Cryptography Hardware Acceleration Plugins for mbed TLS

Detailed Description

Overview of plugins for hardware accelerated cryptography through the mbed TLS APIs.

These plugins hook into acceleration points in the relevant mbed TLS APIs, for the algorithms that can be accelerated by the hardware peripheral included in the respective device.

AES Peripheral

A plugin for the AES peripheral is provided for classic EFM32 and EZR32 MCUs (Series-0).

Select Mbed TLS support for AES component to projects to enable this plugin.

For more details, see accelerated implementation file aes_aes.c.

CRYPTO Peripheral

The Series-1 devices incorporate the CRYPTO peripheral for cryptographic hardware acceleration. The plugins using the CRYPTO peripheral support multi-threaded applications by implementing mbed TLS threading primitives and are located in sl_mbedtls_support/src/crypto_* and sl_psa_driver/src/sli_crypto_*. These implementations are replacing the corresponding software implementations in mbedtls/include/mbedtls/.

Driver files supporting acceleration through legacy mbed TLS APIs (mbedtls_*):

  • crypto_aes.c: acceleration enabled by selecting Mbed TLS support for AES component from Platform Security category.
  • crypto_gcm.c: acceleration enabled by selecting Mbed TLS support for GCM component from Platform Security category.
  • crypto_ecp.c: ECC point multiplication acceleration (secp192r1, secp224r1 and secp256r1) enabled by selecting Mbed TLS support for ECC component from Platform Security category. Support for different ECC curves can be enabled by selecting one or more of the supported Mbed TLS curve components.
  • mbedtls_aes.c: acceleration of the AES-ECB primitive through the mbed TLS APIs by using the corresponding PSA Driver code (sli_crypto_*). Enabled by selecting Mbed TLS support for AES component from Platform Security category.
  • mbedtls_cmac.c: acceleration of AES-CMAC through the mbed TLS APIs by using the corresponding PSA Driver code (sli_crypto_*). Enabled by selecting Mbed TLS support for CMAC component from Platform Security category.
  • mbedtls_sha.c: acceleration of SHA-1 and SHA-2 through the mbed TLS APIs by using the corresponding PSA Driver code (sli_crypto_*). Enabled by selecting Mbed TLS support for SHA component from Platform Security category.

Secure Element Peripheral

The EFR32xG21 devices incorporate the SE peripheral for cryptographic hardware acceleration. The plugins using the SE peripheral support multi-threaded applications by implementing mbed TLS threading primitives and are located in sl_mbedtls_support/src/se_* and sl_psa_driver/src/sli_se_*. These implementations are replacing the corresponding software implementations in mbedtls/include/mbedtls/.

Driver files supporting acceleration through legacy mbed TLS APIs (mbedtls_*):

  • se_aes.c: acceleration enabled by selecting Mbed TLS support for AES component from Platform Security category.
  • se_ccm.c: acceleration enabled by selecting Mbed TLS support for CCM component from Platform Security category.
  • se_gcm.c: acceleration enabled by selecting Mbed TLS support for GCM component from Platform Security category.
  • se_jpake.c: acceleration enabled by selecting Mbed TLS support for J-PAKE component from Platform Security category.
  • mbedtls_aes.c: acceleration of AES primitives through the mbed TLS APIs by using the corresponding PSA Driver code (sli_se_*). Acceleration enabled by selecting Mbed TLS support for AES component from Platform Security category.
  • mbedtls_cmac.c: acceleration of AES-CMAC through the mbed TLS APIs by using the corresponding PSA Driver code (sli_se_*). Acceleration enabled by selecting Mbed TLS support for CMAC component from Platform Security category.
  • mbedtls_ecdsa_ecdh.c: acceleration of ECDSA, ECDH and Elliptic Curve key generation through the mbed TLS APIs by using corresponding the PSA Driver code (sli_se_*). Enabled by selecting Mbed TLS support for ECC component from Platform Security category. Support for different ECC curves can be enabled by selecting one or more of the supported Mbed TLS curve components.
  • mbedtls_sha.c: acceleration of SHA-1 and SHA-2 through the mbed TLS APIs by using the corresponding PSA Driver code (sli_se_*). Enabled by selecting Mbed TLS support for SHA component from Platform Security category.

