Hi David and Shebu,
Thanks for your reply and the suggestion to integrate TF-M! But at current stage I am not going to change existing firmware to use PSA Crypto API due to big change scope. I think I will go with my thought (1) and keep it a local change as the short-term solution, but still grateful if I could get more suggestions from all of you!
Thanks, William
From: Shebu Varghese Kuriakose Shebu.VargheseKuriakose@arm.com Date: Wednesday, September 25, 2024 at 4:52 AM To: David Horstmann David.Horstmann@arm.com, "mbed-tls@lists.trustedfirmware.org" mbed-tls@lists.trustedfirmware.org, "Lee, William" William.Lee@garmin.com, "tf-m@lists.trustedfirmware.org" tf-m@lists.trustedfirmware.org Cc: nd nd@arm.com Subject: RE: Looking for suggestions about make Mbed TLS APIs non-secure callable APIs on armv8m
+ TF-M mailing list From: David Horstmann via mbed-tls <mbed-tls@ lists. trustedfirmware. org> Sent: Tuesday, September 24, 2024 5: 14 PM To: mbed-tls@ lists. trustedfirmware. org; Lee, William <William. Lee@ garmin. com> Subject: [mbed-tls]
+ TF-M mailing list
From: David Horstmann via mbed-tls mbed-tls@lists.trustedfirmware.org Sent: Tuesday, September 24, 2024 5:14 PM To: mbed-tls@lists.trustedfirmware.org; Lee, William William.Lee@garmin.com Subject: [mbed-tls] Re: Looking for suggestions about make Mbed TLS APIs non-secure callable APIs on armv8m
Hi William,
Since Mbed TLS is a cross-platform library, we don't deal directly with TrustZone-M.
However, if I have understood correctly, I think your usecase is solved by the Trusted Firmware M (TF-M) project[1], which is an implementation of secure firmware that provides cryptography services via non-secure-callable APIs.
TF-M uses Mbed TLS internally and implements the PSA Certified Cryptography API[2]. The Crypto Service Integration Guide[3] in the documentation should be a good starting point for what you are trying to do.
I hope that helps,
David Horstmann Mbed TLS developer
[1] https://www.trustedfirmware.org/projects/tf-mhttps://urldefense.com/v3/__https:/www.trustedfirmware.org/projects/tf-m__;!!EJc4YC3iFmQ!RINmavcqjI74zkZUTY9dpWVWhNFbGC0NSvXuHPwYApR75bRAXSndQhU-UsBYX6YYPmie_UiTLi68JrgbgzDbJ0iJDQ$ [2] https://www.psacertified.org/getting-certified/crypto-api-compliance/https://urldefense.com/v3/__https:/www.psacertified.org/getting-certified/crypto-api-compliance/__;!!EJc4YC3iFmQ!RINmavcqjI74zkZUTY9dpWVWhNFbGC0NSvXuHPwYApR75bRAXSndQhU-UsBYX6YYPmie_UiTLi68JrgbgzBa9eWOkQ$ [3] https://trustedfirmware-m.readthedocs.io/en/latest/integration_guide/service...https://urldefense.com/v3/__https:/trustedfirmware-m.readthedocs.io/en/latest/integration_guide/services/tfm_crypto_integration_guide.html__;!!EJc4YC3iFmQ!RINmavcqjI74zkZUTY9dpWVWhNFbGC0NSvXuHPwYApR75bRAXSndQhU-UsBYX6YYPmie_UiTLi68JrgbgzD520N9iA$ [Image removed by sender.]https://urldefense.com/v3/__https:/www.trustedfirmware.org/projects/tf-m__;!!EJc4YC3iFmQ!RINmavcqjI74zkZUTY9dpWVWhNFbGC0NSvXuHPwYApR75bRAXSndQhU-UsBYX6YYPmie_UiTLi68JrgbgzDbJ0iJDQ$ TrustedFirmware-M (TF-M)https://urldefense.com/v3/__https:/www.trustedfirmware.org/projects/tf-m__;!!EJc4YC3iFmQ!RINmavcqjI74zkZUTY9dpWVWhNFbGC0NSvXuHPwYApR75bRAXSndQhU-UsBYX6YYPmie_UiTLi68JrgbgzDbJ0iJDQ$ TrustedFirmware-M (TF-M) implements the Secure Processing Environment (SPE) for Armv8-M, Armv8.1-M architectures or dual-core platforms. www.trustedfirmware.orghttps://urldefense.com/v3/__http:/www.trustedfirmware.org__;!!EJc4YC3iFmQ!RINmavcqjI74zkZUTY9dpWVWhNFbGC0NSvXuHPwYApR75bRAXSndQhU-UsBYX6YYPmie_UiTLi68JrgbgzBijfp-tA$
________________________________ From: Lee, William via mbed-tls <mbed-tls@lists.trustedfirmware.orgmailto:mbed-tls@lists.trustedfirmware.org> Sent: 24 September 2024 15:08 To: mbed-tls@lists.trustedfirmware.orgmailto:mbed-tls@lists.trustedfirmware.org <mbed-tls@lists.trustedfirmware.orgmailto:mbed-tls@lists.trustedfirmware.org> Subject: [mbed-tls] Looking for suggestions about make Mbed TLS APIs non-secure callable APIs on armv8m
Hi Mbed TLS,
I am looking for some suggestions about make some (or all) Mbed TLS APIs non-secure callable APIs on armv8m.
The background is that I am going to have a secure firmware that provides encryption services by building part (or whole) of Mbed TLS into that firmware and make those original mbedtls_x APIs non-secure callable, so the existing non-secure firmware could link those non-secure callable APIs and use them.
Some of my thoughts: (1) The easiest way to do it I can think of is just add the attribute "cmse_nonsecure_call" to those APIs' declaration (or use a macro to wrap the attribute for conditional build to not impact others don't want it), but I do not think this modification could be accepted by upstream 🙂. (2) So my another thought is duplicate all header files and put them under another folder, assuming it is my-include folder, then I can do whatever I want to my-include folder, but there is also a problem I can think of: a merge/compare burden between include and my-include folder after I have updated Mbed TLS.
I really appreciate other suggestions!
Thanks, William