Skip to main content
Bogdan Rosandic
Bogdan Rosandic
Associate
May 11, 2017
Question

Why mbedtls, which is part of STCube 1.16 release, does not contain HW acceleration code?

  • May 11, 2017
  • 3 replies
  • 2573 views
Posted on May 11, 2017 at 17:47

Recently PolarSSL library has been replaced by mbedtls in STCube Third Party libraries.

PolarSSL used to have STM32 specific code for some of the Polar SSL APIs. Now, in the latest STCube

mbedtls library does not have STM32 specific code which enables usage of hardware HASH and CRYPTO engine.

What is the reason for this ?

Best regards,

Bogdan

#stm32 #crypto #mbedtls #hash
This topic has been closed for replies.

3 replies

Haithem Rahmani
Haithem Rahmani
ST Employee
May 24, 2017
Posted on May 24, 2017 at 11:44

Hi Bodgan,

indeed the mbedtls released within the STM32 Cube FW is without any HW crypto engine integration.This is planned in the next release of the Cube FW.

Notice that integration of the hw crypto won't be integrated in mbedtls source code itself but in the applications source code instead.In fact the mbedtls is offering config flags that allows user to provide alternate functions for crypto functions.

We did that for the Random Number generator, have a look at the files:

Projects/STM32469I_EVAL/Applications/mbedTLS/SSL_Client/Src/hardware_rng.c

Projects/STM32469I_EVAL/Applications/mbedTLS/SSL_Client/Src/stm32f4xx_hal_msp.c

regards

Haithem.

Bogdan Rosandic
Bogdan RosandicAuthor
Associate
May 24, 2017
Posted on May 24, 2017 at 15:37

Hi Haithem,

Thanks for the reply. I wander, when do you expect next release of the Cube FW ?

Best regards,

Bogdan

Haithem Rahmani
Haithem Rahmani
ST Employee
November 12, 2017
Posted on November 12, 2017 at 20:06

hi,

sorry, the v4.23 is intended to support only the mbedtls without hw crypto.

the hw crypto integration is currently under study 

keep you updated!

Bogdan Rosandic
Bogdan RosandicAuthor
Associate
November 16, 2017
Posted on November 16, 2017 at 11:02

Why do you need so much time? It's been almost 6 months since the original post?

You already had this feature for PolarSSL which is 

predecessor of mbedTLS...

Best regards,

Bogdan

samsangani
samsangani
Associate
November 23, 2017
Posted on November 23, 2017 at 23:21

Hi ST support team,

We are looking for hard accelerated crypto engine library for mbedTLS for our current project. We are batting on this project just because of AES hardware. Could you please help us when it would be available?

Regards,

Sam Sangani

Bogdan Rosandic
Bogdan RosandicAuthor
Associate
November 30, 2017
Posted on November 30, 2017 at 14:15

Hi Sam,

I solved my problem with AES hw acceleration by adding following line :

hcryp_aes.Instance = CRYP; before calling HAL_CRYP_Init(&hcryp_aes);. I made this change in aes.c.

Hope this helps!

Best regards,

Bogdan

ritesh
ritesh
Associate II
December 2, 2017
Posted on December 02, 2017 at 11:06

Hi Bogdan,

I an evaluating X-CUBE-AWS (Amazon Web Service IoT) v1.1.0 in 32F769IDISCOVERY.

http://www.st.com/en/embedded-software/x-cube-aws.html

 

This package is using mbedTLS library. And I want to confirm that this package is using HW Acceleration.

But in the 'stm32f7xx_hal_conf.h' file ' ♯ define HAL_CRYP_MODULE_ENABLED' is not defined

And also I can't find 

HAL_CRYP_Init() in aes.c.

I also downloaded latest STM32CubeMX (v4.23) and also STM32Cube_FW_F7_V1.8.0. But both are having same mbedTLS v2.4.0 and in their aes.c doesn't have HAL_CRYP_Init(). 

So is X-CUBE-AWS is using crypto library and HW acceleration?

And if NO, how to enable?

Terms & ConditionsAccessibility statement