. Pass the driver description files through the Make variable `PSA_DRIVERS` when building the library. 24*62c56f98SSadaf Ebrahimi 25*62c56f98SSadaf Ebrahimi ``` 26*62c56f98SSadaf Ebrahimi cd /path/to/mbedtls 27*62c56f98SSadaf Ebrahimi make PSA_DRIVERS="/path/to/acme/driver.json /path/to/nadir/driver.json" lib 28*62c56f98SSadaf Ebrahimi ``` 29*62c56f98SSadaf Ebrahimi 30*62c56f98SSadaf Ebrahimi2. Link your application with the implementation of the driver functions. 31*62c56f98SSadaf Ebrahimi 32*62c56f98SSadaf Ebrahimi ``` 33*62c56f98SSadaf Ebrahimi cd /path/to/application 34*62c56f98SSadaf Ebrahimi ld myapp.o -L/path/to/acme -lacmedriver -L/path/to/nadir -lnadirdriver -L/path/to/mbedtls -lmbedcrypto 35*62c56f98SSadaf Ebrahimi ``` 36*62c56f98SSadaf Ebrahimi 37*62c56f98SSadaf Ebrahimi<!-- TODO: what if the driver is provided as C source code? --> 38*62c56f98SSadaf Ebrahimi 39*62c56f98SSadaf Ebrahimi<!-- TODO: what about additional include files? --> 40