I have a project which uses DTLS over connections. For now I have successfully managed to run WolfSSL on controllers using only software implementation but the time required to setup the initial connection is abhorrent and I'm now looking to utilize HW crypto in the MCU to accelerate performance. From the STM32F2 implementation provided by WolfSSL, I have only seen a few crypto algorithms being retargeted to the hardware crypto. In my DTLS implementation I am utilizing quite a few different algos provided by WolfCrypt. As I am quite inexperienced with very low level details of the SSL library, I need some help to retarget almost all the encryption algorithms present in WolfSSL from software implementation to STM32 Crypto Hardware.
According to ST's Cube HAL framework, the algos supported by HW Encrytion are
STM32F437x/439x
– AES: CFB, OFB, XTS, CCM, GCM, CMAC, KeyWrap
Key size: 128, 192, 256 bit Crypto accelerator
– ECC: Key generation, Scalar multiplication, ECDSA Random number
generator (RNG) – RSA encryption/decryption functions with PKCS#1v1.5
So I would need help changing these algos in WolfSSL such that they use STM32 HW Acc. If someone can provide sample of this, that would be most appreciated.
I have also asked this on the WolfSSL forums. In case I find anything interesting there, I will update here for other's benefit Thanks!
Which version of wolfSSL are you working with? wolfSSL recently added support for CubeMX HAL. If you do not have wolfSSLv3.10.0 please download it from the download page here: https://wolfssl.com/wolfSSL/download/downloadForm.php or get it from the wolfSSL github repository: https://github.com/wolfSSL/wolfssl.git
There is a new define for WOLFSSL_STM32_CUBEMX in the STM32F2 section of /wolfssl/wolfcrypt/settings.h
This define adds support for offloading AES, DES3, and RANDOM operations to hardware. If you wish to port additional algorithms please use the sections in /wolfcrypt/src/aes.c surrounded by the define for WOLFSSL_STM32_CUBEMX as a reference. Here is a short sample of adding HAL API in the function wc_AesEncrypt. Source code was pulled from https://github.com/wolfSSL/wolfssl/blob/master/wolfcrypt/src/aes.c#L208: