MbedTLS FAQ

What is the main focus of the Mbed Crypto Middleware (MW) document?

The document primarily focuses on providing an architecture overview, describing the MW folder structure, detailing interface patterns and template designs, explaining configuration and templates, outlining componentization and pack definitions, and listing examples along with their folder structure.

What does the include folder in the MW folder structure contain?

The include folder contains prototypes for Mbed and PSA APIs, default configuration template files such as config.h and crypto_config.h , and the Secure Driver API. It serves as the main location for API headers and configuration templates.

What is PSA in the context of Mbed Crypto?

PSA refers to a ready-to-use API that follows a configurable pattern designed for cryptographic operations and key management. This API is accessible through the crypto.h header and provides a standardized interface for these functionalities.

How many secure element drivers can be supported?

The middleware supports up to four dynamic secure element drivers, each with its own implementation that is managed outside the pack. These drivers handle the storage of the secure element’s persistent data.

Can Mbed Crypto be activated from both MBED and PSA interfaces simultaneously?

No, the cryptographic functionality can only be activated from one interface at a time. The MBED and PSA interfaces are mutually exclusive, so only one should be used per application instance.

What’s the latest supported MbedTLS version?

The latest supported MbedTLS version is 3.6.5.

Is MbedTLS MW pack accessible from STM32CubeMX2 ?

The MbedTLS is not useful inside STM32CubeMX2 directly, but configurable through the STFCF middleware.