Cryptography Hardware Acceleration Plugins

Detailed Description

Overview of plugins for hardware accelerated cryptography.

Introduction

The mbedtls/sl_crypto folder includes alternative implementations (plugins) from Silicon Labs for selected mbed TLS library functions. The plugins use the AES, RADIOAES, CRYPTO, CRYPTOACC and SE hardware peripherals to accelerate low-level cryptographic primitives. Available acceleration hardware depends on the target device.

The plugins support sharing of cryptography hardware in multi-threaded applications, as well as a reduced overhead configuration for optimal performance in single-threaded applications. Multi-threaded support is provided by the Threading Primitives module.

AES Peripheral

A plugin for the AES peripheral is provided for classic EFM32 and EZR32 MCUs (Series-0).

Select Mbed TLS support for AES component to projects to enable this plugin.

For more details, see accelerated implementation file aes_aes.c.

CRYPTO Peripheral

The Series-1 devices incorporate the CRYPTO peripheral for cryptographic hardware acceleration. The plugins using the CRYPTO peripheral support multi-threaded applications by implementing mbed TLS threading primitives and are located in mbedtls/sl_crypto/src/crypto_*. These implementations are replacing the corresponding software implementations in mbedtls/include/mbedtls/.

  • crypto_aes.c: acceleration enabled by selecting Mbed TLS support for AES component from Platform Security category.
  • crypto_gcm.c: acceleration enabled by selecting Mbed TLS support for GCM component from Platform Security category.
  • crypto_ecp.c: ECC point multiplication acceleration (secp192r1, secp224r1 and secp256r1) enabled by selecting Mbed TLS support for ECC component from Platform Security category. Support for different ECC curves can be enabled by selecting one or more of the supported Mbed TLS curve components.
  • crypto_sha.c: SHA-1 and SHA-256 acceleration enabled by selecting Mbed TLS support for SHA component from Platform Security category.

Secure Element Peripheral

The EFR32xG21 devices incorporate the SE peripheral for cryptographic hardware acceleration. The plugins using the SE peripheral support multi-threaded applications by implementing mbed TLS threading primitives and are located in mbedtls/sl_crypto/src/se_*. These implementations are replacing the corresponding software implementations in mbedtls/include/mbedtls/.

  • se_aes.c: acceleration enabled by selecting Mbed TLS support for AES component from Platform Security category.
  • se_ccm.c: acceleration enabled by selecting Mbed TLS support for CCM component from Platform Security category.
  • se_cmac.c: acceleration enabled by selecting Mbed TLS support for CMAC component from Platform Security category.
  • se_ecp.c: acceleration enabled by selecting Mbed TLS support for ECC component from Platform Security category. Support for different ECC curves can be enabled by selecting one or more of the supported Mbed TLS curve components.
  • se_gcm.c: acceleration enabled by selecting Mbed TLS support for GCM component from Platform Security category.
  • se_jpake.c: acceleration enabled by selecting Mbed TLS support for J-PAKE component from Platform Security category.
  • se_sha.c: acceleration enabled by selecting Mbed TLS support for SHA component from Platform Security category.
  • se_trng.c: acceleration enabled by selecting Mbed TLS support for random numbers using CTR_DRBG component from Platform Security category.

CRYPTOACC Peripheral

The EFR32xG22 devices incorporate the CRYPTOACC peripheral for cryptographic hardware acceleration. The plugins using the CRYPTOACC peripheral support multi-threaded applications by implementing mbed TLS threading primitives and are located in mbedtls/sl_crypto/src/cryptoacc_*. These implementations are replacing the corresponding software implementations in mbedtls/include/mbedtls/.

  • cryptoacc_aes.c: acceleration enabled by selecting Mbed TLS support for AES component from Platform Security category.
  • cryptoacc_ccm.c: acceleration enabled by selecting Mbed TLS support for CCM component from Platform Security category.
  • cryptoacc_cmac.c: acceleration enabled by selecting Mbed TLS support for CMAC component from Platform Security category.
  • cryptoacc_ecp.c: acceleration enabled by selecting Mbed TLS support for ECC component from Platform Security category. Support for different ECC curves can be enabled by selecting one or more of the supported Mbed TLS curve components.
  • cryptoacc_gcm.c: acceleration enabled by selecting Mbed TLS support for GCM component from Platform Security category.
  • cryptoacc_sha.c: acceleration enabled by selecting Mbed TLS support for SHA component from Platform Security category.
  • cryptoacc_trng.c: acceleration enabled by selecting Mbed TLS support for random numbers using CTR_DRBG component from Platform Security category.

Modules

Accelerated AES Block Cipher
Accelerated AES block cipher using the AES, CRYPTO, CRYPTOACC or SE peripheral.
 
Accelerated AES-CCM AEAD Cipher
Accelerated AES-CCM AEAD cipher using the CRYPTOACC or SE peripheral.
 
Accelerated AES-CMAC Cipher
Accelerated AES-CMAC cipher using the CRYPTOACC or SE peripheral.
 
Accelerated Elliptic Curve J-PAKE
Accelerated Elliptic Curve J-PAKE using the SE peripheral.
 
Accelerated GCM AES-128 Cipher
Accelerated GCM AES-128 cipher using the CRYPTOACC or SE peripheral.
 
Accelerated SHA-1 Hash Function
Accelerated SHA-1 cryptographic hash function using the CRYPTO, CRYPTOACC or SE peripheral.
 
Accelerated SHA-224/SHA-256 Hash Function
Accelerated SHA-224/SHA-256 cryptographic hash function using the CRYPTO, CRYPTOACC or SE peripheral.
 
Accelerated SHA-384/SHA-512 Hash Function
Accelerated SHA-384/SHA-512 cryptographic hash function using the SE peripheral.
 
Threading Primitives
Threading primitive implementation for mbed TLS.