diff --git a/.gitignore b/.gitignore
index f40064d5bf..2edbc997c1 100644
--- a/.gitignore
+++ b/.gitignore
@@ -26,3 +26,16 @@ massif-*
 
 # CMake generates *.dir/ folders for in-tree builds (used by MSVC projects), ignore all of those:
 *.dir/
+
+# Exported Mbed Crypto files
+crypto/LICENSE
+crypto/VERSION.txt
+crypto/include
+crypto/library/*.c
+crypto/library/libmbedcrypto*
+crypto/scripts
+crypto/tests/scripts
+crypto/tests/suites
+crypto/tests/test_suite*
+crypto/programs/psa
+mbedcrypto.tar.gz
diff --git a/crypto/Makefile b/crypto/Makefile
new file mode 100644
index 0000000000..2230ed97c0
--- /dev/null
+++ b/crypto/Makefile
@@ -0,0 +1,20 @@
+.PHONY: all lib programs tests clean test
+
+all: programs tests
+
+lib:
+	$(MAKE) -C library
+
+programs: lib
+	$(MAKE) -C programs
+
+tests: lib
+	$(MAKE) -C tests
+
+clean:
+	$(MAKE) -C library clean
+	$(MAKE) -C programs clean
+	$(MAKE) -C tests clean
+
+test: lib tests
+	$(MAKE) -C tests test
diff --git a/crypto/library/Makefile b/crypto/library/Makefile
new file mode 100644
index 0000000000..9151662a7c
--- /dev/null
+++ b/crypto/library/Makefile
@@ -0,0 +1,76 @@
+CFLAGS ?= -O2 -I../include
+WARNING_CFLAGS ?= \
+	-Werror -Wall -Wextra \
+	-Wno-unused-function \
+	-Wno-overlength-strings \
+	-Wdeclaration-after-statement \
+# Don't delete this line.
+
+OBJS_CRYPTO := \
+	aes.o \
+	aesni.o \
+	arc4.o \
+	asn1parse.o \
+	asn1write.o \
+	base64.o \
+	bignum.o \
+	blowfish.o \
+	camellia.o \
+	ccm.o \
+	cipher.o \
+	cipher_wrap.o \
+	cmac.o \
+	ctr_drbg.o \
+	des.o \
+	ecdsa.o \
+	ecp.o \
+	ecp_curves.o \
+	entropy.o \
+	entropy_poll.o \
+	gcm.o \
+	hmac_drbg.o \
+	md.o \
+	md2.o \
+	md4.o \
+	md5.o \
+	md_wrap.o \
+	oid.o \
+	pem.o \
+	pk.o \
+	pk_wrap.o \
+	pkcs12.o \
+	pkcs5.o \
+	pkparse.o \
+	pkwrite.o \
+	platform.o \
+	platform_util.o \
+	psa_crypto.o \
+	ripemd160.o \
+	rsa_internal.o \
+	rsa.o \
+	sha1.o \
+	sha256.o \
+	sha512.o \
+	xtea.o \
+# Don't delete this line.
+
+.SILENT:
+
+.PHONY: all static clean
+
+all: static
+
+static: libmbedcrypto.a
+
+libmbedcrypto.a: $(OBJS_CRYPTO)
+	echo "  AR    $@"
+	$(AR) -rc $@ $(OBJS_CRYPTO)
+	echo "  RL    $@"
+	$(AR) -s $@
+
+.c.o:
+	echo "  CC    $<"
+	$(CC) $(CFLAGS) $(WARNING_CFLAGS) -c $<
+
+clean:
+	rm -f *.o libmbedcrypto.a
diff --git a/crypto/programs/Makefile b/crypto/programs/Makefile
new file mode 100644
index 0000000000..093b43dcf8
--- /dev/null
+++ b/crypto/programs/Makefile
@@ -0,0 +1,51 @@
+CFLAGS ?= -O2 -I../include
+WARNING_CFLAGS ?= \
+	-Werror -Wall -Wextra \
+	-Wno-unused-function \
+	-Wno-overlength-strings \
+	-Wdeclaration-after-statement \
+# Don't delete this line.
+
+LDFLAGS ?= -L../library -lmbedcrypto
+
+DEP := ../library/libmbedcrypto.a
+
+APPS := \
+	psa/crypto_examples \
+	psa/key_ladder_demo \
+	psa/psa_constant_names \
+# Don't delete this line.
