2568|1

650

帖子

8

TA的资源

纯净的硅(初级)

楼主
 

【STM32H5开发板】第五帖 stm32h563移植mbedtls加密库 [复制链接]

mbedTLS是一个轻量级的加密库,可用于在STM32上实现安全的通信。该库提供了许多加密算法,如AES、RSA和ECC等。在STM32上使用mbedTLS库,可以实现SSL / TLS安全通信,保护数据的机密性和完整性。
 mbedTLS库的使用非常简单,可以直接使用cubemx代码生成工具直接在STM32项目中添加mbedtls库,并在代码中调用其API即可。该库还提供了许多示例代码,以帮助开发人员快速了解其功能和使用方法。
下面介绍一下具体步骤:

首先使用cubemx代码生成工具选择开发板STM32H563 NUCLEO;然后自动初始化板载资源,使用非trustzone;

第二步在Middleware and software packs中选中mbedTLS库,如下图:

生成代码后,我们在代码中配置需要启用的mbedtls功能,在头文件mbedtls_config.h,这里我们使能AES和MD5,代码如下:

/**
 * Configuration template
 */
/*
 * Copyright (C) 2006-2022, Arm Limited, All Rights Reserved
 * SPDX-License-Identifier: Apache-2.0
 *
 * Licensed under the Apache License, Version 2.0 (the "License"); you may
 * not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
 * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

#define MBEDTLS_CONFIG_VERSION 0x03010000

/* System support */
//#define MBEDTLS_HAVE_ASM
//#define MBEDTLS_HAVE_TIME
//#define MBEDTLS_HAVE_TIME_DATE
//#define MBEDTLS_PLATFORM_MEMORY
//#define MBEDTLS_PLATFORM_NO_STD_FUNCTIONS

/* mbed TLS feature support */
#define MBEDTLS_AES_ROM_TABLES
#define MBEDTLS_AES_FEWER_TABLES
//#define MBEDTLS_CAMELLIA_SMALL_MEMORY
//#define MBEDTLS_CHECK_RETURN_WARNING
#define MBEDTLS_CIPHER_MODE_CBC
#define MBEDTLS_CIPHER_MODE_CFB
#define MBEDTLS_CIPHER_MODE_CTR
#define MBEDTLS_CIPHER_MODE_OFB
#define MBEDTLS_CIPHER_MODE_XTS
//#define MBEDTLS_CIPHER_PADDING_PKCS7
//#define MBEDTLS_CIPHER_PADDING_ONE_AND_ZEROS
//#define MBEDTLS_CIPHER_PADDING_ZEROS_AND_LEN
//#define MBEDTLS_CIPHER_PADDING_ZEROS
//#define MBEDTLS_ECP_DP_SECP192R1_ENABLED
//#define MBEDTLS_ECP_DP_SECP224R1_ENABLED
//#define MBEDTLS_ECP_DP_SECP256R1_ENABLED
//#define MBEDTLS_ECP_DP_SECP384R1_ENABLED
//#define MBEDTLS_ECP_DP_SECP521R1_ENABLED
//#define MBEDTLS_ECP_DP_SECP192K1_ENABLED
//#define MBEDTLS_ECP_DP_SECP224K1_ENABLED
//#define MBEDTLS_ECP_DP_SECP256K1_ENABLED
//#define MBEDTLS_ECP_DP_BP256R1_ENABLED
//#define MBEDTLS_ECP_DP_BP384R1_ENABLED
//#define MBEDTLS_ECP_DP_BP512R1_ENABLED
//#define MBEDTLS_ECP_DP_CURVE25519_ENABLED
//#define MBEDTLS_ECP_DP_CURVE448_ENABLED
//#define MBEDTLS_ECP_NIST_OPTIM
//#define MBEDTLS_ECP_RESTARTABLE
//#define MBEDTLS_ECDSA_DETERMINISTIC
//#define MBEDTLS_KEY_EXCHANGE_PSK_ENABLED
//#define MBEDTLS_KEY_EXCHANGE_DHE_PSK_ENABLED
//#define MBEDTLS_KEY_EXCHANGE_ECDHE_PSK_ENABLED
//#define MBEDTLS_KEY_EXCHANGE_RSA_PSK_ENABLED
//#define MBEDTLS_KEY_EXCHANGE_RSA_ENABLED
//#define MBEDTLS_KEY_EXCHANGE_DHE_RSA_ENABLED
//#define MBEDTLS_KEY_EXCHANGE_ECDHE_RSA_ENABLED
//#define MBEDTLS_KEY_EXCHANGE_ECDHE_ECDSA_ENABLED
//#define MBEDTLS_KEY_EXCHANGE_ECDH_ECDSA_ENABLED
//#define MBEDTLS_KEY_EXCHANGE_ECDH_RSA_ENABLED
//#define MBEDTLS_KEY_EXCHANGE_ECJPAKE_ENABLED
//#define MBEDTLS_PK_PARSE_EC_EXTENDED
//#define MBEDTLS_ERROR_STRERROR_DUMMY
//#define MBEDTLS_GENPRIME
//#define MBEDTLS_FS_IO
//#define MBEDTLS_NO_DEFAULT_ENTROPY_SOURCES
//#define MBEDTLS_NO_PLATFORM_ENTROPY
//#define MBEDTLS_ENTROPY_FORCE_SHA256
//#define MBEDTLS_ENTROPY_NV_SEED
//#define MBEDTLS_PSA_CRYPTO_KEY_ID_ENCODES_OWNER
//#define MBEDTLS_MEMORY_DEBUG
//#define MBEDTLS_MEMORY_BACKTRACE
//#define MBEDTLS_PK_RSA_ALT_SUPPORT
//#define MBEDTLS_PKCS1_V15
//#define MBEDTLS_PKCS1_V21
//#define MBEDTLS_PSA_CRYPTO_BUILTIN_KEYS
//#define MBEDTLS_PSA_CRYPTO_CLIENT
//#define MBEDTLS_PSA_CRYPTO_DRIVERS
//#define MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG
//#define MBEDTLS_PSA_CRYPTO_SPM
//#define MBEDTLS_RSA_NO_CRT
//#define MBEDTLS_SELF_TEST
//#define MBEDTLS_SHA256_SMALLER
//#define MBEDTLS_SHA512_SMALLER
//#define MBEDTLS_SSL_ALL_ALERT_MESSAGES
//#define MBEDTLS_SSL_DTLS_CONNECTION_ID
//#define MBEDTLS_SSL_ASYNC_PRIVATE
//#define MBEDTLS_SSL_CONTEXT_SERIALIZATION
//#define MBEDTLS_SSL_DEBUG_ALL
//#define MBEDTLS_SSL_ENCRYPT_THEN_MAC
//#define MBEDTLS_SSL_EXTENDED_MASTER_SECRET
//#define MBEDTLS_SSL_KEEP_PEER_CERTIFICATE
//#define MBEDTLS_SSL_RENEGOTIATION
//#define MBEDTLS_SSL_MAX_FRAGMENT_LENGTH
//#define MBEDTLS_SSL_PROTO_TLS1_2
//#define MBEDTLS_SSL_PROTO_TLS1_3
//#define MBEDTLS_SSL_TLS1_3_COMPATIBILITY_MODE
//#define MBEDTLS_SSL_PROTO_DTLS
//#define MBEDTLS_SSL_ALPN
//#define MBEDTLS_SSL_DTLS_ANTI_REPLAY
//#define MBEDTLS_SSL_DTLS_HELLO_VERIFY
//#define MBEDTLS_SSL_DTLS_SRTP
//#define MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE
//#define MBEDTLS_SSL_SESSION_TICKETS
//#define MBEDTLS_SSL_SERVER_NAME_INDICATION
//#define MBEDTLS_SSL_VARIABLE_BUFFER_LENGTH
//#define MBEDTLS_USE_PSA_CRYPTO
//#define MBEDTLS_PSA_CRYPTO_CONFIG
//#define MBEDTLS_VERSION_FEATURES
//#define MBEDTLS_X509_TRUSTED_CERTIFICATE_CALLBACK
//#define MBEDTLS_X509_RSASSA_PSS_SUPPORT

