• State Not Answered
  • Replies 2 replies
  • Subscribers 74 subscribers
  • Views 452 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 251648
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Need to have SHA384 support on nrf_security library

jli157@intel

Hi Nordic folks, 

We are using the nrf_security library inside "sdk-nrfxlib" (https://github.com/nrfconnect/sdk-nrfxlib/blob/master/nrf_security/) to support our projects based on Zephyr, trying to enable the CryptoCell to improve the performance of our TLS connection based on mbedTLS. One thing we need but is absent from the nrf_security library is SHA-384. Right now, the back end library supports only 

I'm wondering if it is possible to enable SHA-384 and how soon it can be implemented? 

My hardware platform is NRF52840-DK. 

Thank you! 

Jun Li

Intel Corporation | Santa Clara | CA | USA 

Parents
  • 0

    Hi Jun Li,

    SHA-384 is basically SHA-512 with some data removed. 

    The CryptoCell does not support SHA-512, so a software only is your option.

    If you are using NCS v1.3.0 you just need to enable CC310_BACKEND and then SHA-384 will be available through the API.

     * \param is384    Determines which function to use:
 *                 0: Use SHA-512, or 1: Use SHA-384.

int mbedtls_sha512_starts_ret( mbedtls_sha512_context *ctx, int is384 );


    (if you are using an older version than NCS v1.3.0 you would need to enable 'vanilla' and then use the API that picks SHA-384.

Reply
  • 0

    Hi Jun Li,

    SHA-384 is basically SHA-512 with some data removed. 

    The CryptoCell does not support SHA-512, so a software only is your option.

    If you are using NCS v1.3.0 you just need to enable CC310_BACKEND and then SHA-384 will be available through the API.

     * \param is384    Determines which function to use:
 *                 0: Use SHA-512, or 1: Use SHA-384.

int mbedtls_sha512_starts_ret( mbedtls_sha512_context *ctx, int is384 );


    (if you are using an older version than NCS v1.3.0 you would need to enable 'vanilla' and then use the API that picks SHA-384.

Children
Related
Terms of service