hardware implementation for AES-GCM

Tip / Sign in to post questions, reply, level up, and achieve exciting badges. Know more

cross mob
RaNo_3455531
Level 1
Level 1
Welcome!

Hi

The model platform_tiny_crypto.c has several function that implement using harwdare the bulk TLS cipher like AES-CBC, AES-ECB, AES-CTR.

For example hw_aes_crypt_ctr

I am looking for an implementation for AES-GCM (Galois Counter Mode)

Any help or lead is really appreciated.

Thanks,

Ramzi

0 Likes
1 Solution

The hardware crypto option is controlled by the macro PLATFORM_HAS_HW_CRYPTO_SUPPORT in mbedtls/config.h. You can see several other macros *_ALT enabled. These macros would control the individual hwcrypto modules of those functions defined in *_alt.c in mbedtls_open/library/*_alt.c. The macro for hwcrypto is enabled by default in BCM4390x.mk as shown below:

GLOBAL_DEFINES +=  PLATFORM_HAS_HW_CRYPTO_SUPPORT
$(NAME)_SOURCES += platform_crypto.c

If you want to bypass hwcrypto, you can comment out the above lines. Alternately you can replace the macro with WICED_CONFIG_DONOT_USE_HW_CRYPTO.

View solution in original post

5 Replies
WinstonF_61
Moderator
Moderator
Moderator
100 likes received 100 sign-ins 50 solutions authored

Hi Ramzi,

Which platofrm / device are you looking to implement this in?

Regards

Winston

Regards
Winston
0 Likes

Hi Winston,

Thanks for the reply, we use this system CYW943907AEVAL1F (I use the WICED

SDK on windows 10)

What I need is the implementation of using AES-GCM for both software and

hardware.

Thanks again,

ramzi

On Tue, Jan 29, 2019 at 10:20 PM WinstonF_61 <community-manager@cypress.com>

0 Likes

Software implementation of AES-GCM is provided in the mbedTLS library in \43xxx_Wi-Fi\WICED\security\BESL\mbedtls_open\library\gcm.c. As per the datasheet, hardware crypto core of CYW43907 does not support AES-GCM.

Hi

This is what I used to build the app, but just noticed that AES-GCM uses

hw_aes_crypt

By this I assume that GCM is implemented using AES hardware.

I'd like to know if I can run AES-GCM using software only (by pass the

hardware option)

Thanks,

On Thu, Jan 31, 2019 at 7:50 AM MichaelF_56 <community-manager@cypress.com>

0 Likes

The hardware crypto option is controlled by the macro PLATFORM_HAS_HW_CRYPTO_SUPPORT in mbedtls/config.h. You can see several other macros *_ALT enabled. These macros would control the individual hwcrypto modules of those functions defined in *_alt.c in mbedtls_open/library/*_alt.c. The macro for hwcrypto is enabled by default in BCM4390x.mk as shown below:

GLOBAL_DEFINES +=  PLATFORM_HAS_HW_CRYPTO_SUPPORT
$(NAME)_SOURCES += platform_crypto.c

If you want to bypass hwcrypto, you can comment out the above lines. Alternately you can replace the macro with WICED_CONFIG_DONOT_USE_HW_CRYPTO.