/* mbed TLS modules */
#define MBEDTLS_AES_C
//#define MBEDTLS_ASN1_PARSE_C
//#define MBEDTLS_ASN1_WRITE_C
//#define MBEDTLS_BASE64_C
//#define MBEDTLS_BIGNUM_C
//#define MBEDTLS_CAMELLIA_C
//#define MBEDTLS_ARIA_C
//#define MBEDTLS_CCM_C
//#define MBEDTLS_CHACHA20_C
//#define MBEDTLS_CHACHAPOLY_C
//#define MBEDTLS_CIPHER_C
//#define MBEDTLS_CMAC_C
//#define MBEDTLS_CTR_DRBG_C
//#define MBEDTLS_DEBUG_C
//#define MBEDTLS_DES_C
//#define MBEDTLS_DHM_C
//#define MBEDTLS_ECDH_C
//#define MBEDTLS_ECDSA_C
//#define MBEDTLS_ECJPAKE_C
//#define MBEDTLS_ECP_C
//#define MBEDTLS_ENTROPY_C
//#define MBEDTLS_ERROR_C
//#define MBEDTLS_GCM_C
//#define MBEDTLS_HKDF_C
//#define MBEDTLS_HMAC_DRBG_C
//#define MBEDTLS_NIST_KW_C
//#define MBEDTLS_MD_C
#define MBEDTLS_MD5_C
//#define MBEDTLS_MEMORY_BUFFER_ALLOC_C
//#define MBEDTLS_NET_C
//#define MBEDTLS_OID_C
//#define MBEDTLS_PEM_PARSE_C
//#define MBEDTLS_PEM_WRITE_C
//#define MBEDTLS_PK_C
//#define MBEDTLS_PK_PARSE_C
//#define MBEDTLS_PK_WRITE_C
//#define MBEDTLS_PKCS5_C
//#define MBEDTLS_PKCS12_C
//#define MBEDTLS_PLATFORM_C
//#define MBEDTLS_POLY1305_C
//#define MBEDTLS_PSA_CRYPTO_C
//#define MBEDTLS_PSA_CRYPTO_SE_C
//#define MBEDTLS_PSA_CRYPTO_STORAGE_C
//#define MBEDTLS_PSA_ITS_FILE_C
//#define MBEDTLS_RIPEMD160_C
//#define MBEDTLS_RSA_C
//#define MBEDTLS_SHA1_C
//#define MBEDTLS_SHA224_C
//#define MBEDTLS_SHA256_C
//#define MBEDTLS_SHA384_C
//#define MBEDTLS_SHA512_C
//#define MBEDTLS_SSL_CACHE_C
//#define MBEDTLS_SSL_COOKIE_C
//#define MBEDTLS_SSL_TICKET_C
//#define MBEDTLS_SSL_CLI_C
//#define MBEDTLS_SSL_SRV_C
//#define MBEDTLS_SSL_TLS_C
//#define MBEDTLS_THREADING_C
//#define MBEDTLS_TIMING_C
//#define MBEDTLS_VERSION_C
//#define MBEDTLS_X509_USE_C
//#define MBEDTLS_X509_CRT_PARSE_C
//#define MBEDTLS_X509_CRL_PARSE_C
//#define MBEDTLS_X509_CSR_PARSE_C
//#define MBEDTLS_X509_CREATE_C
//#define MBEDTLS_X509_CRT_WRITE_C
//#define MBEDTLS_X509_CSR_WRITE_C