+
+EXTRA_GENERATED := \
+	psa/psa_constant_names_generated.c \
+# Don't delete this line.
+
+.SILENT:
+
+.PHONY: all clean list
+
+all: $(APPS)
+
+$(DEP):
+	$(MAKE) -C ../library
+
+psa/crypto_examples: psa/crypto_examples.c $(DEP)
+	echo "  CC    psa/crypto_examples.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) psa/crypto_examples.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+psa/key_ladder_demo: psa/key_ladder_demo.c $(DEP)
+	echo "  CC    psa/key_ladder_demo.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) psa/key_ladder_demo.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+psa/psa_constant_names_generated.c: ../scripts/generate_psa_constants.py ../include/psa/crypto.h
+	../scripts/generate_psa_constants.py
+
+psa/psa_constant_names: psa/psa_constant_names_generated.c psa/psa_constant_names.c $(DEP)
+	echo "  CC    psa/psa_constant_names.c"
+	$(CC) $(LOCAL_CFLAGS) $(CFLAGS) psa/psa_constant_names.c $(LOCAL_LDFLAGS) $(LDFLAGS) -o $@
+
+clean:
+	rm -f $(APPS) $(EXTRA_GENERATED)
+
+list:
+	echo $(APPS)
diff --git a/crypto/tests/Makefile b/crypto/tests/Makefile
new file mode 100644
index 0000000000..3315a6eca5
--- /dev/null
+++ b/crypto/tests/Makefile
@@ -0,0 +1,73 @@
+CFLAGS ?= -O2 -I../include
+WARNING_CFLAGS ?= \
+	-Werror -Wall -Wextra \
+	-Wno-unused-function \
+	-Wno-overlength-strings \
+	-Wdeclaration-after-statement \
+# Don't delete this line.
+
+LDFLAGS ?= -L../library -lmbedcrypto
+
+DEP := ../library/libmbedcrypto.a
+
+# Python executable
+PYTHON ?= python
+
+APPS := \
+	test_suite_psa_crypto \
+# Don't delete this line.
+
+# Look up for associated function files
+func.test_suite_psa_crypto := test_suite_psa_crypto
+
+.SILENT:
+
+.PHONY: all test clean
+
+all: $(APPS)
+
+$(DEP):
+	$(MAKE) -C ../library
+
+C_FILES := $(addsuffix .c,$(APPS))
+
+.SECONDEXPANSION:
+$(C_FILES): %.c: suites/$$(func.$$*).function suites/%.data scripts/generate_test_code.py suites/helpers.function suites/main_test.function suites/host_test.function
+	echo "  Gen   $@"
+	$(PYTHON) scripts/generate_test_code.py -f suites/$(func.$*).function \
+		-d suites/$*.data \
+		-t suites/main_test.function \
+		-p suites/host_test.function \
+		-s suites  \
+		--help-file suites/helpers.function \
+		-o .
+
+
+$(APPS): %: %.c $(DEP)
+	echo "  CC    $<"
+	$(CC) $(CFLAGS) $(WARNING_CFLAGS) $< $(LDFLAGS) -o $@
+
+clean:
+	rm -rf $(APPS) *.c *.data TESTS
+	rm -rf data_files/ctr_drbg_seed data_files/hmac_drbg_seed data_files/mpi_write
+
+test: $(APPS)
+	./test_suite_psa_crypto
+
+# Create separate targets for generating embedded tests.
+EMBEDDED_TESTS := $(addprefix embedded_,$(APPS))
+
+# Generate test code for target.
+
+.SECONDEXPANSION:
+$(EMBEDDED_TESTS): embedded_%: suites/$$(func.$$*).function suites/%.data scripts/generate_test_code.py suites/helpers.function suites/main_test.function suites/target_test.function
+	echo "  Gen  ./TESTS/mbedcrypto/$*/$*.c"
+	$(PYTHON) scripts/generate_test_code.py -f suites/$(func.$*).function \
+		-d suites/$*.data \
+		-t suites/main_test.function \
+		-p suites/target_test.function \
+		-s suites  \
+		--help-file suites/helpers.function \
+		-o ./TESTS/mbedcrypto/$*
+
+gen-embedded-test: $(EMBEDDED_TESTS)
diff --git a/scripts/mbed_crypto.make b/scripts/mbed_crypto.make
new file mode 100644
index 0000000000..f06bdfba2f
--- /dev/null
+++ b/scripts/mbed_crypto.make
@@ -0,0 +1,227 @@
+###########################################################################
+#
+#  Copyright (c) 2018, ARM Limited, All Rights Reserved
+#  SPDX-License-Identifier: Apache-2.0
+#
+#  Licensed under the Apache License, Version 2.0 (the "License"); you may
+#  not use this file except in compliance with the License.
