When will STM32H7 support mbedTLS v3?

I'm actually adding MbedTLS manually to my project. What I wanted isn't the library itself but the alternative  implementations that come with it that enable the use of the CRYP and HASH peripherals for hardware acceleration. I guess I'll have to migrate the version I have of those alt files to make them work with MbdTLS v3.

---

@Saket_Om wrote:

Hello @Moemen 

At this time, there are no commitments to upgrade the MbedTLS version included in STM32CubeH7.

 

---

So is ST serious and is not intending to offer modern and up-to-date drivers for mbedTLS in the future? mbedTLS 4.0 has been released and even 3.6 will be outdated soon.

How is ST expecting users to maintain their security software stacks if no updates are offered? 

Hello @Moemen 

MbedTLS version 3.6.4 is now available on GitHub. Users are responsible for updating to this version as needed.

---

@Saket_Om wrote:

MbedTLS version 3.6.4 is now available on GitHub. Users are responsible for updating to this version as needed.

---

Yes, but its useless without hardware acceleration support for the CRYPT and HASH peripherals. So if users update as you suggest to 3.6.4 they loose the support for the hardware acceleration. Or did I overlook something in that repo you mentioned?

I was able to adapt the templates provided in the STM32CubeH7 repo (That are made for MbedTLS v2.16.2) to work with MbedTLS 3.6.4 but it's far from a clean solution. Also the performance isn't that great but I'm not sure if it's because of ST's implementation or if it's something else.

@Moemen Did you get HW accelerated AES-GCM working with mbedTLS 3.6.4?

I got it to work in unit tests but I'm having issues with tag checking when doing integration tests. I'm not sure if it's due to my implementation of AES-GCM or a different problem.