2018-08-09 07:25 AM
Our application connects to a server in the cloud and recently we migrated from a proprietary AES256 encryption to Mbed TLS based solution.
By default Mbed TLS does NOT offer out-of-the-box hardware acceleration for AES, MD5, SHA etc. By accident I was triggered to look at Mbed OS 5 that includes Mbed TLS as one of its features. In the targets directory of the mbed TLS feature within Mbed OS, I’ve found support for hardware acceleration that uses the STM32 Crypto and Hash peripherals (provided by STM32F7xx_HAL_Driver). In my application this works fine.
While using the cipher suite TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384, I was wondering why there is only a aes_alt.c implementation and not a gcm_alt.c implementation to support AES-GCM hardware acceleration by STM32 crypto peripheral (these alternative implementations have a STmicroelectronics copyright notice).
Searching the Mbed OS code base for AES, I only found the AES-ECB and AES-CBC modes use the HW STM32 crypto.
See stm32f7xx_hal_cryp_ex.h that offers the following interfaces for AES-GCM support by HW:
HAL_CRYPEx_AESGCM_Encrypt();
HAL_CRYPEx_AESGCM_Decrypt();
HAL_CRYPEx_AESGCM_Finish();
I would expect performance benefits if a gcm_alt module is implemented that uses the STM32 crypto peripheral for AES-GCM as well?
Is anyone already working or thinking about a gcm_alt implementation for STM32?
Kind regards,
Robert
2018-08-27 09:56 AM
Hi Robert,
I'm planning to work on it. I am taking idea from wolfSSL library, where they seem to have ported for STM32F7 to use hardware AES-GCM.
I still don't have success with it yet. I'm trying to implement it and test it using mbedTLS GCM SELF TEST module.
Thanks
Tejas.
2018-08-27 11:39 PM
Hi Tejas,
Many thanks for your answer, good to know someone is working on it and has seen the lack of HW acceleration for AES-GCM.
Are you working for ST?
If your done will it be integrated within Mbed OS?
I tried to make a full alternative implementation of alt_gcm (based on alt_aes) but failed getting the gcm_selftest() up and running due to problems with the length of the initialization vectors of the test cases.
Hope to hear from you when you are able to get it up & running with Mbed TLS GCM self test!
Kind regards,
Robert