MbedTLS Port
Contents
General information
There are stored adaptations needed to run mbedtls
on Phoenix-RTOS.
MbedTLS is a C library that implements cryptographic primitives, X.509 certificate manipulation, and the SSL/TLS and DTLS protocols. Its small code footprint makes it suitable for embedded systems. For more information please visit the MbedTLS GitHub.
Supported version
The supported version is v2.28.0.
Using mbedtls
To use functions provided by mbedtls
please place the specific mbedtls
library in LIBS
variable in Makefile
and include the required header file. Below is the example of using mbedtls_aes_init()
in user program hello
:
- Makefile - linking with all provided mbedtls libraries, You can use only required ones here.
```makefile NAME := hello LOCAL_SRCS := main.c LIBS := libmbedtls libmbedx509 libmbedcrypto
include $(binary.mk) ```
- Source code:
```C
#include
int main(void) { mbedtls_aes_context ctx;
mbedtls_aes_init( &ctx );
printf("Hello World!!\n");
return 0;
} ```
- Note: Please remember that
PORTS_MBEDTLS
should be set toy
in the specific building script in_projects
directory or using an environment variable.
Running tests
To build mbedtls
tests please set LONG_TEST=y
environment variable before calling build.sh
.
In order to run the specific test please type in psh: /bin/test_name mbedtls_test_configs/test_name.datax
, for
example:
/bin/test_suite_ssl mbedtls_test_configs/test_suite_ssl.datax
-
Running all tests and parsing results isn't supported in Phoenix-RTOS Test Runner yet.
-
The following tests require setting current date before running(using
date
command in psh, for example:date -s @1653990793
), because of certificates' creation date: test_suite_ssl
-
test_suite_x509
-
Because tests use
.datax
files and most of them usedata_files
directory running tests is supported only onrootfs
platforms.
Known bugs
Currently, there are 3/2695 unresolved failing test cases in test_suite_ssl
:
-
DTLS renegotiation: no legacy renegotiation
, -
DTLS renegotiation: legacy renegotiation
, -
DTLS renegotiation: legacy break handshake
There are also failing test cases not related strictly to problems with mbedtls
:
-
net_poll beyond FD_SETSIZE
intest_suite_net
- https://github.com/phoenix-rtos/phoenix-rtos-project/issues/408 -
Overwrite 0 -> 3
intest_suite_psa_its
- https://github.com/phoenix-rtos/phoenix-rtos-project/issues/409