Legacy configurations and supported features
This section covers the configurations available when using Legacy crypto support.
Configuring backends
The legacy configuration does not allow multiple backends being enabled at the same time.
The choice of implementation is controlled by setting CONFIG_CC3XX_BACKEND for devices with the CryptoCell hardware peripheral, or CONFIG_OBERON_BACKEND.
cc3xx backend
Setting the Kconfig option CONFIG_CC3XX_BACKEND enables legacy crypto support for hardware accelerated cryptography using nrf_cc3xx_mbedcrypto library
Oberon backend
Setting the Kconfig option CONFIG_CC3XX_OBERON enables legacy crypto support using nrf_oberon crypto library
Original Mbed TLS backend
The Original Mbed TLS backend is no longer available as a configuration option, and is only used if any of the enabled backends does not support a specific cryptographic algorithm or feature.
AES configuration
The AES core is enabled with the Kconfig option CONFIG_MBEDTLS_AES_C.
This enables AES ECB cipher mode and allows the ciphers and modes CTR, OFB, CFB, CBC, XTS, CMAC, CCM/CCM*, and GCM to be configured.
Feature support
Cipher mode |
Backend |
Key size |
|---|---|---|
ECB |
cc310 |
128-bit key |
cc312 |
128-bit key |
|
192-bit key |
||
256-bit key |
||
nrf_oberon |
128-bit key |
|
192-bit key |
||
256-bit key |
Note
The Oberon backend uses some functionality from Original Mbed TLS for AES operations.
AES cipher configuration
AES cipher modes can be configured by setting Kconfig variables in the following table:
Cipher mode |
Configurations |
Note |
|---|---|---|
CTR |
||
CBC |
||
CFB |
nrf_oberon only |
|
OFB |
nrf_oberon only |
|
XTS |
nrf_oberon only |
Note
AES cipher modes are dependent on enabling AES core support according to AES configuration.
Feature support
Cipher mode |
Backend |
Key size |
Note |
|---|---|---|---|
CTR |
cc310 |
128-bit key |
|
cc312 |
128-bit key |
||
192-bit key |
|||
256-bit key |
|||
nrf_oberon |
128-bit key |
||
192-bit key |
|||
256-bit key |
|||
CBC |
cc310 |
128-bit key |
|
cc312 |
128-bit key |
||
192-bit key |
|||
256-bit key |
|||
nrf_oberon |
128-bit key |
||
192-bit key |
|||
256-bit key |
|||
CFB |
cc310 |
N/A |
Backend not supported |
cc312 |
N/A |
Backend not supported |
|
nrf_oberon |
128-bit key |
||
192-bit key |
|||
256-bit key |
|||
OFB |
cc310 |
N/A |
Backend not supported |
cc312 |
N/A |
Backend not supported |
|
nrf_oberon |
128-bit key |
||
192-bit key |
|||
256-bit key |
|||
XTS |
cc310 |
N/A |
Backend not supported |
cc312 |
N/A |
Backend not supported |
|
nrf_oberon |
128-bit key |
||
192-bit key |
|||
256-bit key |
CMAC configuration
Cipher-based Message Authentication Code (CMAC) support can be configured by setting the CONFIG_MBEDTLS_CMAC_C Kconfig variable.
Feature support
Algorithm |
Backend |
Key size |
|---|---|---|
CMAC |
cc310 |
128-bit key |
cc312 |
128-bit key |
|
192-bit key |
||
256-bit key |
||
nrf_oberon |
128-bit key |
|
192-bit key |
||
256-bit key |
AEAD configurations
Authenticated Encryption with Associated Data (AEAD) can be configured by setting Kconfig variables in the following table:
AEAD cipher |
Configurations |
Note |
|---|---|---|
AES CCM/CCM* |
||
AES GCM |
nrf_oberon or cc312 |
|
ChaCha20 |
||
Poly1305 |
||
ChaCha-Poly |
Requires Poly1305 and ChaCha20 |
Note
AEAD AES cipher modes are dependent on enabling AES core support according to AES configuration.
When Arm CryptoCell cc310 backend is used, AES GCM is provided by original Mbed TLS implementation.
The ChaCha-Poly implemented by the Arm CryptoCell cc3xx backend does not support incremental operations.
The ChaCha-Poly implemented by the cc3xx backend does not support incremental operations.
Feature support
AEAD cipher |
Backend |
Key size |
Note |
|---|---|---|---|
AES CCM/CCM* |
cc310 |
128-bit key |
|
cc312 |
128-bit key |
||
192-bit key |
|||
256-bit key |
|||
nrf_oberon |
128-bit key |
||
192-bit key |
|||
256-bit key |
|||
AES GCM |
cc312 |
128-bit key |
|
192-bit key |
|||
256-bit key |
|||
nrf_oberon |
128-bit key |
||
192-bit key |
|||
256-bit key |
|||
ChaCha20 |
cc3xx |
256-bit key |
|
nrf_oberon |
256-bit key |
||
Poly1305 |
cc3xx |
256-bit key |
|
nrf_oberon |
256-bit key |
||
ChaCha-Poly |
cc3xx |
256-bit key |
The ChaCha-Poly implementation in cc3xx backend does not support incremental operations. |
nrf_oberon |
256-bit key |
DHM configurations
Diffie-Hellman-Merkle (DHM) support can be configured by setting the CONFIG_MBEDTLS_DHM_C Kconfig variable.
