Address PR comments

This commit is contained in:
Thomas Cook
2026-05-01 13:00:34 -04:00
parent 9605d96ccb
commit 30fc5887ee
5 changed files with 60 additions and 20 deletions
+42 -1
View File
@@ -1,6 +1,46 @@
# wolfSSL NXP Hardware Acceleration Ports
wolfSSL supports hardware acceleration on NXP DCP, LTC (KSDK), and SE050.
wolfSSL supports hardware acceleration on NXP DCP, LTC (KSDK), LPC55S69, and SE050.
## NXP LPC55S69
The LPC55S69 is a general purpose edge computing device, with dual ARM
Cortex-M33 cores running up to 150 MHz, 640/320 KB internal flash/ram,
TrustZone-M, a DSP accelerator, and extensive cryptographic acceleration.
wolfSSL supports the following hardware acceleration on the LPC55S69:
- TRNG
- HashCrypt (Hash/AES Crypto Engine)
- AES (128, 192, 256) encrypt/decrypt
- AES-CBC, AES-ECB, AES-CTR, AES-OFB, AES-CFB
- SHA-1, SHA-256
- CASPER (Asymmetric Crypto Accelerator)
- RSA verify/encrypt/decrypt (up to 4096-bit, public key only)
### LPC55S69 Hardware Acceleration Caveats
The following caveats should be noted about the LPC55S69 hardware acceleration:
- AES-CTR mode fails when the counter wraps from all FF's to 0. User should
ensure this never happens, by properly managing the iv/counter in use.
- AES-CFB and AES-OFB only support full 16-byte blocks and multiples thereof.
Encrypt/Decrypt requests of other sizes will fail.
- RSA acceleration is only supported for public keys. Private key operations
will use a fully software implementation.
- When the HashCrypt engine is in use for SHA-1 or SHA-256, it must not be
interrupted with another hash request or an AES request. The hash must be
completed before another operation is requested.
### wolfSSL LPC55S69 Hardware Acceleration Enable/Disable
To enable LPC55S69 hardware acceleration, define the following symbol:
**`WOLFSSL_NXP_LPC55S69_WITH_HWACCEL`**
To disable LPC55S69 hardware acceleration, define the following symbol:
**`WOLFSSL_NXP_LPC55S69_NO_HWACCEL`**
NOTE: In either case, the TRNG is always enabled for use.
## NXP SE050
@@ -10,3 +50,4 @@ see [README_SE050.md](./README_SE050.md).
## Support
For questions please email support@wolfssl.com
+3 -3
View File
@@ -82,7 +82,7 @@ int casper_rsa_public_exptmod(
return 0;
}
#endif
#endif /* !NO_RSA && WOLFSSL_NXP_CASPER_RSA_PUB_EXPTMOD */
/* 32 for 256 bits, 48 for 384 bits and 72 for 521 bits... */
@@ -157,7 +157,7 @@ int casper_ecc_mulmod(
return 0;
}
#endif
#endif /* HAVE_ECC && WOLFSSL_NXP_CASPER_ECC_MULMOD */
#if defined(HAVE_ECC) && defined(WOLFSSL_NXP_CASPER_ECC_MUL2ADD)
/* calculates R = m*P[X, Y] + n*Q[X, Y] */
@@ -248,6 +248,6 @@ int casper_ecc_mul2add(
return 0;
}
#endif
#endif /* HAVE_ECC && WOLFSSL_NXP_CASPER_ECC_MUL2ADD */
#endif /* WOLFSSL_NXP_CASPER */
+9 -9
View File
@@ -11699,7 +11699,7 @@ EVP_TEST_END:
if (XMEMCMP(cipher + WC_AES_BLOCK_SIZE, cipher1 + WC_AES_BLOCK_SIZE,
WC_AES_BLOCK_SIZE))
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
#endif
#endif /* !WOLFSSL_NXP_HASHCRYPT_AES */
#ifdef HAVE_AES_DECRYPT
ret = wc_AesOfbDecrypt(dec, plain, cipher1, WC_AES_BLOCK_SIZE);
@@ -11718,7 +11718,7 @@ EVP_TEST_END:
if (XMEMCMP(plain + WC_AES_BLOCK_SIZE, plain1 + WC_AES_BLOCK_SIZE,
WC_AES_BLOCK_SIZE))
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
#endif
#endif /* !WOLFSSL_NXP_HASHCRYPT_AES */
#endif /* HAVE_AES_DECRYPT */
