AnsweredAssumed Answered

Does Openssl API with help of cyrptodev interface using CAAM uses Hardware key for encryption/decryption?

Question asked by Swapnil Pendhare on Nov 2, 2015
Latest reply on Nov 4, 2015 by jamesbone

In Linux kernel CAAM can be accessed with the help of /dev/cyrpto interface to encrypt/decrypt data. as mentioned in document i.MX Linux User's Guide (IMXLUG) document section 9. Security.


using following API,

    echo "OpenSSL" | openssl enc -aes-256-cbc -engine cryptodev  > openssl1.dat

    openssl enc -aes-256-cbc -d -in openssal.dat


Does this encryption decryption mechanism involves hardware keys like OTPMK or software keys like ZMK?

if yes, how can we verify it?

if no, Is there any way to use these key (directly /indirectly ) for user level encryption.


Thanks in advance;