mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-06 17:40:50 +02:00
Address PR comments
This commit is contained in:
@@ -1,6 +1,46 @@
|
||||
# wolfSSL NXP Hardware Acceleration Ports
|
||||
|
||||
wolfSSL supports hardware acceleration on NXP DCP, LTC (KSDK), and SE050.
|
||||
wolfSSL supports hardware acceleration on NXP DCP, LTC (KSDK), LPC55S69, and SE050.
|
||||
|
||||
## NXP LPC55S69
|
||||
|
||||
The LPC55S69 is a general purpose edge computing device, with dual ARM
|
||||
Cortex-M33 cores running up to 150 MHz, 640/320 KB internal flash/ram,
|
||||
TrustZone-M, a DSP accelerator, and extensive cryptographic acceleration.
|
||||
|
||||
wolfSSL supports the following hardware acceleration on the LPC55S69:
|
||||
- TRNG
|
||||
- HashCrypt (Hash/AES Crypto Engine)
|
||||
- AES (128, 192, 256) encrypt/decrypt
|
||||
- AES-CBC, AES-ECB, AES-CTR, AES-OFB, AES-CFB
|
||||
- SHA-1, SHA-256
|
||||
- CASPER (Asymmetric Crypto Accelerator)
|
||||
- RSA verify/encrypt/decrypt (up to 4096-bit, public key only)
|
||||
|
||||
### LPC55S69 Hardware Acceleration Caveats
|
||||
|
||||
The following caveats should be noted about the LPC55S69 hardware acceleration:
|
||||
- AES-CTR mode fails when the counter wraps from all FF's to 0. User should
|
||||
ensure this never happens, by properly managing the iv/counter in use.
|
||||
- AES-CFB and AES-OFB only support full 16-byte blocks and multiples thereof.
|
||||
Encrypt/Decrypt requests of other sizes will fail.
|
||||
- RSA acceleration is only supported for public keys. Private key operations
|
||||
will use a fully software implementation.
|
||||
- When the HashCrypt engine is in use for SHA-1 or SHA-256, it must not be
|
||||
interrupted with another hash request or an AES request. The hash must be
|
||||
completed before another operation is requested.
|
||||
|
||||
### wolfSSL LPC55S69 Hardware Acceleration Enable/Disable
|
||||
|
||||
To enable LPC55S69 hardware acceleration, define the following symbol:
|
||||
|
||||
**`WOLFSSL_NXP_LPC55S69_WITH_HWACCEL`**
|
||||
|
||||
To disable LPC55S69 hardware acceleration, define the following symbol:
|
||||
|
||||
**`WOLFSSL_NXP_LPC55S69_NO_HWACCEL`**
|
||||
|
||||
NOTE: In either case, the TRNG is always enabled for use.
|
||||
|
||||
## NXP SE050
|
||||
|
||||
@@ -10,3 +50,4 @@ see [README_SE050.md](./README_SE050.md).
