- Forums
- Product Forums
- General Purpose MicrocontrollersGeneral Purpose Microcontrollers
- i.MX Forumsi.MX Forums
- QorIQ Processing PlatformsQorIQ Processing Platforms
- Identification and SecurityIdentification and Security
- Power ManagementPower Management
- Wireless ConnectivityWireless Connectivity
- RFID / NFCRFID / NFC
- Advanced AnalogAdvanced Analog
- MCX Microcontrollers
- S32G
- S32K
- S32V
- MPC5xxx
- Other NXP Products
- S12 / MagniV Microcontrollers
- Powertrain and Electrification Analog Drivers
- Sensors
- Vybrid Processors
- Digital Signal Controllers
- 8-bit Microcontrollers
- ColdFire/68K Microcontrollers and Processors
- PowerQUICC Processors
- OSBDM and TBDML
- S32M
- S32Z/E
-
- Solution Forums
- Software Forums
- MCUXpresso Software and ToolsMCUXpresso Software and Tools
- CodeWarriorCodeWarrior
- MQX Software SolutionsMQX Software Solutions
- Model-Based Design Toolbox (MBDT)Model-Based Design Toolbox (MBDT)
- FreeMASTER
- eIQ Machine Learning Software
- Embedded Software and Tools Clinic
- S32 SDK
- S32 Design Studio
- GUI Guider
- Zephyr Project
- Voice Technology
- Application Software Packs
- Secure Provisioning SDK (SPSDK)
- Processor Expert Software
- Generative AI & LLMs
-
- Topics
- Mobile Robotics - Drones and RoversMobile Robotics - Drones and Rovers
- NXP Training ContentNXP Training Content
- University ProgramsUniversity Programs
- Rapid IoT
- NXP Designs
- SafeAssure-Community
- OSS Security & Maintenance
- Using Our Community
-
- Cloud Lab Forums
-
- Knowledge Bases
- ARM Microcontrollers
- i.MX Processors
- Identification and Security
- Model-Based Design Toolbox (MBDT)
- QorIQ Processing Platforms
- S32 Automotive Processing Platform
- Wireless Connectivity
- CodeWarrior
- MCUXpresso Suite of Software and Tools
- MQX Software Solutions
- RFID / NFC
- Advanced Analog
-
- NXP Tech Blogs
- Home
- :
- Product Forums
- :
- Other NXP Products
- :
- Perform AES-GCM encryption and decryption of plaintext using the CAAM hardware on the LS1028A board
Perform AES-GCM encryption and decryption of plaintext using the CAAM hardware on the LS1028A board
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
SOLVED
07-21-2025
07:06 AM
359 Views
Sweet
Contributor I
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I am developing a Security Engine (CAAM) driver for a Layerscape board. I’m currently looking for guidance or source code references for the following operation:
I want to create a black key and use it for AES-GCM encryption/decryption of plaintext.
I am already able to generate a black key successfully using AES-CCM. However, I need to encrypt and decrypt the plaintext using the AES-GCM algorithm, and I'm unable to find any example code or clear steps to build the required job descriptor.
While the Linux kernel source includes code to construct shared descriptors, I need to create a non-shared (simple) descriptor for this operation.
Additionally, could someone please explain how the black key is properly used to encrypt and decrypt data using AES-GCM? Specifically:
- How to load the black key and key modifier in the descriptor.
- How the CAAM uses this key internally for GCM encryption/decryption.
Any reference links or working examples would be greatly appreciated.
Solved! Go to Solution.
1 Solution
07-30-2025
10:12 PM
184 Views
Sweet
Contributor I
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks, @Oswalag
I found a good reference for the black key at https://gitlab.navisincontrol.com/varigit/linux-imx/-/blob/lf-5.15.y_var01/drivers/crypto/caam/caamk... , and for AES-GCM at https://github.com/nxp-mcuxpresso/mcux-sdk/blob/main/drivers/caam/fsl_caam.c
2 Replies
07-22-2025
07:21 AM
322 Views
Oswalag
NXP TechSupport
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
You can find a reference of how to generate a black key.
GitHub - nxp-imx/keyctl_caam: Keyctl CAAM Security
DPDK default supports AES_GCM in dpaa sec driver. You can refer to DPDK source code on descriptor building in DPAA_SEC_AEAD case.
DPDK/drivers/crypto/dpaa_sec/dpaa_sec.c
You can also find more information in the LS1028ASECRM
07-30-2025
10:12 PM
185 Views
Sweet
Contributor I
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks, @Oswalag
I found a good reference for the black key at https://gitlab.navisincontrol.com/varigit/linux-imx/-/blob/lf-5.15.y_var01/drivers/crypto/caam/caamk... , and for AES-GCM at https://github.com/nxp-mcuxpresso/mcux-sdk/blob/main/drivers/caam/fsl_caam.c
