FAQs
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Where is hardware accelerated crypto lib for STM32H753?

Go to solution
Pavel A.
Evangelist III

‎2020-09-20 10:39 AM

I have a recent download of en.x-cube-cryptolib_3.1.0.zip and en.patchx_cryptolib_3-1-3.zip.

The former contains AccHw_Crypto subdirectory with subdirectories for F2, F4, F7 and so on but no H7.

Subdirectory for H7 exists only under Fw_Crypto.

In en.patchx_cryptolib_3-1-3.zip there are subdirectories for G0, G4, L5, WB and H7A3. All these, I guess, are software only?

Which package contains hardware accelerated library (AccHw_Crypto) for H753 ?

Thanks,

-- pa

Labels:
0 Kudos
1 ACCEPTED SOLUTION

Accepted Solutions
Go to solution
Jocelyn RICARD
ST Employee
In response to Pavel A.

‎2020-09-30 01:20 AM

Hello Pavel,

I'm sorry, I'm not dedicated to community support. Try to answer the best I can. Also, for some reason I don't receive all notifications...

Clive gave the right answer. STM32H753 has no acceleration IP for asymmetric crypto (Acceleration IP called PKA is available on other families such as STM32WB and STM32L5)

So, if you need to perform PKCS#1v1.5 on H7 you have to use the software implementation.

Also, as Clive mentioned, the hash part (which result is usually used as input of the signature check) can be accelerated.

Symmetric authentication is obviously less robust as you need the private key to check the signature.

You have exemples of this here: STM32Cube_FW_H7_V1.8.0\Projects\STM32H743I-EVAL\Examples\HASH\

To understand the differences I would suggest having a look to the MOOC basic of cryptography which is part2 of the following MOOC series

https://www.st.com/content/st_com/en/support/learning/stm32-education/stm32-embedded-security-learning-journey.html

Best regards

Jocelyn

View solution in original post

0 Kudos
8 REPLIES 8
Go to solution
Tesla DeLorean
Guru

‎2020-09-20 11:04 AM

Can't you just use the HAL?

STM32Cube_FW_H7_V1.7.0\Projects\STM32H743I-EVAL\Examples\CRYP

STM32Cube_FW_H7_V1.7.0\Projects\STM32H7B3I-EVAL\Examples\CRYP

STM32Cube_FW_H7_V1.7.0\Projects\STM32H7B3I-EVAL\Examples\OTFDEC\OTFDEC_ExecutingAesInstruction

Tips, Buy me a coffee, or three.. PayPal Venmo
Up vote any posts that you find helpful, it shows what's working..
0 Kudos
Go to solution
Pavel A.
Evangelist III
In response to Tesla DeLorean

‎2020-09-28 02:25 PM

I need RSA PKCS1v15 (verify RSA signatures). The HAL examples for CRYP and HASH don't seem to support this directly.

Hence I need the crypto library...

-- pa

0 Kudos
Go to solution
Tesla DeLorean
Guru
In response to Pavel A.

‎2020-09-28 05:47 PM

Does the HW support that? I'd presume the SHA256 or whatever hash you're signing, but not the signing itself?

Not sure who the ST Crypto guys are here, if this is a commercial project press your FAE

@Imen DAHMEN​ @Amel NASRI​  can you assign this to those responsible for the H7 CRYPTO, thanks.

Tips, Buy me a coffee, or three.. PayPal Venmo
Up vote any posts that you find helpful, it shows what's working..
0 Kudos
Go to solution
Pavel A.
Evangelist III
In response to Pavel A.

‎2020-09-29 01:33 PM

@Jocelyn RICARD​ is *the* crypto guy. thanks, Clive =)

In the ST examples, I see that they use AES_GCM for authentication. My requirement is RSA (the classic public/private stuff) but if AES_GCM is a good replacement I can reconsider. Got to do my homework in the crypto mumbo jumbo ... (((

-- pa

0 Kudos
Go to solution
Tesla DeLorean
Guru
In response to Pavel A.

‎2020-09-29 08:43 PM

Hopefully there is more than one guy..

I'm using Elliptical Curve code I can build and test on the PC and Cortex-Mx, SHA256 into SECP192R2 in my use case

https://community.st.com/s/question/0D53W00000A2lmZSAR/xcubesbsfu-bootloader-is-really-slow-6s-stm32f429

Tips, Buy me a coffee, or three.. PayPal Venmo
Up vote any posts that you find helpful, it shows what's working..
0 Kudos
Go to solution
Jocelyn RICARD
ST Employee
In response to Pavel A.

‎2020-09-30 01:20 AM

Hello Pavel,

I'm sorry, I'm not dedicated to community support. Try to answer the best I can. Also, for some reason I don't receive all notifications...

Clive gave the right answer. STM32H753 has no acceleration IP for asymmetric crypto (Acceleration IP called PKA is available on other families such as STM32WB and STM32L5)

So, if you need to perform PKCS#1v1.5 on H7 you have to use the software implementation.

Also, as Clive mentioned, the hash part (which result is usually used as input of the signature check) can be accelerated.

Symmetric authentication is obviously less robust as you need the private key to check the signature.

You have exemples of this here: STM32Cube_FW_H7_V1.8.0\Projects\STM32H743I-EVAL\Examples\HASH\

To understand the differences I would suggest having a look to the MOOC basic of cryptography which is part2 of the following MOOC series

https://www.st.com/content/st_com/en/support/learning/stm32-education/stm32-embedded-security-learning-journey.html

Best regards

Jocelyn

0 Kudos
Go to solution
Imen.D
ST Employee

‎2020-09-30 07:41 AM

Hello @Pavel A.​ ,

Based on UM1924 - Table 4. STM32 crypto hardware acceleration libraries, the HW accelerated library for STM32H7 is not supported.

I propose FW library, as there is little difference between Lib FW and HW regarding performance and code size.

Regards

Imen

When your question is answered, please close this topic by clicking "Accept as Solution".
Thanks
Imen
0 Kudos
Go to solution
Pavel A.
Evangelist III
In response to Pavel A.

‎2020-10-01 02:23 AM

Thank you so much Jocelyn for your help, I know I'm already abusing your patience ;)

-- pa

0 Kudos
Top