/* multiple blocks at once */
@@ -11803,7 +11803,7 @@ EVP_TEST_END:
#ifndef WOLFSSL_NXP_HASHCRYPT_AES
if (XMEMCMP(cipher + 3, cipher1 + 3, WC_AES_BLOCK_SIZE))
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
#endif
#endif /* !WOLFSSL_NXP_HASHCRYPT_AES */
#ifdef HAVE_AES_DECRYPT
ret = wc_AesOfbDecrypt(dec, plain, cipher1, 6);
@@ -11820,7 +11820,7 @@ EVP_TEST_END:
#ifndef WOLFSSL_NXP_HASHCRYPT_AES
if (XMEMCMP(plain + 6, plain1 + 6, WC_AES_BLOCK_SIZE))
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
#endif
#endif /* !WOLFSSL_NXP_HASHCRYPT_AES */
#endif /* HAVE_AES_DECRYPT */
#endif /* WOLFSSL_AES_256 */
@@ -12040,7 +12040,7 @@ EVP_TEST_END:
if (XMEMCMP(plain, msg1, WC_AES_BLOCK_SIZE * 3))
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
#endif /* HAVE_AES_DECRYPT */
#endif
#endif /* !WOLFSSL_NXP_HASHCRYPT_AES */
#endif /* WOLFSSL_AES_128 */
#ifdef WOLFSSL_AES_192
@@ -12154,7 +12154,7 @@ EVP_TEST_END:
if (XMEMCMP(plain, msg3, WC_AES_BLOCK_SIZE * 4))
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
#endif /* HAVE_AES_DECRYPT */
#endif
#endif /* !WOLFSSL_NXP_HASHCRYPT_AES */
#endif /* WOLFSSL_AES_256 */
out:
@@ -15618,7 +15618,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_ctr_test(void)
{ ctr128Key, (int)sizeof(ctr128Key), ctrIvWrap128,
ctrPlain, (int)sizeof(ctr128Wrap128CipherLong),
ctr128Wrap128CipherLong },
#endif
#endif /* !WOLFSSL_NXP_HASHCRYPT_AES */
#if defined(WOLFSSL_ARMASM) || defined(WOLFSSL_RISCV_ASM)
{ ctr128Key, (int)sizeof(ctr128Key), ctrIvWrap128_2,
ctrPlain, (int)sizeof(ctr128Wrap128_2CipherLong),
@@ -15662,7 +15662,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_ctr_test(void)
{ ctr192Key, (int)sizeof(ctr192Key), ctrIvWrap128,
ctrPlain, (int)sizeof(ctr192Wrap128CipherLong),
ctr192Wrap128CipherLong },
#endif
#endif /* !WOLFSSL_NXP_HASHCRYPT_AES */
#if defined(WOLFSSL_ARMASM) || defined(WOLFSSL_RISCV_ASM)
{ ctr192Key, (int)sizeof(ctr192Key), ctrIvWrap128_2,
ctrPlain, (int)sizeof(ctr192Wrap128_2CipherLong),
@@ -15706,7 +15706,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_ctr_test(void)
{ ctr256Key, (int)sizeof(ctr256Key), ctrIvWrap128,
ctrPlain, (int)sizeof(ctr256Wrap128CipherLong),
ctr256Wrap128CipherLong },
#endif
#endif /* !WOLFSSL_NXP_HASHCRYPT_AES */
#if defined(WOLFSSL_ARMASM) || defined(WOLFSSL_RISCV_ASM)
{ ctr256Key, (int)sizeof(ctr256Key), ctrIvWrap128_2,
ctrPlain, (int)sizeof(ctr256Wrap128_2CipherLong),
+5 -6
View File
@@ -26,13 +26,12 @@
int wc_casper_init(void);
#if !defined(NO_RSA) && defined(WOLFSSL_NXP_CASPER_RSA_PUB_EXPTMOD)
#include <wolfssl/wolfcrypt/rsa.h>
int casper_rsa_public_exptmod(
const byte* in, word32 inLen, byte* out, word32* outLen, RsaKey* key
);
#endif
#endif /* !NO_RSA && WOLFSSL_NXP_CASPER_RSA_PUB_EXPTMOD */
#if defined(HAVE_ECC)
@@ -42,14 +41,14 @@ int casper_rsa_public_exptmod(
int casper_ecc_mulmod(
const mp_int *m, ecc_point *P, ecc_point *R, int curve_id
);
#endif
#endif /* WOLFSSL_NXP_CASPER_ECC_MULMOD */
#ifdef WOLFSSL_NXP_CASPER_ECC_MUL2ADD
int casper_ecc_mul2add(
const mp_int *m, ecc_point *P, const mp_int *n, ecc_point *Q,
ecc_point *R, int curve_id
);
#endif
#endif
#endif /* WOLFSSL_NXP_CASPER_ECC_MUL2ADD */
#endif /* HAVE_ECC */
#endif
#endif /* _CASPER_PORT_H_ */
+1 -1
View File
@@ -25,4 +25,4 @@
int wc_hashcrypt_init(void);
#endif
#endif /* _HASHCRYPT_PORT_H_ */