STM32L486RG/mbedtls: add aes hw acceleration

2017-03-16 13:56:08 +01:00 · 2017-03-16 13:56:08 +01:00 · 2da3128a2a
parent a39ac60305
commit 2da3128a2a
3 changed files with 82 additions and 12 deletions
--- a/features/mbedtls/targets/TARGET_STM/TARGET_STM32L4/TARGET_NUCLEO_L486RG/mbedtls_device.h
+++ b/features/mbedtls/targets/TARGET_STM/TARGET_STM32L4/TARGET_NUCLEO_L486RG/mbedtls_device.h
@ -0,0 +1,30 @@
+/*
+ *  mbedtls_device.h 
+ *******************************************************************************
+ * Copyright (c) 2017, STMicroelectronics
+ *  SPDX-License-Identifier: Apache-2.0
+ *
+ *  Licensed under the Apache License, Version 2.0 (the "License"); you may
+ *  not use this file except in compliance with the License.
+ *  You may obtain a copy of the License at
+ *
+ *  http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *  Unless required by applicable law or agreed to in writing, software
+ *  distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *  WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *  See the License for the specific language governing permissions and
+ *  limitations under the License.
+ *
+ */
+#ifndef MBEDTLS_DEVICE_H
+#define MBEDTLS_DEVICE_H
+
+#define MBEDTLS_AES_ALT
+
+//the following defines are provided to maintain compatibility between STM32 families
+#define __HAL_RCC_CRYP_CLK_ENABLE    __HAL_RCC_AES_CLK_ENABLE
+#define __HAL_RCC_CRYP_FORCE_RESET   __HAL_RCC_AES_FORCE_RESET
+#define __HAL_RCC_CRYP_RELEASE_RESET __HAL_RCC_AES_RELEASE_RESET
+#define CRYP                         AES
+#endif /* MBEDTLS_DEVICE_H */
--- a/features/mbedtls/targets/TARGET_STM/aes_alt.c
+++ b/features/mbedtls/targets/TARGET_STM/aes_alt.c
@ -28,17 +28,22 @@ static int aes_set_key( mbedtls_aes_context *ctx, const unsigned char *key, unsi
    switch( keybits )
    {
        case 128:
-          ctx->hcryp_aes.Init.KeySize = CRYP_KEYSIZE_128B;
-          memcpy(ctx->aes_key, key, 16);
-          break;
+            ctx->hcryp_aes.Init.KeySize = CRYP_KEYSIZE_128B;
+            memcpy(ctx->aes_key, key, 16);
+            break;
        case 192:
-          ctx->hcryp_aes.Init.KeySize = CRYP_KEYSIZE_192B;
-          memcpy(ctx->aes_key, key, 24);
-          break;
+#if defined (TARGET_STM32L486xG)
+            return(MBEDTLS_ERR_AES_INVALID_KEY_LENGTH);
+#else
+            ctx->hcryp_aes.Init.KeySize = CRYP_KEYSIZE_192B;
+            memcpy(ctx->aes_key, key, 24);
+            break;
+#endif
+
        case 256:
-          ctx->hcryp_aes.Init.KeySize = CRYP_KEYSIZE_256B;
-          memcpy(ctx->aes_key, key, 32);
-          break;
+            ctx->hcryp_aes.Init.KeySize = CRYP_KEYSIZE_256B;
+            memcpy(ctx->aes_key, key, 32);
+            break;
       default : return( MBEDTLS_ERR_AES_INVALID_KEY_LENGTH );
    }

@ -52,6 +57,9 @@ static int aes_set_key( mbedtls_aes_context *ctx, const unsigned char *key, unsi
    __HAL_RCC_CRYP_CLK_ENABLE();

    ctx->hcryp_aes.Init.pKey = ctx->aes_key;
+#if defined (TARGET_STM32L486xG)
+    ctx->hcryp_aes.Init.KeyWriteFlag = CRYP_KEY_WRITE_ENABLE;
+#endif
    if (HAL_CRYP_Init(&ctx->hcryp_aes) == HAL_ERROR)
        return (HAL_ERROR);

