Showing results for 
Search instead for 
Did you mean: 

Using TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 with Secure Manager

Associate III


We are currently facing issues using cipher suites that use AES-GCM in conjunction with the Secure Manager.

Our understanding is that in order to make use of Secure Manager functionalities, we should use PSA APIs, however they currently only implement AES-CBC algorithms.

As gathered in this other post, it seems that we need to implement a PSA version of the GCM algorithm. We appreciate this is a very technical task, involving a deeper knowledge of cryptographic algorithms and were hoping ST could offer their knowledge and support in developing such function. In particular the `NX_CRYPTO_KEEP UINT  _nx_crypto_method_aes_psa_gcm_operation(...)` function, that needs to be added to Projects\STM32H573I-DK\Applications\ROT\Nx_Azure_IoT\NetXDuo\psa_crypto_ciphersuites\nx_crypto_aes_psa.c.


Many thanks,



Thanks for the updates Jocelyn and Guillaume.

Hi @Guillaume K and @Jocelyn RICARD ,

Thank you very much for your support and quick responses, this is all very helpful!

Just out of curiosity, is there any timeframe in mind for when the Secure Manager will be updated to support GCM?

Many thanks,