Our application connects to a server in the cloud and recently we migrated from a proprietary AES256 encryption to Mbed TLS based solution.
By default Mbed TLS does NOT offer out-of-the-box hardware acceleration for AES, MD5, SHA etc. By accident I was triggered to look at Mbed OS 5 that includes Mbed TLS as one of its features. In the targets directory of the mbed TLS feature within Mbed OS, I’ve found support for hardware acceleration that uses the STM32 Crypto and Hash peripherals (provided by STM32F7xx_HAL_Driver). In my application this works fine.
While using the cipher suite TLS-ECDHE-ECDSA-WITH-AES-256-GCM-SHA384, I was wondering why there is only a aes_alt.c implementation and not a gcm_alt.c implementation to support AES-GCM hardware acceleration by STM32 crypto peripheral (these alternative implementations have a STmicroelectronics copyright notice).
Searching the Mbed OS code base for AES, I only found the AES-ECB and AES-CBC modes use the HW STM32 crypto.
See stm32f7xx_hal_cryp_ex.h that offers the following interfaces for AES-GCM support by HW:
I would expect performance benefits if a gcm_alt module is implemented that uses the STM32 crypto peripheral for AES-GCM as well?
Is anyone already working or thinking about a gcm_alt implementation for STM32?