+#  You may obtain a copy of the License at
+#
+#  http://www.apache.org/licenses/LICENSE-2.0
+#
+#  Unless required by applicable law or agreed to in writing, software
+#  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#  See the License for the specific language governing permissions and
+#  limitations under the License.
+#
+###########################################################################
+
+#
+# Use this file to export an Mbed Crypto release tarball as follows, from the
+# top level of the mbedtls repo:
+#
+#   1) make -f scripts/mbed_crypto.make
+#
+
+.PHONY: all clean FORCE
+
+all: mbedcrypto.tar.gz
+
+#
+# Crypto-necessary library files
+#
+LIB_FILES := \
+	aes.c \
+	aesni.c \
+	arc4.c \
+	asn1parse.c \
+	asn1write.c \
+	base64.c \
+	bignum.c \
+	blowfish.c \
+	camellia.c \
+	ccm.c \
+	cipher.c \
+	cipher_wrap.c \
+	cmac.c \
+	ctr_drbg.c \
+	des.c \
+	ecdsa.c \
+	ecp.c \
+	ecp_curves.c \
+	entropy.c \
+	entropy_poll.c \
+	gcm.c \
+	hmac_drbg.c \
+	md.c \
+	md2.c \
+	md4.c \
+	md5.c \
+	md_wrap.c \
+	oid.c \
+	pem.c \
+	pk.c \
+	pk_wrap.c \
+	pkcs12.c \
+	pkcs5.c \
+	pkparse.c \
+	pkwrite.c \
+	platform.c \
+	platform_util.c \
+	psa_crypto.c \
+	ripemd160.c \
+	rsa_internal.c \
+	rsa.c \
+	sha1.c \
+	sha256.c \
+	sha512.c \
+	xtea.c \
+# Don't delete this line.
+
+#
+# Crypto-necessary include files
+#
+INC_FILES := \
+	mbedcrypto/aes.h \
+	mbedcrypto/aesni.h \
+	mbedcrypto/arc4.h \
+	mbedcrypto/asn1.h \
+	mbedcrypto/asn1write.h \
+	mbedcrypto/base64.h \
+	mbedcrypto/bignum.h \
+	mbedcrypto/blowfish.h \
+	mbedcrypto/bn_mul.h \
+	mbedcrypto/camellia.h \
+	mbedcrypto/ccm.h \
+	mbedcrypto/certs.h \
+	mbedcrypto/check_config.h \
+	mbedcrypto/cipher.h \
+	mbedcrypto/cipher_internal.h \
+	mbedcrypto/cmac.h \
+	mbedcrypto/config.h \
+	mbedcrypto/ctr_drbg.h \
+	mbedcrypto/des.h \
+	mbedcrypto/ecdsa.h \
+	mbedcrypto/ecp.h \
+	mbedcrypto/ecp_internal.h \
+	mbedcrypto/entropy.h \
+	mbedcrypto/entropy_poll.h \
+	mbedcrypto/error.h \
+	mbedcrypto/gcm.h \
+	mbedcrypto/hmac_drbg.h \
+	mbedcrypto/md.h \
+	mbedcrypto/md2.h \
+	mbedcrypto/md4.h \
+	mbedcrypto/md5.h \
+	mbedcrypto/md_internal.h \
+	mbedcrypto/oid.h \
+	mbedcrypto/pem.h \
+	mbedcrypto/pk.h \
+	mbedcrypto/pk_internal.h \
+	mbedcrypto/pkcs11.h \
+	mbedcrypto/pkcs12.h \
+	mbedcrypto/pkcs5.h \
+	mbedcrypto/platform.h \
+	mbedcrypto/platform_util.h \
+	mbedcrypto/ripemd160.h \
+	mbedcrypto/rsa.h \
+	mbedcrypto/rsa_internal.h \
+	mbedcrypto/sha1.h \
+	mbedcrypto/sha256.h \
+	mbedcrypto/sha512.h \
+	mbedcrypto/threading.h \
+	mbedcrypto/xtea.h \
+	psa/crypto.h \
+	psa/crypto_extra.h \
+	psa/crypto_platform.h \
+	psa/crypto_sizes.h \
+	psa/crypto_struct.h \
+# Don't delete this line.
