Hi Nordic team,
I would like to compare the differences between hardware-accelerated and software-based encryption to encrypt a small message. When I tried the crypto example, I was unsure whether I was using the hardware crypto engine. When I looked at the library documentation, I got confused about the different components and layers of implementation. Before moving into my main question, I would like to clarify my understanding of Crypto Library and CryptoCell.
As far as I understand, the PSA API comes from the TFM side. It requires underly drivers to support crypto operations, namely the Arm CryptoCell cc3xx binary and nrf_oberon binary.
My Questions are:
- Only the CryptoCell cc3xx driver utilizes CC310 to perform crypto operations, while the Oberon driver performs the operations by the MCU Core?
- Do all crypto samples by default utilize CC310?
- It mentioned in the documentation,
[CONFIG_HW_CC3XX]
has a default value of y. In my project, this value is n due to TRUSTED_EXECUTION_NONSECURE =n, what is the implication of this? - What is the difference between
[
CONFIG_PSA_CRYPTO_DRIVER_CC3XX]
[CONFIG_HW_CC3XX]
and[CONFIG_CC3XX_BACKEND]
? - How can I correctly configure to use either hardware-accelerated or software-based implementation?
- Does the current PSA AIP support to use along with KMU?
Best Regards,
Anthony