Hello !
NXP implement own pair of APIs mbedtls_gcm_crypt_and_tag/mbedtls_gcm_auth_decrypt what is LTC accelerated.
But it is not so clear if context of decrypt operation supports decryption by using smaller blocks.
For example mbedtls_gcm_crypt_and_tag() is used and taged for 4KB block of data at one.
And after that can I decrypt it by using 1KB chunks, e.g call mbedtls_gcm_auth_decrypt() 4 times and pass some context from stage to stage ?
Looks like already second 1KB block give invalid data . Does those API is even disagned for incremental operation
or they always expect complete data for input and output ?
// decrypt by using 2 chunks
mbedtls_gcm_init(&gcm);
keysize = 256;
memset(buf, 0, sizeof(buf)); // output buffer
memset(key, 0x55, sizeof(key));
memset(iv, 0xAA, sizeof(iv));
mbedtls_gcm_setkey(&gcm, MBEDTLS_CIPHER_ID_AES, key, keysize);
int res = mbedtls_gcm_auth_decrypt(&gcm, /*MBEDTLS_GCM_DECRYPT,*/
BUFSIZE/4,
iv, // iv
12, // iv len
NULL, 0, // add
//tag, 16, // tag
NULL, 16, // ignore tag
buf_out, // in
buf); // out
PRINTF("1 decrypt %d bytes, res - %d\r\n", BUFSIZE/4, res);
Data OK !
res = mbedtls_gcm_auth_decrypt(&gcm,
BUFSIZE/4,
iv, // iv
12, // iv len
NULL, 0, // add
//tag, 16, // tag
NULL, 16, // ignore tag
buf_out + 256, // in
buf + 256); // out
PRINTF("2 decrypt %d bytes, res - %d\r\n", BUFSIZE/4, res);
Data broken
Regards,
Eugene
Hello,
As those API's are the ones of the mbed examples, the best resource for understanding the functionality of those would be the official documentation that you can find in this link.
Hope this helps.
Regards,
Estephania
Hello !
Looks like case is known : Block wise encryption using AES 128 GCM mbedtls library - Discussion Forum - Mbed TLS (Previously Po...
But if block wise encryption in use, API chain 1) mbedtls_gcm_starts 2) mbedtls_gcm_update 3) mbedtls_gcm_finish must be used.
And those APIs are not HW accelerated and actual performance is 10x less if mbedtls_gcm_crypt_and_tag/mbedtls_gcm_auth_decrypt are in use.
So it is possible but no HW acceleration in that mbedtls version for Kinetis MCU.
Can it be like this ?
Regards.
Eugene
Hello,
I'm not fully sure I understand you query, but yes, the software implementation of the different algorithms might be slower than using the hardware accelerator modules which it's one of the capabilities of this MCU.
Hello !
I mean not all API are ported to support LTC HW accelerator when AES-GSM is used.
mbedtls_gcm_crypt_and_tag/mbedtls_gcm_auth_decrypt - HW accelerated
mbedtls_gcm_starts, mbedtls_gcm_update, mbedtls_gcm_finish - SW implementation
It means not all practical cases for AES GSM usage can be covered by fast HW accelerated APIs.
Regards,
Eugene
Hello,
But there is no question about it, is there?
Regards,
Estephania
Hello !
Performance hit exists becouse mbedtls_gcm_starts, mbedtls_gcm_update, mbedtls_gcm_finish APIs dosn't support HW accelerator.
And I can't use mbedtls_gcm_crypt_and_tag/mbedtls_gcm_auth_decrypt becouse they dosn't support incremental decrypt process.
Regards,
Eugene.
Hello,
I'm not sure about your question , still , if there are no examples available it is most likely that you will need to implement it by yourself.
Regards ,
Estephania