Perform AES-GCM encryption and decryption of plaintext using the CAAM hardware on the LS1028A board

取消
显示结果 
显示  仅  | 搜索替代 
您的意思是: 
已解决

Perform AES-GCM encryption and decryption of plaintext using the CAAM hardware on the LS1028A board

跳至解决方案
357 次查看
Sweet
Contributor I
I am developing a Security Engine (CAAM) driver for a Layerscape board. I’m currently looking for guidance or source code references for the following operation:
 
I want to create a black key and use it for AES-GCM encryption/decryption of plaintext.
I am already able to generate a black key successfully using AES-CCM. However, I need to encrypt and decrypt the plaintext using the AES-GCM algorithm, and I'm unable to find any example code or clear steps to build the required job descriptor.
 
While the Linux kernel source includes code to construct shared descriptors, I need to create a non-shared (simple) descriptor for this operation.
 
Additionally, could someone please explain how the black key is properly used to encrypt and decrypt data using AES-GCM? Specifically:
 
- How to load the black key and key modifier in the descriptor.
- How the CAAM uses this key internally for GCM encryption/decryption.
 
Any reference links or working examples would be greatly appreciated.

 

0 项奖励
回复
1 解答
182 次查看
Sweet
Contributor I
0 项奖励
回复
2 回复数
320 次查看
Oswalag
NXP TechSupport
NXP TechSupport

Hello,

You can find a reference of how to generate a black key.

GitHub - nxp-imx/keyctl_caam: Keyctl CAAM Security

DPDK default supports AES_GCM in dpaa sec driver. You can refer to DPDK source code on descriptor building in DPAA_SEC_AEAD case.
DPDK/drivers/crypto/dpaa_sec/dpaa_sec.c

You can also find more information in the LS1028ASECRM

0 项奖励
回复
183 次查看
Sweet
Contributor I
0 项奖励
回复