然后在main函数中添加md5测试代码,具体如下:

/**
  * [url=home.php?mod=space&uid=159083]@brief[/url] The application entry point.
  * @retval int
  */
int main(void)
{
  /* USER CODE BEGIN 1 */
    mbedtls_md5_context ctx;
    uint8_t i,test_str[] = "EEWorld stm32H563 md5 test!";
    uint8_t out_buf[16];
  /* USER CODE END 1 */

  /* MCU Configuration--------------------------------------------------------*/

  /* Reset of all peripherals, Initializes the Flash interface and the Systick. */
  HAL_Init();

  /* USER CODE BEGIN Init */

  /* USER CODE END Init */

  /* Configure the system clock */
  SystemClock_Config();

  /* USER CODE BEGIN SysInit */

  /* USER CODE END SysInit */

  /* Initialize all configured peripherals */
  MX_GPIO_Init();
  MX_ADC1_Init();
  MX_ETH_Init();
  MX_ICACHE_Init();
  MX_LPUART1_UART_Init();
  MX_USART3_UART_Init();
  MX_UCPD1_Init();
  MX_USB_PCD_Init();
  /* USER CODE BEGIN 2 */
    printf("start\n");
    
    mbedtls_md5_init( &ctx );
    mbedtls_md5_starts( &ctx );
    mbedtls_md5_update( &ctx,test_str,strlen((char*)test_str));
    mbedtls_md5_finish(&ctx,out_buf);
    printf("\"EEWorld stm32H563 md5 test!\" MD5:\n");
    for(i = 0; i < 16; i ++ )
    {
      printf("%02x ",out_buf[i]);
    }
    printf("\n");
    mbedtls_md5_free( &ctx );
  /* USER CODE END 2 */

  /* Infinite loop */
  /* USER CODE BEGIN WHILE */
  while (1)
  {
    /* USER CODE END WHILE */

    /* USER CODE BEGIN 3 */

      HAL_Delay(1000);
      
  }
  
  /* USER CODE END 3 */
}

最后通过串口输出md5结果,对比网页md5工具查看结果是否一致。如下图:

这里相同的内容,经过MD5运算后是一致的结果,可见我们mbedtls库调用没有问题。

后续在开发过程中很多时候都会用到对称、非对称、哈希等加解密算法,mbedtls库是嵌入式开发中一个不错的选择。

此帖出自stm32/stm8论坛

最新回复

mbedtls库是嵌入式开发中是一个好东西   详情 回复 发表于 2023-6-17 14:24
点赞 关注
 

回复
举报

6802

帖子

0

TA的资源

五彩晶圆(高级)

沙发
 

mbedtls库是嵌入式开发中是一个好东西

此帖出自stm32/stm8论坛
 
 

回复
您需要登录后才可以回帖 登录 | 注册

随便看看
查找数据手册?

EEWorld Datasheet 技术支持

相关文章 更多>>
关闭
站长推荐上一条 1/9 下一条

 
EEWorld订阅号

 
EEWorld服务号

 
汽车开发圈

About Us 关于我们 客户服务 联系方式 器件索引 网站地图 最新更新 手机版

站点相关: 国产芯 安防电子 汽车电子 手机便携 工业控制 家用电子 医疗电子 测试测量 网络通信 物联网

北京市海淀区中关村大街18号B座15层1530室 电话:(010)82350740 邮编:100190

电子工程世界版权所有 京B2-20211791 京ICP备10001474号-1 电信业务审批[2006]字第258号函 京公网安备 11010802033920号 Copyright © 2005-2025 EEWORLD.com.cn, Inc. All rights reserved
快速回复 返回顶部 返回列表