Some applications require security features beyond those provided by the Bluetooth specification. This article describes the steps necessary for a building a BLE project with mbedtls.
Mbedtls is a library of cryptographic functions, defined here https://tls.mbed.org/api/, which are used by the Silicon Laboratories Bluetooth Low Energy stack. Silicon Labs provides low level drivers for the cryptographic engines in it SoCs to allow mbedtls to run efficiently.
Any application that needs to use mbedtls must remove the prebuilt mbedtls library and build the mbedtls library from source to avoid conflicts. Mbedtls is a highly configurable library with features that can be enabled by defining preprocessor symbols to a configuration file. The basic setup is described below
At a minimum, the following files must be added to the project. These are found in the SDK folder under util\third_party\mbedtls
library/aes.c library/bignum.c library/cipher.c library/cipher_wrap.c library/cmac.c library/ecdh.c library/ecp.c library/ecp_curves.c sl_crypto/src/crypto_aes.c sl_crypto/src/crypto_ble.c sl_crypto/src/crypto_ecp.c sl_crypto/src/crypto_management.c
Add the following to your project's include paths
include include/mbedtls sl_crypto/include
Add the following definition to the preprocessor symbols
Copy protocol\bluetooth\ble_stack\inc\soc\mbedtls_config.h from the SDK to the project's protocol\bluetooth\ble_stack\inc\soc folder. This ensures that the project enables all of the mbedtls features that the Bluetooth stack requires. Additional features can be enabled in this file but none of the existing features can be disabled.
Add the following to your application code
#if !defined(MBEDTLS_CONFIG_FILE) #include "mbedtls/config.h" #else #include MBEDTLS_CONFIG_FILE #endif
Now you can begin using mbedtls in your application code.