+
+TEST_FILES := \
+	tests/scripts/generate_test_code.py \
+	tests/scripts/mbedtls_test.py \
+	tests/scripts/test_generate_test_code.py \
+	tests/scripts/run-test-suites.pl \
+	tests/suites/helpers.function \
+	tests/suites/host_test.function \
+	tests/suites/main_test.function \
+	tests/suites/target_test.function \
+	tests/suites/test_suite_psa_crypto.data \
+	tests/suites/test_suite_psa_crypto.function \
+# Don't delete this line.
+
+OTHER_FILES := \
+	LICENSE \
+	VERSION.txt \
+	programs/psa/crypto_examples.c \
+	programs/psa/key_ladder_demo.c \
+	programs/psa/key_ladder_demo.sh \
+	programs/psa/psa_constant_names.c \
+	scripts/config.pl \
+	scripts/generate_psa_constants.py \
+# Don't delete this line.
+
+# Prepend destination directory
+LIB_FILES := $(addprefix crypto/library/,$(LIB_FILES))
+INC_FILES := $(addprefix crypto/include/,$(INC_FILES))
+TEST_FILES := $(addprefix crypto/,$(TEST_FILES))
+OTHER_FILES := $(addprefix crypto/,$(OTHER_FILES))
+
+define rename_mbedcrypto
+	@sed -i -e 's/Mbed TLS/Mbed Crypto/g' $(1)
+	@sed -i -e 's/mbed TLS/Mbed Crypto/g' $(1)
+	@sed -i -e 's/MBEDTLS_/MBEDCRYPTO_/g' $(1)
+	@sed -i -e 's/mbedtls/mbedcrypto/g' $(1)
+	@sed -i -e 's/MbedTls/MbedCrypto/g' $(1)
+	@sed -i -e 's/include\/mbedtls/include\/mbedcrypto/g' $(1)
+endef
+
+crypto/include/mbedcrypto/config.h: configs/config-psa-crypto.h
+	@echo $@
+	@mkdir -p $(dir $@)
+	@cp $< $@
+	@#Rename the file in the comments
+	@sed -i -e 's/config-psa-crypto.h/config.h/g' $@
+	$(call rename_mbedcrypto,$@)
+
+crypto/tests/data_files/%: tests/data_files/%
+	@echo $@
+	@mkdir -p $(dir $@)
+	@cp $< $@
+	@#Don't rename things inside data files
+
+crypto/include/mbedcrypto/%.h: include/mbedtls/%.h
+	@echo $@
+	@mkdir -p $(dir $@)
+	@cp $< $@
+	$(call rename_mbedcrypto,$@)
+
+crypto/LICENSE: apache-2.0.txt
+	@echo $@
+	@mkdir -p $(dir $@)
+	@cp $< $@
+	@#Don't rename anything in the license
+
+crypto/%: %
+	@echo $@
+	@mkdir -p $(dir $@)
+	@cp $< $@
+	$(call rename_mbedcrypto,$@)
+
+crypto/VERSION.txt: FORCE
+	@git describe --tags --abbrev=12 --dirty > $@
+
+mbedcrypto.tar.gz: $(LIB_FILES) $(INC_FILES) $(TEST_FILES) $(OTHER_FILES)
+	@echo $@
+	@tar czf mbedcrypto.tar.gz crypto
+
+clean:
+	@echo clean
+	@rm -rf mbedcrypto.tar.gz \
+		$(LIB_FILES) $(INC_FILES) $(TEST_FILES) $(OTHER_FILES)
+
+FORCE:
+
+# vi: ft=make
diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh
index 1faa5d561b..9962046621 100755
--- a/tests/scripts/all.sh
+++ b/tests/scripts/all.sh
@@ -456,6 +456,14 @@ msg "test: doxygen warnings" # ~ 3s
 cleanup
 tests/scripts/doxygen.sh
 
+msg "test: Mbed Crypto exporter " # ~ 30s
+cleanup
+make -f scripts/mbed_crypto.make
+cd crypto
+make test
+make clean
+cd ..
+make -f scripts/mbed_crypto.make clean
 
 
 ################################################################