STFCF
Getting started with STFCF ¶
APIs STFCF Description table ¶
This section provides an organized overview of the STFCF middleware APIs, presenting a comprehensive list of available interfaces along with concise descriptions to facilitate understanding and effective usage of the cryptographic services.
KWE ¶
MbedTLS_ALT ¶
The APIs provide a hardware implementation through ALT_HAL and a software implementation through ALT_STCRYPTOLIB. For more details, see the MbedTLS documentation, which describes the APIs in detail.
Configuration options & files ¶
STFCF offers several configuration paths, prioritized as follows:
Mbed TLS Alt by HAL: HAL implementation, silicon first
Mbed TLS Alt by STCryptoLib: STCryptoLib implementation for software optimization
Mbed TLS implementation directly: Mbed TLS implementation, the default case
PSA driver KWE: Key Wrap Engine based on CCB peripheral driver, as an option
Mbed TLS custom alternative: Custom case implementation
STM32 Flexible Crypto Framework includes a template ( mx_stfcf_config.h file) that lists all available options. Two levels of configuration are available:
Main configuration: Ready-to-use combinations, allowing selection of different engines per algorithm family
Advanced configuration: Manual mode, displaying all options for full control and customized setup
The main configuration file is
mbedtls_config.h
A default version of
mbedtls_config.h
is available in the
templates/
folder as a user-modifiable file.
This template is derived from the Mbed TLS community file, with hardware source entropy alternative enabled by default.
![@startuml STFCF Inclusion model
'title STFCF, Inclusion model
'right footer %date("yyyy-MM-dd") - DV2.0.0
right footer %date("yyyy-MM-dd")
' <color:Red>**WIP**
' Note:
' * #E6007E => Equivalent DeepPink
' * #03234B => Equivalent MidnightBlue
' * #8C0078 => Equivalent Purple
' * #FFD200 => Equivalent Yellow
' * #3CB4E6 => Equivalent SkyBlue?
' Object instances
skinparam object {
BackgroundColor transparent
BorderColor #03234B
BorderThickness 3
}
skinparam ArrowColor #03234B
skinparam LineThickness 3
skinparam classBorderThickness 3
skinparam objectBorderThickness 3
skinparam sequenceArrowColor #03234B
skinparam classBorderColor #03234B
skinparam objectBorderColor #03234B
' Define objects with no fill (transparent) so only outlines show.
object "<color:Black>Application</color>" as app
object "<color:Black>mx_stfcf_config.h</color>" as stfcf_cfg
object "<color:Black>mx_mbedtls_config.h</color>" as mbedtls_cfg
object "<color:Black>mbedtls_user_config.h</color>" as mbedtls_usr_cfg
object "<color:Black>mx_mbedtls_alt_config.h</color>" as mbedtls_alt_cfg
object "<color:Black>mx_kwe_config.h</color>" as kwe_cfg
' object "<color:Black>mx_its_config.h</color>" as its_cfg
object "<color:Black>stfcf_user_config.h</color>" as stfcf_usr_cfg
' Relationships between objects
app --|> stfcf_cfg : Use [pre-processor: MBEDTLS_CONFIG_FILE]
stfcf_cfg --|> mbedtls_cfg
mbedtls_cfg --|> mbedtls_usr_cfg : Use [MBEDTLS_USER_CONFIG_FILE]
stfcf_cfg --|> mbedtls_alt_cfg
stfcf_cfg --|> kwe_cfg : Use [KWE_DRIVER_ENABLED]
' stfcf_cfg --|> its_cfg
stfcf_cfg --|> stfcf_usr_cfg : Use [STFCF_USER_CONFIG_FILE]
@enduml](../../_images/plantuml-e2607ad3d0105840876d8f0bd9a74329e2f49118.png)
STFCF inclusion model ¶
However, the primary entry point for configuration is the
mx_stfcf_config.h
file, because it includes:
mx_mbedtls_config.h: to configure Mbed TLSmx_mbedtls_alt_config.h: to configure the alternative implementations (STCryptoLib and HAL) of Mbed TLSmx_kwe_config.h: to configure the KWE PSA driver called “Key Wrap Engine”
The build system includes the mx_kwe_config.h file only when you use the KWE implementation.
This file enables the configuration of this hardware based key wrapping engine.
All of these files are user modifiable standalone mode templates stored in the
./templates/
folder.