How will the crypto engine layer be added in crypto service compared to the old version?
OpenPublic

Asked by matt2048 on Mon, Jun 17, 10:39 AM.

Details

Hi Experts,

I have seen that the crypto service has been migrated to mbedcrypto implementation, but at the same time, the crypto engine layer has been removed from the crypto service.

Is there the new plan to add the engine layer again based on the mbedcrypto implementation?

Thanks
Matt

Answers

adeaarm
Updated 28 Days Ago

Hi,

the functionalities that were implemented through the crypto engine layer are now part of the functionalities which are provided directly by mbedcrypto. In particular, mbedcrypto is developing a driver model to allow seamless integration of crypto accelerators and secure elements which comply to the interface specified by the crypto driver model. This is still under development and not part of the mbedcrypto version supported by TF-M.

More details are available directly from the Mbed Crypto repository, in https://github.com/ARMmbed/mbed-crypto/tree/development/include/psa, in particular in crypto_accel_driver.h and crypto_se_driver.h, and in the PDF description here: https://github.com/ARMmbed/mbed-crypto/blob/development/docs/PSACryptoDriverModelSpec.pdf

New Answer