1. Crypto RSA H/W supports 1024/2048/3072/4096 key bits. Fall back to software implementation for other key bits.
2. For decrypt, if MBEDTLS_RSA_NO_CRT isn't defined, go CRT, or normal.
3. For decrypt, when blinding (f_rng != NULL), enable SCAP mode.
4. Recover from Crypto RSA H/W failure:
(1) Enable timed-out wait to escape from RSA H/W trap
(2) On RSA H/W timeout, stop this RSA H/W operation
(3) Fall back to S/W implementation on failure
NOTE: RSA 4096 key bits can fail with default mbedtls configuration MBEDTLS_MPI_MAX_SIZE.
Enlarge MBEDTLS_MPI_MAX_SIZE to 1024 or larger if this feature is required.
NOTE: Fixed in BSP RSA driver, for non-CRT+SCAP mode, temporary buffer for MADDR6 requires to be key length plus 128 bits.
NOTE: Fixed in BSP RSA driver, DMA buffer must be 4-word aligned, or RSA H/W will trap.
1. Prepare crypto common code
2. Support list
- SHA
- ECC
NOTE: AES/RSA are to support in other works
NOTE: Compared to M487, M467's SHA supports context save & restore (DMA Cascade mode) and so no software fallback is needed.
NOTE: M467's ECC, following M487, goes partial-module replacement and it can just improve primitives e.g. point addition/doubling by 2X,
and cannot improve high level point multiplication because MbedTLS doesn’t open it.
To improve performance best, full-module replacement is needed.
NOTE: Continuing above, add support for Montgomery curve
Chun-Chieh Li
cyliangtw