|
||||
## Support
|
||||
|
||||
For questions please email support@wolfssl.com
|
||||
|
||||
|
||||
@@ -82,7 +82,7 @@ int casper_rsa_public_exptmod(
|
||||
|
||||
return 0;
|
||||
}
|
||||
#endif
|
||||
#endif /* !NO_RSA && WOLFSSL_NXP_CASPER_RSA_PUB_EXPTMOD */
|
||||
|
||||
|
||||
/* 32 for 256 bits, 48 for 384 bits and 72 for 521 bits... */
|
||||
@@ -157,7 +157,7 @@ int casper_ecc_mulmod(
|
||||
|
||||
return 0;
|
||||
}
|
||||
#endif
|
||||
#endif /* HAVE_ECC && WOLFSSL_NXP_CASPER_ECC_MULMOD */
|
||||
|
||||
#if defined(HAVE_ECC) && defined(WOLFSSL_NXP_CASPER_ECC_MUL2ADD)
|
||||
/* calculates R = m*P[X, Y] + n*Q[X, Y] */
|
||||
@@ -248,6 +248,6 @@ int casper_ecc_mul2add(
|
||||
|
||||
return 0;
|
||||
}
|
||||
#endif
|
||||
#endif /* HAVE_ECC && WOLFSSL_NXP_CASPER_ECC_MUL2ADD */
|
||||
|
||||
#endif /* WOLFSSL_NXP_CASPER */
|
||||
|
||||
@@ -11699,7 +11699,7 @@ EVP_TEST_END:
|
||||
if (XMEMCMP(cipher + WC_AES_BLOCK_SIZE, cipher1 + WC_AES_BLOCK_SIZE,
|
||||
WC_AES_BLOCK_SIZE))
|
||||
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
|
||||
#endif
|
||||
#endif /* !WOLFSSL_NXP_HASHCRYPT_AES */
|
||||
|
||||
#ifdef HAVE_AES_DECRYPT
|
||||
ret = wc_AesOfbDecrypt(dec, plain, cipher1, WC_AES_BLOCK_SIZE);
|
||||
@@ -11718,7 +11718,7 @@ EVP_TEST_END:
|
||||
if (XMEMCMP(plain + WC_AES_BLOCK_SIZE, plain1 + WC_AES_BLOCK_SIZE,
|
||||
WC_AES_BLOCK_SIZE))
|
||||
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
|
||||
#endif
|
||||
#endif /* !WOLFSSL_NXP_HASHCRYPT_AES */
|
||||
#endif /* HAVE_AES_DECRYPT */
|
||||
|
||||
/* multiple blocks at once */
|
||||
@@ -11803,7 +11803,7 @@ EVP_TEST_END:
|
||||
#ifndef WOLFSSL_NXP_HASHCRYPT_AES
|
||||
if (XMEMCMP(cipher + 3, cipher1 + 3, WC_AES_BLOCK_SIZE))
|
||||
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
|
||||
#endif
|
||||
#endif /* !WOLFSSL_NXP_HASHCRYPT_AES */
|
||||
|
||||
#ifdef HAVE_AES_DECRYPT
|
||||
ret = wc_AesOfbDecrypt(dec, plain, cipher1, 6);
|
||||
@@ -11820,7 +11820,7 @@ EVP_TEST_END:
|
||||
#ifndef WOLFSSL_NXP_HASHCRYPT_AES
|
||||
if (XMEMCMP(plain + 6, plain1 + 6, WC_AES_BLOCK_SIZE))
|
||||
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
|
||||
#endif
|
||||
#endif /* !WOLFSSL_NXP_HASHCRYPT_AES */
|
||||
#endif /* HAVE_AES_DECRYPT */
|
||||
#endif /* WOLFSSL_AES_256 */
|
||||
|
||||
@@ -12040,7 +12040,7 @@ EVP_TEST_END:
|
||||
if (XMEMCMP(plain, msg1, WC_AES_BLOCK_SIZE * 3))
|
||||
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
|
||||
#endif /* HAVE_AES_DECRYPT */
|
||||
#endif
|
||||
#endif /* !WOLFSSL_NXP_HASHCRYPT_AES */
|
||||
#endif /* WOLFSSL_AES_128 */
|
||||
|
||||
#ifdef WOLFSSL_AES_192
|
||||
@@ -12154,7 +12154,7 @@ EVP_TEST_END:
|
||||
if (XMEMCMP(plain, msg3, WC_AES_BLOCK_SIZE * 4))
|
||||
ERROR_OUT(WC_TEST_RET_ENC_NC, out);
|
||||
#endif /* HAVE_AES_DECRYPT */
