帮助
英语(美国) | English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

Perform AES-GCM encryption and decryption of plaintext using the CAAM hardware on the LS1028A board

取消
开启建议
自动建议可通过在您键入时建议可能的匹配,而快速缩小您的搜索结果范围。
显示结果 
显示  仅  | 搜索替代 
您的意思是: 
已解决
跳至解决方案

Perform AES-GCM encryption and decryption of plaintext using the CAAM hardware on the LS1028A board

跳至解决方案
‎07-21-2025 07:06 AM
636 次查看
Sweet
Contributor I
I am developing a Security Engine (CAAM) driver for a Layerscape board. I’m currently looking for guidance or source code references for the following operation:
 
I want to create a black key and use it for AES-GCM encryption/decryption of plaintext.
I am already able to generate a black key successfully using AES-CCM. However, I need to encrypt and decrypt the plaintext using the AES-GCM algorithm, and I'm unable to find any example code or clear steps to build the required job descriptor.
 
While the Linux kernel source includes code to construct shared descriptors, I need to create a non-shared (simple) descriptor for this operation.
 
Additionally, could someone please explain how the black key is properly used to encrypt and decrypt data using AES-GCM? Specifically:
 
- How to load the black key and key modifier in the descriptor.
- How the CAAM uses this key internally for GCM encryption/decryption.
 
Any reference links or working examples would be greatly appreciated.

 

0 项奖励
回复
1 解答

跳至解决方案
‎07-30-2025 10:12 PM
461 次查看
Sweet
Contributor I

Thanks, @Oswalag 

I found a good reference for the black key at https://gitlab.navisincontrol.com/varigit/linux-imx/-/blob/lf-5.15.y_var01/drivers/crypto/caam/caamk... , and for AES-GCM at https://github.com/nxp-mcuxpresso/mcux-sdk/blob/main/drivers/caam/fsl_caam.c 

在原帖中查看解决方案

0 项奖励
回复
2 回复数

跳至解决方案
‎07-22-2025 07:21 AM
599 次查看
Oswalag
NXP TechSupport
NXP TechSupport

Hello,

You can find a reference of how to generate a black key.

GitHub - nxp-imx/keyctl_caam: Keyctl CAAM Security

DPDK default supports AES_GCM in dpaa sec driver. You can refer to DPDK source code on descriptor building in DPAA_SEC_AEAD case.
DPDK/drivers/crypto/dpaa_sec/dpaa_sec.c

You can also find more information in the LS1028ASECRM

0 项奖励
回复

跳至解决方案
‎07-30-2025 10:12 PM
462 次查看
Sweet
Contributor I

Thanks, @Oswalag 

I found a good reference for the black key at https://gitlab.navisincontrol.com/varigit/linux-imx/-/blob/lf-5.15.y_var01/drivers/crypto/caam/caamk... , and for AES-GCM at https://github.com/nxp-mcuxpresso/mcux-sdk/blob/main/drivers/caam/fsl_caam.c 

