How to implement AES GCM with the hw crypto unit

Tip / Sign in to post questions, reply, level up, and achieve exciting badges. Know more

cross mob
OnPi_2263161
Level 4
Level 4
First like received Code Expert

Hi all,

could someone help me and describe how to initialize/use PSoC6 hardware crypto unit in AES GCM mode?

We would like to have encrypted file on external flash memory. The file will be read to RAM in chunks (around 256B).

Thank you

Ondrej

0 Likes
9 Replies
DheerajK_81
Moderator
Moderator
Moderator
First comment on KBA First comment on blog 5 questions asked

The Crypto driver provides support for only the following four AES encryption algorithms (ECB, CBC, CFB and CTR). You could use the CBC mode instead which is almost similar to GCM.

Please refer to the PDL documentation for the implementation details.

Regards,

Dheeraj

0 Likes

Thank you for reply. But I would like to get an answer if it is possible to somehow use AES GCM with the PSoC6 (partly hw partly sw solution). We can use software crypto library if necessary.

Now we are using AES-GCM and we would like to reuse all the tooling we have.

Yes, AES CBC is very similar but still, we would like to use only one AES method, not two.

0 Likes

No, it would not be possible because the source files for the Crypto block aren't exposed for modification. They are part of the Peripheral Driver Library. So you wouldn't be able to add your software crypto library to interact with the Crypto hardware block to make it work.

Regards,

Dheeraj

0 Likes

I was thinking to use HW AES CTR to decrypt and SW AES GMAC to verify whole image authenticity.

We are writing our DFU application and we are open to combine parts from PDL and register access.

0 Likes

We have forwarded your query to our product development team, who will evaluate your query. Thank you for your interest in Cypress products.

Regards,

Dheeraj

0 Likes

Thank you Dheeraj, I am looking forward to hearing from Cypress product development team.

0 Likes

Hi Dheeraj,

How is evaluation going? I was wondering if a sniped of code is ready to try.

Regards

Ondrej

0 Likes

Hello Ondrej,

This request will be made available with future releases of ModusToolbox. I will update the thread when the algorithm is supported.

Regards,

Dheeraj

0 Likes

Hello Dheeraj,

it is good news. Is there a possibility to get code sooner or contact on a person who is responsible (before ModusToolbox release)?

We can help with testing and evaluation. If no code will be available in a month we have to write AES GCM ourself.

Regards

Ondrej

0 Likes