CRYPTOACC Peripheral

The EFR32xG22 devices incorporate the CRYPTOACC peripheral for cryptographic hardware acceleration. The plugins using the CRYPTOACC peripheral support multi-threaded applications by implementing mbed TLS threading primitives and are located in sl_mbedtls_support/src/cryptoacc_* and sl_psa_driver/src/sli_cryptoacc_*. These implementations are replacing the corresponding software implementations in mbedtls/include/mbedtls/.

Driver files supporting acceleration through legacy mbed TLS APIs (mbedtls_*):

  • cryptoacc_aes.c: acceleration enabled by selecting Mbed TLS support for AES component from Platform Security category.
  • cryptoacc_ccm.c: acceleration enabled by selecting Mbed TLS support for CCM component from Platform Security category.
  • cryptoacc_ecp.c: acceleration enabled by selecting Mbed TLS support for ECC component from Platform Security category. Support for different ECC curves can be enabled by selecting one or more of the supported Mbed TLS curve components.
  • cryptoacc_gcm.c: acceleration enabled by selecting Mbed TLS support for GCM component from Platform Security category.
  • mbedtls_aes.c: acceleration of AES primitives through the mbed TLS APIs by using the corresponding PSA Driver code (sli_cryptoacc_*). Acceleration enabled by selecting Mbed TLS support for AES component from Platform Security category.
  • mbedtls_cmac.c: acceleration of AES-CMAC through the mbed TLS APIs by using the corresponding PSA Driver code (sli_cryptoacc_*). Acceleration enabled by selecting Mbed TLS support for CMAC component from Platform Security category.
  • mbedtls_ecdsa_ecdh.c: acceleration of ECDSA, ECDH and Elliptic Curve key generation through the mbed TLS APIs by using the corresponding PSA Driver code (sli_cryptoacc_*). Acceleration enabled by selecting Mbed TLS support for ECC component from Platform Security category. Support for different ECC curves can be enabled by selecting one or more of the supported Mbed TLS curve components.
  • mbedtls_sha.c: acceleration of SHA-1 and SHA-2 through the mbed TLS APIs by using the corresponding PSA Driver code (sli_cryptoacc_*). Acceleration enabled by selecting Mbed TLS support for SHA component from Platform Security category.

Modules

Accelerated AES Block Cipher
Accelerated AES block cipher for the mbed TLS API using the AES, CRYPTO, CRYPTOACC or SE peripheral.
 
Accelerated AES-CCM AEAD Cipher
Accelerated AES-CCM AEAD cipher for the mbed TLS API using the CRYPTOACC or SE peripheral.
 
Accelerated AES-CMAC Cipher
Accelerated AES-CMAC cipher for the mbed TLS API using the CRYPTOACC or SE peripheral. This implementation builds on the PSA Crypto drivers (Silicon Labs Cryptography Hardware Acceleration Plugins for PSA Crypto).
 
Accelerated Elliptic Curve J-PAKE
Accelerated Elliptic Curve J-PAKE for the mbed TLS API using the SE peripheral.
 
Accelerated GCM AES-128 Cipher
Accelerated AES-GCM-128 cipher for the mbed TLS API using the CRYPTOACC or SE peripheral.
 
Accelerated SHA-1 Hash Function
Accelerated mbed TLS SHA-1 cryptographic hash function for the mbed TLS API using Silicon Labs peripherals. This implementation builds on the PSA Crypto drivers (Silicon Labs Cryptography Hardware Acceleration Plugins for PSA Crypto).
 
Accelerated SHA-224/SHA-256 Hash Function
Accelerated mbed TLS SHA-224/SHA-256 cryptographic hash functions for the mbed TLS API using Silicon Labs peripherals. This implementation builds on the PSA Crypto drivers (Silicon Labs Cryptography Hardware Acceleration Plugins for PSA Crypto).
 
Accelerated SHA-384/SHA-512 Hash Function
Accelerated mbed TLS SHA-384/SHA-512 cryptographic hash function for the mbed TLS API using Silicon Labs peripherals. This implementation builds on the PSA Crypto drivers (Silicon Labs Cryptography Hardware Acceleration Plugins for PSA Crypto).
 
Threading Primitives
Threading primitive implementation for mbed TLS.