0 项奖励
回复
%3CLINGO-SUB%20id%3D%22lingo-sub-2137506%22%20slang%3D%22en-US%22%20mode%3D%22CREATE%22%3E%E4%BD%BF%E7%94%A8%20LS1028A%20%E6%9D%BF%E4%B8%8A%E7%9A%84%20CAAM%20%E7%A1%AC%E4%BB%B6%E5%AF%B9%E6%98%8E%E6%96%87%E6%89%A7%E8%A1%8C%20AES-GCM%20%E5%8A%A0%E5%AF%86%E5%92%8C%E8%A7%A3%E5%AF%86%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2137506%22%20slang%3D%22en-US%22%20mode%3D%22CREATE%22%3E%3CDIV%3E%E6%88%91%E6%AD%A3%E5%9C%A8%E4%B8%BALayerscape%E6%9D%BF%E5%BC%80%E5%8F%91%E7%BD%91%E7%BB%9C%E5%AE%89%E5%85%A8%E5%BC%95%E6%93%8E%EF%BC%88CAAM%EF%BC%89%E9%A9%B1%E5%8A%A8%E7%A8%8B%E5%BA%8F%E3%80%82%E6%88%91%E7%9B%AE%E5%89%8D%E6%AD%A3%E5%9C%A8%E5%AF%BB%E6%89%BE%E4%BB%A5%E4%B8%8B%E6%93%8D%E4%BD%9C%E7%9A%84%E6%8C%87%E5%AF%BC%E6%88%96%E6%BA%90%E4%BB%A3%E7%A0%81%E5%8F%82%E8%80%83%EF%BC%9A%3C%2FDIV%3E%3CDIV%3E%26nbsp%3B%3C%2FDIV%3E%3CDIV%3E%E6%88%91%E6%83%B3%E5%88%9B%E5%BB%BA%E4%B8%80%E4%B8%AA%E9%BB%91%E9%92%A5%E5%8C%99%EF%BC%8C%E5%B9%B6%E7%94%A8%E5%AE%83%E5%AF%B9%E6%98%8E%E6%96%87%E8%BF%9B%E8%A1%8C%20AES-GCM%20%E5%8A%A0%E5%AF%86%2F%E8%A7%A3%E5%AF%86%E3%80%82%3C%2FDIV%3E%3CDIV%3E%E6%88%91%E5%B7%B2%E7%BB%8F%E8%83%BD%E5%A4%9F%E4%BD%BF%E7%94%A8%20AES-CCM%20%E6%88%90%E5%8A%9F%E7%94%9F%E6%88%90%E9%BB%91%E5%AF%86%E9%92%A5%E3%80%82%E4%BD%86%E6%98%AF%EF%BC%8C%E6%88%91%E9%9C%80%E8%A6%81%E4%BD%BF%E7%94%A8AES-GCM%E7%AE%97%E6%B3%95%E5%8A%A0%E5%AF%86%E5%92%8C%E8%A7%A3%E5%AF%86%E6%98%8E%E6%96%87%EF%BC%8C%E8%80%8C%E4%B8%94%E6%88%91%E6%89%BE%E4%B8%8D%E5%88%B0%E4%BB%BB%E4%BD%95%E7%A4%BA%E4%BE%8B%E4%BB%A3%E7%A0%81%E6%88%96%E6%98%8E%E7%A1%AE%E7%9A%84%E6%AD%A5%E9%AA%A4%E6%9D%A5%E7%89%88%E6%9C%AC%E6%89%80%E9%9C%80%E7%9A%84%E4%BB%BB%E5%8A%A1%E6%8F%8F%E8%BF%B0%E7%AC%A6%E3%80%82%3C%2FDIV%3E%3CDIV%3E%26nbsp%3B%3C%2FDIV%3E%3CDIV%3E%E8%99%BD%E7%84%B6%20Linux%20%E5%86%85%E6%A0%B8%E6%BA%90%E4%BB%A3%E7%A0%81%E5%8C%85%E5%90%AB%E6%9E%84%E5%BB%BA%E5%85%B1%E4%BA%AB%E6%8F%8F%E8%BF%B0%E7%AC%A6%E7%9A%84%E4%BB%A3%E7%A0%81%EF%BC%8C%E4%BD%86%E6%88%91%E9%9C%80%E8%A6%81%E4%B8%BA%E8%AF%A5%E6%93%8D%E4%BD%9C%E5%88%9B%E5%BB%BA%E4%B8%80%E4%B8%AA%E9%9D%9E%E5%85%B1%E4%BA%AB%EF%BC%88%E7%AE%80%E5%8D%95%EF%BC%89%E6%8F%8F%E8%BF%B0%E7%AC%A6%E3%80%82%3C%2FDIV%3E%3CDIV%3E%26nbsp%3B%3C%2FDIV%3E%3CDIV%3E%E6%AD%A4%E5%A4%96%EF%BC%8C%E8%B0%81%E8%83%BD%E8%A7%A3%E9%87%8A%E4%B8%80%E4%B8%8B%E5%A6%82%E4%BD%95%E6%AD%A3%E7%A1%AE%E4%BD%BF%E7%94%A8%E9%BB%91%E9%92%A5%E5%8C%99%E6%9D%A5%E4%BD%BF%E7%94%A8%20AES-GCM%20%E5%8A%A0%E5%AF%86%E5%92%8C%E8%A7%A3%E5%AF%86%E6%95%B0%E6%8D%AE%EF%BC%9F%E5%85%B7%E4%BD%93%E6%9D%A5%E8%AF%B4%3C%2FDIV%3E%3CDIV%3E%26nbsp%3B%3C%2FDIV%3E%3CDIV%3E%3CSPAN%3E-%20%E5%A6%82%E4%BD%95%E5%9C%A8%E6%8F%8F%E8%BF%B0%E7%AC%A6%E4%B8%AD%E5%8A%A0%E8%BD%BD%E9%BB%91%E9%94%AE%E5%92%8C%E9%94%AE%E4%BF%AE%E6%94%B9%E5%99%A8%E3%80%82%3C%2FSPAN%3E%3C%2FDIV%3E%3CDIV%3E%3CSPAN%3E-%20CAAM%20%E5%A6%82%E4%BD%95%E5%9C%A8%E5%86%85%E9%83%A8%E4%BD%BF%E7%94%A8%E6%AD%A4%E5%AF%86%E9%92%A5%E8%BF%9B%E8%A1%8C%20GCM%20%E5%8A%A0%E5%AF%86%2F%E8%A7%A3%E5%AF%86%E3%80%82%3C%2FSPAN%3E%3C%2FDIV%3E%3CDIV%3E%26nbsp%3B%3C%2FDIV%3E%3CDIV%3E%E4%BB%BB%E4%BD%95%E5%8F%82%E8%80%83%E9%93%BE%E6%8E%A5%E6%88%96%E5%B7%A5%E4%BD%9C%E7%A4%BA%E4%BE%8B%E5%B0%86%E4%B8%8D%E8%83%9C%E6%84%9F%E6%BF%80%E3%80%82%3C%2FDIV%3E%3CBR%20%2F%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2144152%22%20slang%3D%22en-US%22%20mode%3D%22CREATE%22%20translate%3D%22no%22%3ERe%3A%20Perform%20AES-GCM%20encryption%20and%20decryption%20of%20plaintext%20using%20the%20CAAM%20hardware%20on%20the%20LS1028A%20bo%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2144152%22%20slang%3D%22en-US%22%20mode%3D%22CREATE%22%3E%3CP%3E%E8%B0%A2%E8%B0%A2%EF%BC%8C%3CA%20href%3D%22https%3A%2F%2Fcommunity.nxp.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F199933%22%20target%3D%22_blank%22%3E%40Oswalag%3C%2FA%3E%3C%2FP%3E%3CP%3E%E6%88%91%E5%9C%A8%3CA%20href%3D%22https%3A%2F%2Fgitlab.navisincontrol.com%2Fvarigit%2Flinux-imx%2F-%2Fblob%2Flf-5.15.y_var01%2Fdrivers%2Fcrypto%2Fcaam%2Fcaamkeyblob.c%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3E%20https%3A%2F%2Fgitlab.navisincontrol.com%2Fvarigit%2Flinux-imx%2F-%2Fblob%2Flf-5.15.y_var01%2Fdrivers%2Fcrypto%2Fcaam%2Fcaamkeyblob.c%3C%2FA%3E%20%3CSTRONG%3E%E6%89%BE%E5%88%B0%E4%BA%86%20%E9%BB%91%E9%92%A5%3C%2FSTRONG%3E%20%E7%9A%84%E5%A5%BD%E5%8F%82%E8%80%83%E8%B5%84%E6%96%99%EF%BC%8C%E5%9C%A8%3CA%20href%3D%22https%3A%2F%2Fgithub.com%2Fnxp-mcuxpresso%2Fmcux-sdk%2Fblob%2Fmain%2Fdrivers%2Fcaam%2Ffsl_caam.c%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3E%20https%3A%2F%2Fgithub.com%2Fnxp-mcuxpresso%2Fmcux-sdk%2Fblob%2Fmain%2Fdrivers%2Fcaam%2Ffsl_caam.c%3C%2FA%3E%20%E6%89%BE%E5%88%B0%E4%BA%86%3CSTRONG%3E%20AES-GCM%20%E7%9A%84%E5%A5%BD%E5%8F%82%E8%80%83%E8%B5%84%E6%96%99%3C%2FSTRONG%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2138480%22%20slang%3D%22en-US%22%20mode%3D%22CREATE%22%20translate%3D%22no%22%3ERe%3A%20Perform%20AES-GCM%20encryption%20and%20decryption%20of%20plaintext%20using%20the%20CAAM%20hardware%20on%20the%20LS1028A%20bo%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2138480%22%20slang%3D%22en-US%22%20mode%3D%22CREATE%22%3E%3CP%3E%E4%BD%A0%E5%A5%BD%3C%2FP%3E%0A%3CP%3E%E4%BD%A0%E5%8F%AF%E4%BB%A5%E6%89%BE%E5%88%B0%E5%85%B3%E4%BA%8E%E5%A6%82%E4%BD%95%E7%94%9F%E6%88%90%E9%BB%91%E9%92%A5%E7%9A%84%E5%8F%82%E8%80%83%E8%B5%84%E6%96%99%E3%80%82%3C%2FP%3E%0A%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fgithub.com%2Fnxp-imx%2Fkeyctl_caam%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3EGitHub-nxp-imx%2Fkeyctl_caam%EF%BC%9AKeyctl%20CAAM%20%E7%BD%91%E7%BB%9C%E5%AE%89%E5%85%A8%3C%2FA%3E%3C%2FP%3E%0A%3CP%3E%E5%9C%A8%20%3CSPAN%3Edpaa%20%E9%AB%98%E6%95%88%E5%AF%86%E7%A0%81%E5%AD%A6%E6%A0%87%E5%87%86(SEC)%E9%A9%B1%E5%8A%A8%E7%A8%8B%E5%BA%8F%E4%B8%AD%EF%BC%8CDPDK%20%E9%BB%98%E8%AE%A4%E6%94%AF%E6%8C%81%20AES_GCM%E3%80%82%E5%9C%A8%20DPAA_SEC_AEAD%20%E6%A1%88%E4%BE%8B%E4%B8%AD%EF%BC%8C%E4%BD%A0%E5%8F%AF%E4%BB%A5%E5%8F%82%E8%80%83%E5%85%B3%E4%BA%8E%E6%9E%84%E5%BB%BA%E6%8F%8F%E8%BF%B0%E7%AC%A6%E7%9A%84%20DPDK%20%E6%BA%90%E4%BB%A3%E7%A0%81%3C%2FSPAN%3E%E3%80%82%3CBR%20clear%3D%22none%22%20%2F%3E%3CSPAN%3EDPDK%2Fdrivers%2Fcrypto%2Fdpaa_sec%2Fdpaa_sec.c%3C%2FSPAN%3E%3C%2FP%3E%0A%3CP%3E%3CSPAN%3E%E6%82%A8%E8%BF%98%E5%8F%AF%E4%BB%A5%E5%9C%A8%3CA%20href%3D%22https%3A%2F%2Fwww.nxp.com%2Fwebapp%2FDownload%3FcolCode%3DLS1028ASECRM%22%20target%3D%22_self%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3ELS1028ASECRM%3C%2FA%3E%E4%B8%AD%E6%89%BE%E5%88%B0%E6%9B%B4%E5%A4%9A%E4%BF%A1%E6%81%AF%E3%80%82%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E