Cryptography Hardware Acceleration Plugins

Detailed Description

Overview of plugins for hardware accelerated cryptography.

Introduction

The mbedtls/sl_crypto folder includes alternative implementations (plugins) from Silicon Labs for selected mbed TLS library functions. The plugins use the AES, RADIOAES, CRYPTO and SE hardware peripherals to accelerate low-level cryptographic primitives. Available acceleration hardware depends on the target device.

The plugins support sharing of cryptography hardware in multi-threaded applications, as well as a reduced overhead configuration for optimal performance in single-threaded applications. Multi-threaded support is provided by the Threading Primitives module.

AES Peripheral

A plugin for the AES peripheral is provided for classic EFM32 and EZR32 MCUs (Series-0).

Define MBEDTLS_AES_C and MBEDTLS_AES_ALT to enable this plugin.

For more details, see accelerated implementation file aes_aes.c.

CRYPTO Peripheral

Plugins for this peripheral support multi-threaded applications by implementing mbed TLS threading primitives using the CRYPTO peripheral available on Series-1 EFM32/EFR32.

Alternative implementations using the CRYPTO peripheral for acceleration are located in mbedtls/sl_crypto/src/crypto_*. These implementations are replacing corresponding software implementations in mbedtls/include/mbedtls/.

  • crypto_aes.c: acceleration enabled by MBEDTLS_AES_C / MBEDTLS_AES_ALT.
  • crypto_ecp.c: ECC point multiplication acceleration (secp192r1, secp224r1 and secp256r1) enabled by MBEDTLS_ECP_C / MBEDTLS_ECP_ALT.
  • crypto_sha.c: SHA-1 and SHA-256 acceleration enabled by MBEDTLS_SHA1_C / MBEDTLS_SHA1_ALT or MBEDTLS_SHA256_C / MBEDTLS_SHA256_ALT.

Secure Element Peripheral

Plugins for this peripheral support multi-threaded applications by implementing mbed TLS threading primitives using the SE peripheral available on Series-2 devices for cryptographic hardware acceleration.

Alternative implementations using the SE peripheral for acceleration are located in mbedtls/sl_crypto/src/se_*. These implementations are replacing corresponding software implementations in mbedtls/include/mbedtls/.

  • se_aes.c: acceleration enabled by MBEDTLS_AES_C / MBEDTLS_AES_ALT.
  • se_ccm.c: acceleration enabled by MBEDTLS_AES_C / MBEDTLS_CCM_ALT.
  • se_cmac.c: acceleration enabled by MBEDTLS_AES_C / MBEDTLS_CMAC_C / MBEDTLS_CMAC_ALT.
  • se_ecp.c: acceleration enabled by MBEDTLS_ECP_C / MBEDTLS_ECDH_GEN_PUBLIC_ALT, MBEDTLS_ECDH_COMPUTE_SHARED_ALT, MBEDTLS_ECDSA_GENKEY_ALT, MBEDTLS_ECDSA_VERIFY_ALT or MBEDTLS_ECDSA_SIGN_ALT.
  • se_jpake.c: acceleration enabled by MBEDTLS_ECJPAKE_C / MBEDTLS_ECJPAKE_ALT.
  • se_sha.c: acceleration enabled by MBEDTLS_SHA1_C / MBEDTLS_SHA1_ALT, MBEDTLS_SHA256_C / MBEDTLS_SHA256_ALT or MBEDTLS_SHA512_C / MBEDTLS_SHA512_ALT.

Modules

Accelerated AES Block Cipher
Accelerated AES block cipher using the AES, CRYPTO or SE peripheral.
 
Accelerated AES-CCM AEAD Cipher
Accelerated AES-CCM AEAD cipher using the SE peripheral.
 
Accelerated AES-CMAC Cipher
Accelerated AES-CMAC cipher using the SE peripheral.
 
Accelerated Elliptic Curve J-PAKE
Accelerated Elliptic Curve J-PAKE using the SE peripheral.
 
Accelerated SHA-1 Hash Function
Accelerated SHA-1 cryptographic hash function using the CRYPTO peripheral.
 
Accelerated SHA-224/SHA-256 Hash Function
Accelerated SHA-224/SHA-256 cryptographic hash function using the CRYPTO or SE peripheral.
 
Accelerated SHA-384/SHA-512 Hash Function
Accelerated SHA-384/SHA-512 cryptographic hash function using the SE peripheral.
 
Cryptography Hardware Acceleration Configuration
Configuration macros for Silicon Labs CRYPTO hardware acceleration mbed TLS plugins.
 
Threading Primitives
Threading primitive implementation for mbed TLS.