@ -148,14 +156,46 @@ int mbedtls_aes_crypt_cbc( mbedtls_aes_context *ctx,
    if( mode == MBEDTLS_AES_DECRYPT )
    {
        ctx->hcryp_aes.Init.pInitVect = &iv[0]; // used in process, not in the init 
-
+#if defined (TARGET_STM32L486xG)
+        if ((ctx->hcryp_aes.Init.OperatingMode != CRYP_ALGOMODE_KEYDERIVATION_DECRYPT) || \
+             (ctx->hcryp_aes.Init.ChainingMode != CRYP_CHAINMODE_AES_CBC) || \
+             (ctx->hcryp_aes.Init.KeyWriteFlag != CRYP_KEY_WRITE_ENABLE)) {
+            /* Re-initialize AES IP with proper parameters */
+            if (HAL_CRYP_DeInit(&ctx->hcryp_aes) != HAL_OK) 
+                return HAL_ERROR;
+            ctx->hcryp_aes.Init.OperatingMode = CRYP_ALGOMODE_KEYDERIVATION_DECRYPT;
+            ctx->hcryp_aes.Init.ChainingMode = CRYP_CHAINMODE_AES_CBC;
+            ctx->hcryp_aes.Init.KeyWriteFlag = CRYP_KEY_WRITE_ENABLE;
+            if (HAL_CRYP_Init(&ctx->hcryp_aes) != HAL_OK)
+                return HAL_ERROR;
+        }
+      
+        status =  HAL_CRYPEx_AES(&ctx->hcryp_aes, (uint8_t *)input, length, (uint8_t *)output, 10);
+#else
        status = HAL_CRYP_AESCBC_Decrypt(&ctx->hcryp_aes, (uint8_t *)input, length, (uint8_t *)output, 10);
+#endif
    }
    else
    {
        ctx->hcryp_aes.Init.pInitVect = &iv[0]; // used in process, not in the init 
-        
+#if defined (TARGET_STM32L486xG)
+        if ((ctx->hcryp_aes.Init.OperatingMode != CRYP_ALGOMODE_ENCRYPT) || \
+             (ctx->hcryp_aes.Init.ChainingMode != CRYP_CHAINMODE_AES_CBC) || \
+             (ctx->hcryp_aes.Init.KeyWriteFlag != CRYP_KEY_WRITE_ENABLE)) {
+            /* Re-initialize AES IP with proper parameters */
+            if (HAL_CRYP_DeInit(&ctx->hcryp_aes) != HAL_OK) 
+                return HAL_ERROR;
+            ctx->hcryp_aes.Init.OperatingMode = CRYP_ALGOMODE_ENCRYPT;
+            ctx->hcryp_aes.Init.ChainingMode = CRYP_CHAINMODE_AES_CBC;
+            ctx->hcryp_aes.Init.KeyWriteFlag = CRYP_KEY_WRITE_ENABLE;
+            if (HAL_CRYP_Init(&ctx->hcryp_aes) != HAL_OK)
+                return HAL_ERROR;
+        }
+      
+        status =  HAL_CRYPEx_AES(&ctx->hcryp_aes, (uint8_t *)input, length, (uint8_t *)output, 10);
+#else
        status = HAL_CRYP_AESCBC_Encrypt(&ctx->hcryp_aes, (uint8_t *)input, length, (uint8_t *)output, 10);
+#endif
    }
    return( status );
 }
--- a/targets/targets.json
+++ b/targets/targets.json
@ -1109,7 +1109,7 @@
        "core": "Cortex-M4F",
        "extra_labels_add": ["STM32L4", "STM32L486RG", "STM32L486xG"],
        "detect_code": ["0827"],
-        "macros_add": ["USBHOST_OTHER"],
+        "macros_add": ["USBHOST_OTHER", "MBEDTLS_CONFIG_HW_SUPPORT"],
        "device_has_add": ["ANALOGOUT", "CAN", "LOWPOWERTIMER", "SERIAL_ASYNCH", "SERIAL_FC", "TRNG", "FLASH"],
        "release_versions": ["2", "5"],
        "device_name": "STM32L486RG"