|
||||
#endif
|
||||
#endif /* !WOLFSSL_NXP_HASHCRYPT_AES */
|
||||
#endif /* WOLFSSL_AES_256 */
|
||||
|
||||
out:
|
||||
@@ -15618,7 +15618,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_ctr_test(void)
|
||||
{ ctr128Key, (int)sizeof(ctr128Key), ctrIvWrap128,
|
||||
ctrPlain, (int)sizeof(ctr128Wrap128CipherLong),
|
||||
ctr128Wrap128CipherLong },
|
||||
#endif
|
||||
#endif /* !WOLFSSL_NXP_HASHCRYPT_AES */
|
||||
#if defined(WOLFSSL_ARMASM) || defined(WOLFSSL_RISCV_ASM)
|
||||
{ ctr128Key, (int)sizeof(ctr128Key), ctrIvWrap128_2,
|
||||
ctrPlain, (int)sizeof(ctr128Wrap128_2CipherLong),
|
||||
@@ -15662,7 +15662,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_ctr_test(void)
|
||||
{ ctr192Key, (int)sizeof(ctr192Key), ctrIvWrap128,
|
||||
ctrPlain, (int)sizeof(ctr192Wrap128CipherLong),
|
||||
ctr192Wrap128CipherLong },
|
||||
#endif
|
||||
#endif /* !WOLFSSL_NXP_HASHCRYPT_AES */
|
||||
#if defined(WOLFSSL_ARMASM) || defined(WOLFSSL_RISCV_ASM)
|
||||
{ ctr192Key, (int)sizeof(ctr192Key), ctrIvWrap128_2,
|
||||
ctrPlain, (int)sizeof(ctr192Wrap128_2CipherLong),
|
||||
@@ -15706,7 +15706,7 @@ WOLFSSL_TEST_SUBROUTINE wc_test_ret_t aes_ctr_test(void)
|
||||
{ ctr256Key, (int)sizeof(ctr256Key), ctrIvWrap128,
|
||||
ctrPlain, (int)sizeof(ctr256Wrap128CipherLong),
|
||||
ctr256Wrap128CipherLong },
|
||||
#endif
|
||||
#endif /* !WOLFSSL_NXP_HASHCRYPT_AES */
|
||||
#if defined(WOLFSSL_ARMASM) || defined(WOLFSSL_RISCV_ASM)
|
||||
{ ctr256Key, (int)sizeof(ctr256Key), ctrIvWrap128_2,
|
||||
ctrPlain, (int)sizeof(ctr256Wrap128_2CipherLong),
|
||||
|
||||
@@ -26,13 +26,12 @@
|
||||
int wc_casper_init(void);
|
||||
|
||||
#if !defined(NO_RSA) && defined(WOLFSSL_NXP_CASPER_RSA_PUB_EXPTMOD)
|
||||
|
||||
#include <wolfssl/wolfcrypt/rsa.h>
|
||||
|
||||
int casper_rsa_public_exptmod(
|
||||
const byte* in, word32 inLen, byte* out, word32* outLen, RsaKey* key
|
||||
);
|
||||
#endif
|
||||
#endif /* !NO_RSA && WOLFSSL_NXP_CASPER_RSA_PUB_EXPTMOD */
|
||||
|
||||
|
||||
#if defined(HAVE_ECC)
|
||||
@@ -42,14 +41,14 @@ int casper_rsa_public_exptmod(
|
||||
int casper_ecc_mulmod(
|
||||
const mp_int *m, ecc_point *P, ecc_point *R, int curve_id
|
||||
);
|
||||
#endif
|
||||
#endif /* WOLFSSL_NXP_CASPER_ECC_MULMOD */
|
||||
|
||||
#ifdef WOLFSSL_NXP_CASPER_ECC_MUL2ADD
|
||||
int casper_ecc_mul2add(
|
||||
const mp_int *m, ecc_point *P, const mp_int *n, ecc_point *Q,
|
||||
ecc_point *R, int curve_id
|
||||
);
|
||||
#endif
|
||||
#endif
|
||||
#endif /* WOLFSSL_NXP_CASPER_ECC_MUL2ADD */
|
||||
#endif /* HAVE_ECC */
|
||||
|
||||
#endif
|
||||
#endif /* _CASPER_PORT_H_ */
|
||||
|
||||
@@ -25,4 +25,4 @@
|
||||
|
||||
int wc_hashcrypt_init(void);
|
||||
|
||||
#endif
|
||||
#endif /* _HASHCRYPT_PORT_H_ */
|
||||
|
||||
Reference in New Issue
Block a user