Feature support
Algorithm |
Backend |
Key size |
Note |
|---|---|---|---|
DHM |
cc3xx |
Limited to 2048 bits |
|
nrf_oberon |
N/A |
Backend not supported |
Note
The Oberon backend uses functionality from Original Mbed TLS for DHM operations.
ECC configurations
Elliptic Curve Cryptography (ECC) configuration provides support for Elliptic Curve over GF(p).
ECC core support can be configured by setting the CONFIG_MBEDTLS_ECP_C Kconfig variable.
Enabling CONFIG_MBEDTLS_ECP_C will activate configuration options that depend upon ECC, such as ECDH, ECDSA, ECJPAKE, and a selection of ECC curves to support in the system.
Feature support
Algorithm |
Backend |
Curve group |
Curve type |
|---|---|---|---|
ECP |
cc3xx |
NIST |
secp192r1 |
secp224r1 |
|||
secp256r1 |
|||
secp384r1 |
|||
secp521r1 |
|||
Koblitz |
secp192k1 |
||
secp224k1 |
|||
secp256k1 |
|||
Curve25519 |
Curve25519 |
||
nrf_oberon |
NIST |
secp256r1 |
|
secp224r1 |
|||
Curve25519 |
Curve25519 |
ECDH configurations
Elliptic Curve Diffie-Hellman (ECDH) support can be configured by setting the CONFIG_MBEDTLS_ECDH_C Kconfig variable.
Algorithm |
Configurations |
|---|---|
ECDH |
Note
ECDH support depends upon ECC Configurations being enabled.
The nrf_cc3xx_mbedcrypto library does not integrate on ECP layer. Only the top-level APIs for ECDH are replaced.
Feature support
Algorithm |
Backend |
Curve group |
Curve type |
|---|---|---|---|
ECDH |
cc3xx |
NIST |
secp192r1 |
secp224r1 |
|||
secp256r1 |
|||
secp384r1 |
|||
secp521r1 |
|||
Koblitz |
secp192k1 |
||
secp224k1 |
|||
secp256k1 |
|||
Curve25519 |
Curve25519 |
||
nrf_oberon |
NIST |
secp256r1 |
|
secp224r1 |
|||
Curve25519 |
Curve25519 |
ECDSA configurations
Elliptic Curve Digital Signature Algorithm (ECDSA) support can be configured be configured by setting the CONFIG_MBEDTLS_ECDSA_C Kconfig variable.
Algorithm |
Configurations |
|---|---|
ECDSA |
Note
ECDSA support depends upon ECC Configurations being enabled.
The nrf_cc3xx_mbedcrypto library does not integrate on ECP layer. Only the top-level APIs for ECDSA are replaced.
Feature support
Algorithm |
Backend |
Curve group |
Curve type |
|---|---|---|---|
ECDSA |
cc3xx |
NIST |
secp192r1 |
secp224r1 |
|||
secp256r1 |
|||
secp384r1 |
|||
secp521r1 |
|||
Koblitz |
secp192k1 |
||
secp224k1 |
|||
secp256k1 |
|||
Curve25519 |
Curve25519 |
||
nrf_oberon |
NIST |
secp256r1 |
|
secp224r1 |
|||
Curve25519 |
Curve25519 |
ECJPAKE configurations
Elliptic Curve, Password Authenticated Key Exchange by Juggling (ECJPAKE) support can be configured by setting the CONFIG_MBEDTLS_ECJPAKE_C Kconfig variable.
Algorithm |
Configurations |
|---|---|
ECJPAKE |
Note
ECJPAKE support depends upon ECC Configurations being enabled.
Feature support
Algorithm |
Backend |
Curve group |
Curve type |
|---|---|---|---|
ECJPAKE |
cc3xx |
NIST |
secp256r1 |
nrf_oberon |
NIST |
secp256r1 |
ECC curves configurations
It is possible to configure the curves that should be supported in the system depending on the backend selected.
The following table shows the curves that can be enabled.
Curve |
Configurations |
Note |
|---|---|---|
NIST secp192r1 |
||
NIST secp224r1 |
||
NIST secp256r1 |
||
NIST secp384r1 |
||
NIST secp521r1 |
||
Koblitz secp192k1 |
||
Koblitz secp224k1 |
||
Koblitz secp256k1 |
||
Curve25519 |
Note
The nrf_oberon crypto library only supports ECC curve secp224r1 and secp256r1.
Choosing the nrf_oberon backend does not allow enabling the rest of the ECC curve types.
RSA configurations
Rivest-Shamir-Adleman (RSA) support can be configured by setting the CONFIG_MBEDTLS_RSA_C Kconfig variable.
Feature support
Algorithm |
Backend |
Key size |
Note |
|---|---|---|---|
RSA |
cc3xx |
Limited to 2048 bits |
|
nrf_oberon |
N/A |
Backend not supported |
Note
The Oberon backend uses functionality from Original Mbed TLS for RSA operations.
Secure Hash configurations
The Secure Hash algorithms can be configured by setting Kconfig variables in the following table:
Algorithm |
Support |
Backend selection |
|---|---|---|
SHA-1 |
||
SHA-224 |
||
SHA-256 |
||
SHA-384 |
||
SHA-512 |
Feature support
Algorithm |
Supported backends |
Note |
|---|---|---|
SHA-1 |
cc3xx |
|
nrf_oberon |
||
SHA-224 |
cc3xx |
SHA-224 must be enabled when enabling SHA-256 |
nrf_oberon |
||
SHA-256 |
cc3xx |
|
nrf_oberon |
||
SHA-384 |
cc3xx |
|
nrf_oberon |
||
SHA-512 |
cc3xx |
|
nrf_oberon |