Hello All,
I am attempting to develop an embedded client-side application using the mbedTLS stack on an ARM core. The company I work for embeds the private keys and other secrets used for TLS connectivity within an Atmel ECC508 device for enhanced security. Therefore, I am not able to extract the private keys from the device to configure a “typical” mbedTLS interface.
While reading through the mbedTLS documentation, I discovered the stack does in fact support interfacing with external crypto devices as described under the heading Configuring Mbed TLS to support private key operation callbacks…
Note: Private key operation callbacks are available with Mbed TLS version 2.11 onwards.
This feature is only available for server-side asymmetric cryptography. In Mbed TLS version 2.11, it is not available for clients or Pre-shared Keys.
I would like some clarification on that last statement… is the client-side use of asymmetric cryptography with an external device supported on a more recent version of mbedTLS?
If so…
What version is required for this support and how must I configure the stack for such support?
Is there an example of this functionality available?
Best Regards,
Mark