0

I am currently trying to find the best methodology to integrate the cryptographic acceleration unit present on my MCU to take advantage of the performance gain not only in my custom apps but also in the external SSL/TLS library I will need to use.

My platform runs a Freescale Kinetis (ARM Cortex-M4) device with a uCLinux distribution. I have currently managed to run mbed-TLS (Polar SSL) in user space. I also have the possibility to run CyASSL from WolfSSL. I am now looking at the best strategy to run the "memory mapped Crytographic Acceleration Unit" (MMCAU) peripheral on the processor together with my application. The code itself shall not be too difficult to integrate since Freescale provides a library with C wrappings around assembly optimized code. The tricky point being the middleware enabling the use of the crypto unit in the user apps and the libraries.

One possibility is to rewrite the linux cryptographic kernel module (cryptodev) in order to make use of the MMCAU in my user apps (this would have the benefit to access the MMCAU from several user apps while my platform does not support shared libraries). However I am not sure this is the best strategy. In addition, mbed-TLS does not seem to provide support for the native linux cryptographic driver.

Other alternatives are proposed here (http://cryptodev-linux.org/) but, since I am not a true linux specialist, I am not really sure what would be the best solution in my case.

A piece of advice on the best strategy to adopt here to get the most flexible solution while still benefitting from the improved performance of the hardware crypto would be welcome.

jww
  • 97,681
  • 90
  • 411
  • 885
user2457451
  • 135
  • 1
  • 2
  • 11

1 Answers1

1

The wolfSSL library has support for hardware acceleration on FreeScale Kinetis, including the MMCAU. You can utilize the MMCAU by defining FREESCALE_MMCAU in your project. This has primarily been tested with FreeScale MQX, but may still be usable with other operating systems. This is an older blog post (does not have the updated wolfSSL github page link), but does contain some information that might be useful.

Dharman
  • 30,962
  • 25
  • 85
  • 135
lchristina26
  • 205
  • 5
  • 20
  • Hello Christina, thanks for the feedback. Yes I saw that possiblity, the main issue is that all the applications I saw addressing the MMCAU deal with the memory adresses as if they can directly map the physical address of the MMCAU from the application. In the case of ucLinux, physical addresses ares not accessible directly from user space. I have currently tried to use cryptodev linux and some custome /linux/crypto driver to address the MMCAU. It worked with no real performance gain. I then wrote a custom IOCTL driver with a gain in performance. I now have to call it from a lib or app. – user2457451 Jun 14 '15 at 09:50
  • Ok, if you do decide you want to incorporate wolfSSL into a FreeScale Kinetis project, feel free to post directly to our [support forums](http://www.wolfssl.com/forums/). We are very familiar with FreeScale products and may be able to provide more support there. – lchristina26 Jun 16 '15 at 22:26