Knowledge Base

• Attacks
  • Spectre and Meltdown
• Compiling and Building
  • Compile Mbed TLS to a static library in Eclipse CDT
  • Compiling Mbed TLS in MinGW
  • How to configure Mbed TLS
  • Mbed TLS failed to compile on XXXX
  • Mbed TLS on Solaris
  • Setting up the Eclipse CDT environment on Windows
  • Arm Mbed TLS in Microsoft Visual Studio 2015
• Cryptography
  • ASN.1 key structures in DER and PEM
  • Elliptic curve performance: NIST vs. Brainpool
  • Why use Ephemeral Diffie-Hellman
  • Providing Diffie-Hellman-Merkle (DHM) parameters
  • RSA encryption maximum data size
  • RSA key pair generator
  • Using an external RSA private key
• Development
  • Adding support for additional subject alternative names
  • Debugging TLS sessions
  • Deprecations
  • Entropy collection, random generation with threads
  • Generating the API documentation locally
  • How to define error codes for new modules
  • How to fill an RSA context from N, E, P and Q
  • Alternative cryptography engines implementation
  • Mbed TLS coding standards
  • Setting up a Python environment for Mbed TLS
  • Nonblocking ECC
  • Sample Applications
  • Mbed TLS script coding standards
  • Mbed TLS tests guidelines
  • Thread safety and multithreading: concurrency issues
  • Open-source tools in popular long-term support distributions
  • The external dependencies Mbed TLS relies on
• Generic
  • Mbed TLS abstraction layers
  • What is the export control status of Mbed TLS?
  • FTP folder for automatic downloads
  • Is Mbed TLS FIPS certified?
  • Mbed TLS design
  • RSASSA-PSS
  • Mbed TLS automated testing and quality assurance
• How to
  • Random data generation
  • Why to add an entropy source
  • How to systematically generate test data
  • How to get code size of the library
  • Compile cURL with Arm Mbed TLS
  • Mbed TLS over low-bandwidth, unreliable datagram networks
  • Using DTLS
  • Emulate MySQL’s AES_ENCRYPT() and AES_DECRYPT() in Mbed TLS
  • How to encrypt and decrypt with RSA
  • Encrypt data with AES-CBC mode
  • How to generate a Certificate Request (CSR)
  • How to generate a self-signed certificate
  • Generating an AES key
  • Porting Mbed TLS to a new environment or OS
  • How to tune Elliptic Curves resource usage
  • Porting the non-volatile (NV) seed
  • Enabling NV seed entropy source support
  • Provisioning your platform with the seed
  • Security considerations
  • Increasing SSL and TLS performance
  • Mbed TLS tutorial
  • Reducing Mbed TLS memory and storage footprint
  • Binary footprint
  • Memory footprint
  • Switching to the new code style
  • How to put TLS keys into an external cryptoprocessor
  • TLS PRF key derivation
  • Using uncrustify in Mbed TLS
  • How to use Server Name Indication
  • Using only a few modules from the library
  • Alternative ways of allocating memory in Mbed TLS
• Licensing
  • Copyright and contributions
  • How is Mbed TLS (formerly PolarSSL) protected legally?
  • Using Mbed TLS in a non-Apache or GPL project