Mbed TLS is now part of TrustedFirmware.org.

PIC32 support

Sep 9, 2015 08:19
Alfredo Quesada


Considering PIC32 is based on a MIPS architecture, can I use mbed directly on it? I mean, although it's C, I don't know if there's any specific part of the code using ARM assembler which would require some recoding in order to provide PIC32 support.


Sep 9, 2015 08:53
Alfredo Quesada

Btw, my question has to do with endianess as well, as MIPS is little-endian and the last ARM I used was big-endian (I think you could configure it, I'm not sure, but the point is whether mbed can be used in a little-endian uC).


Sep 16, 2015 12:56
Manuel Pégourié-Gonnard

I'll assume your question is about mbed TLS, not the rest of mbed, since we're on the mbed TLS forum.

mbed TLS should compile and run out of the box on all common architectures including MIPS little-endian. Almost all of our code is portable, endianness-independant, standards-compliant C code. For the very few parts where we have non-portable C code or assembly code, it's usually only in addition (as an optional alternative) to portable C code.

There are, however, a few modules of mbed TLS that depend on features provided by and operating system: the NET module and the TIMING module. You'll probably want to disable those (as well as MBEDTLS_FS_IO) when compiling for bare metal or an RTOS (see config.h). None of our other modules directly depends on those: they accept callbacks, and you can provide your own implementation.

Nov 19, 2015 18:16
Alfredo Quesada

Thanks for the information. Either way, I think I may have to take a look at some points where the code tries to access to unaligned data, as this can't be done in MIPS (at least not directly to fields in structures or unions by name, and generates an exception).


Dec 10, 2015 15:44
Steve Kaufer

Alfredo, I'm looking to use mbedTLS on a PIC32 as well. Would you be willing to share your progress?

Jan 15, 2016 18:21
Alfredo Quesada

Hi Steve

I haven't started yet, sorry. However, if I find any issue porting it, I'll let you know, as I'm sure it's a matter of time to find some portions needing some sort of tuning (at least those mentioned by Manuel regarding sockets, timers and FS, in order to load certificates or keys from the right source whatever it is).


Oct 11, 2016 10:08
Sylvain M.

I confirm that it's working with harmony 1.07.01 and mbedtls 2.3.0 for PIC32MX. For a simple HTTP server, it's easy but to with the HTTP server of harmony, it's need more time but it's working.

Oct 12, 2016 15:53
Carl Parker

Hi Sylvain, I'm looking to get this into a PIC32 as well, could you let me know what RAM/ROM usage that added to your project if it's not too much faff? I'm running a display and a load of web stuff on it already and I'm worried I'll be out of space.

Oct 13, 2016 11:08
Sylvain M.

Very quickly, the difference with and without the flag, i have 111ko of ROM and 1.4ko of RAM with optimisation -O1. I use cipher suite : TLS_RSA_WITH_AES_256_CBC_SHA and TLS_DHE_RSA_WITH_AES_256_CBC_SHA. And I don't know the usage of the heap memory, I set it to 70ko!

Oct 19, 2016 20:55

Hi Sylvain. I am porting mbedtls to pic32 MX using TCP/IP 5.25. but it cannot run well. I use two callback function TCPGetArray and TCPPutArray as the recv and send function for mbedtls, but on the stage of ssl_parse_client_key_exchange function, the mbedtls can not receive the right message from browser. Could you give some advice or hints? Any response will be highly appreciated. Thanks.

Oct 25, 2016 11:17
Sylvain M.

Hi David, it's not easy to help you. Is it for a HTTP server ? To help you, active log in mbed, if you don't have a log system, put log in RAM, and look it when the bug appear. It's possible that it's an error of memory allocation. For small ram, it's mandatory to use this option MBEDTLS_SSL_MAX_FRAGMENT_LENGTH and configure it.