Hi,
I’m working with Mbed TLS 2.28.x on a microcontroller that provides a built-in crypto engine.
The existing *_ALT support works fine for performance, and higher-level modules correctly route their block operations through the accelerated backend.
On this platform the crypto hardware can also use internal key material stored in dedicated slots. These values are not accessible as byte arrays and cannot be passed to the usual setkey_*() API.
Question
Is there a recommended way to configure an ALT implementation so that it can select an internal key slot instead of receiving a buffer?
Or, more generally, how should an ALT backend represent a key that is not exposed to software?
Any guidance on the intended design would be appreciated.
Thanks!


Massimiliano Cialdi
FIRMWARE ENGINEERING PROFESSIONAL LEADER

Powersoft S.p.A.
Via E. Conti, 5 - Scandicci (Fi) 50018 - Italy
OFFICE:    +39 055 7350230
2.png3.png4.png5.png6.png7.png8.png9.png
PWS rgb N.png