GitBucket
|
|
|||
|---|---|---|---|
| .. | |||
| TARGET_MCU_NRF52840 | 5 years ago | ||
| binaries | 5 years ago | ||
| include | 6 years ago | ||
| Readme.md | 4 years ago | ||
| aes_alt.c | 4 years ago | ||
| aes_alt.h | 5 years ago | ||
| cc_internal.c | 5 years ago | ||
| cc_internal.h | 5 years ago | ||
| ccm_alt.c | 5 years ago | ||
| ccm_alt.h | 5 years ago | ||
| cmac_alt.c | 4 years ago | ||
| cmac_alt.h | 4 years ago | ||
| ecdh_alt.c | 4 years ago | ||
| ecdsa_alt.c | 5 years ago | ||
| mbed_lib.json | 4 years ago | ||
| mbedtls_device.h | 4 years ago | ||
| objects_cryptocell.h | 6 years ago | ||
| sha1_alt.c | 5 years ago | ||
| sha1_alt.h | 5 years ago | ||
| sha256_alt.c | 5 years ago | ||
| sha256_alt.h | 5 years ago | ||
| sha512_alt.c | 4 years ago | ||
| sha512_alt.h | 4 years ago | ||
| trng.c | 5 years ago | ||
Guidelines for porting Cryptocell to Mbed OS
Cryptocell (CC) 310 is a hardware accelerator you can port to boards that have CC 310 embedded in their hardware.
The CC 310 driver consists of three libraries:
- A common core library (
libcc_core.a). - A platform-specific TRNG library containing TRNG-related information for sampling sufficient entropy on the specific platform (
libcc_trng.a). - A platform-specific library containing extra information, such as the CC register's base addresses on the specific board (
libcc_ext.a).
Library version information:
- The CC 310 libraries were built from version
arm_sw-cc310-1.1.0.1285. - The
IARlibraries were built usingIAR ANSI C/C++ Compiler V7.80.1.11864/W32 for ARMwith--cpu Cortex-M4f. - The
ARMlibraries were built usingARM Compiler 5.06 update 4 (build 422)with--cpu cortex-m4. - The
GCC_ARMlibraries were built usingarm-none-eabi-gcc 6.3.1 20170620 (release)with-mcpu=cortex-m4.
To port your CC 310 driver to Mbed OS on your specific target:
- In
targets.json, add the following to your target:MBEDTLS_CONFIG_HW_SUPPORTtomacros_addkey. This instructs Mbed TLS to look for an alternative cryptographic implementation.CRYPTOCELL310tofeature. Use this in your common code that you need to remove from compilation in case CC exists in your board. Use#if !defined(FEATURE_CRYPTOCELL310)and#if defined(FEATURE_CRYPTOCELL310).
- In
objects.h, includeobjects_cryptocell.h. You can use theFEATURE_CRYPTOCELL310precompilation check as defined above. - In
features/cryptocell/FEATURE_CRYPTOCELL310/TARGET_<target name>, add your platform-specific libraries for all toolchains inTOOLCHAIN_ARM,TOOLCHAIN_GCC_ARMandTOOLCHAIN_IARrespectively. - Add your CC setup code:
- Implement
crypto_platform_setup()andcrypto_platform_terminate()to enable CC on your platform, in case you have board-specific setup functionality, required for CC setup. You MUST callSaSi_LibInit()andSaSi_LibFini()in these functions. - Define
crypto_platform_ctxincrypto_device_platform.hin a way that suits your implementation.
- Implement
Enabling optional alternative drivers
Three additional modules that are not enabled by default have alternative implementation support. This allows backward compatability because these modules don't have full functionality and returns MBEDTLS_ERR_PLATFORM_FEATURE_UNSUPPORTED for some features. The modules are:
AES, which only supports 128 bit key size, as opposed to previous support for all key sizes.CMAC, which only supports AES 128 bit key size, as opposed to previous support for DES and all key sizes.SHA512, which only supports SHA512, as opposed to previous support for SHA384, as well.
To enable these modules, define MBEDTLS_AES_ALT, MBEDTLS_CMAC_ALT and MBEDTLS_SHA512_ALT, either in mbed_app.json or in your MBEDTLS_USER_CONFIG_FILE, to have hardware accelerated module with reduced RAM size, on the expense of full functionality.