LAN966x Crypto HW Accelerators

SoC Resources

LAN966x SoC supports cryptographic hardware accelerators - AES and SHA. Hardware accelerators perform cryptographic operations faster than they can be performed in software.

The AES and SHA resources are configured as secure in the TF-A/BL2 by default. This means that they cannot be used from Linux. If these HW resources are needed in Linux, then they need to be de-activated TF-A, and in BL2 re-configured as non-secure peripherals. Due to this, these drivers are disabled in the default LAN966x device-trees.

Kernel configurations

Following kernel config options should be enabled to use AES and SHA:

CONFIG_CRYPTO_AES - AES driver config option.
CONFIG_CRYPTO_DEV_ATMEL_AES - Atmel AES hw accelerator config option.
CONFIG_CRYPTO_DEV_ATMEL_SHA - Atmel SHA hw accelerator config option.

Devicetree Configuration

ATMEL AES

To enable AES block, following configurations are required in device tree:

compatible string must be set to atmel,at91sam9g46-aes.
reg property must be set to <0xe004c000 0x100>.
interrupts property must be set with interrupt details as <GIC_SPI 53 IRQ_TYPE_LEVEL_HIGH>.

Peripheral	Shared Peripheral Interrupt	CPU INTR
aes	85	53

Peripheral

Shared Peripheral Interrupt

CPU INTR

aes

Note

Shared peripheral interrupt lines start at index ID32. So, CPU INTR must be calculated as [Shared peripheral interrupt number - 32].

clocks property must be set to <&nic_clk>.
clock-names must be set to aes_clk.
dmas property must be set to <&dma0 AT91_XDMAC_DT_PERID(13)> and <&dma0 AT91_XDMAC_DT_PERID(12)>.
dma-names must be set to rx and tx.

ATMEL SHA

To enable SHA block, following configurations are required in device tree:

compatible string must be set to atmel,at91sam9g46-sha.
reg property must be set to <0xe006c000 0xec>.
interrupts property must be set with interrupt details as <GIC_SPI 57 IRQ_TYPE_LEVEL_HIGH>.

Peripheral	Shared Peripheral Interrupt	CPU INTR
sha	89	57

Peripheral

Shared Peripheral Interrupt

CPU INTR

sha

Note

Shared peripheral interrupt lines start at index ID32. So, CPU INTR must be calculated as [Shared peripheral interrupt number - 32].

clocks property must be set to <&nic_clk>.
clock-names must be set to _clk.
dmas property must be set to <&dma0 AT91_XDMAC_DT_PERID(14)>.
dma-names must be set to tx.

References

https://elixir.bootlin.com/linux/latest/source/Documentation/devicetree/bindings/crypto/atmel,at91sam9g46-aes.yaml

Example

Following example shows how AES and SHA should be defined in DT:

aes: crypto@e004c000 {
	compatible = "atmel,at91sam9g46-aes";
	reg = <0xe004c000 0x100>;
	interrupts = <GIC_SPI 53 IRQ_TYPE_LEVEL_HIGH>;
	dmas = <&dma0 AT91_XDMAC_DT_PERID(13)>,
	     <&dma0 AT91_XDMAC_DT_PERID(12)>;
	dma-names = "rx", "tx";
	clocks = <&nic_clk>;
	clock-names = "aes_clk";
};

sha: crypto@e006c000 {
	compatible = "atmel,at91sam9g46-sha";
	reg = <0xe006c000 0xec>;
	interrupts = <GIC_SPI 57 IRQ_TYPE_LEVEL_HIGH>;
	dmas = <&dma0 AT91_XDMAC_DT_PERID(14)>;
	dma-names = "tx";
	clocks = <&nic_clk>;
	clock-names = "sha_clk";
};

UserSpace

Confirm instances are created

Check if AES and SHA algorithms are registered in Crypto framework using cat /proc/crypto | grep atmel.

Example on how to use

# cat /proc/crypto | grep atmel
driver       : atmel-hmac-sha512
driver       : atmel-hmac-sha384
driver       : atmel-hmac-sha256
driver       : atmel-hmac-sha224
driver       : atmel-hmac-sha1
driver       : atmel-sha512
driver       : atmel-sha384
driver       : atmel-sha224
driver       : atmel-sha256
driver       : atmel-sha1
driver       : atmel-xts-aes
driver       : atmel-gcm-aes
driver       : atmel-cfb64-aes
driver       : atmel-ctr-aes
driver       : atmel-cfb8-aes
driver       : atmel-cfb16-aes
driver       : atmel-cfb32-aes
driver       : atmel-cfb-aes
driver       : atmel-ofb-aes
driver       : atmel-cbc-aes
driver       : atmel-ecb-aes

AES testing

Enable cryptodev-linux and openssl buildroot packages.
Run modprobe cryptodev.ko to load cryptodev module.

Encrypt 6bc1bee22e409f96e93d7e117393172a using below commands

python -c "print '6bc1bee22e409f96e93d7e117393172a'.decode('hex')" > plaintext

openssl enc -aes-128-ecb -engine devcrypto -nosalt -K 2b7e151628aed2a6abf7158809cf4f3c -in plaintext -out ciphertext

hexdump -C ciphertext

Read the encoder hex from ciphertext. Observe that first 16 bytes in file is equivalent to expected encrypted value 3ad77bb40d7a3660a89ecaf32466ef97

SHA testing

Run below command to test the sha sum of abc. Replace $i with 1 or 224 or 256 or 384 or 512, based on SHA used.

echo -n "abc" | shasum -a $i

or use below commands:

Enable cryptodev-linux and openssl buildroot packages.
Run modprobe cryptodev.ko to load cryptodev module.

echo -n 'abc' | openssl dgst -sha$i -engine devcrypto

# echo -n 'abc' | openssl dgst -shal -engine devcrypto
engine "devcrypto" set
(stdin) = a9993e364706816aba3e25717850c26c9cd0d89d

# symreg *SHA_IODATAR0*
SHA_SHA_IODATAR0				= 0x363e99a9
# symreg *SHA_IODATAR1
SHA_SHA_IODATARl				= 0x6a810647
# symreg *SHA IODATAR2
SHA_SHA_IODATAR2				= 0x71253eba
# symreg *SHA_IODATAR3
SHA_SHA_IODATAR3				= 0x6cc25078
# symreg *SHA_IODATAR4
SHA_SHA_IODATAR4				= 0x9dd8d09c