ヘルプ
英语(美国) | English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

SE050 OpenSSL 3 Provider configuration

キャンセル
提案をオンにする
自動提案では、入力時に可能な一致が提案されるので検索結果を素早く絞り込むことができます。
次の結果を表示 
表示  限定  | 次の代わりに検索 
もしかして: 

SE050 OpenSSL 3 Provider configuration

‎09-12-2023 01:33 AM
2,970件の閲覧回数
joaoprudencio
Contributor I

Hi,

I'm using OM-SE050ARD with Yocto, OpenSSL 3.0.5, Plug & Trust MW 4.03.01 and have simw-top/sss/plugin/openssl_provider/bin/libsssProvider.so file and now I would like to know what changes I need to do in openssl.cnf file to use OpenSSL lib as SE050 Provider and after that what is the easy way to check the solution ?

Thank you in advance,

Joao

 

0 件の賞賛
返信
6 返答(返信)

‎09-12-2023 08:29 PM
2,930件の閲覧回数
Kan_Li
NXP TechSupport
NXP TechSupport

Hi @joaoprudencio ,

 

There is no need to edit openssl.cnf, OpenSSL 3 Provider can be used directly out of box. Please kindly refer to SE05x-MW-v04.03.01/simw-top/doc/sss/plugin/openssl_provider/scripts/readme.html for details. We also provide some scripts for test purpose. You may refer to "simw-top/sss/plugin/openssl_provider/scripts" for more details.

 

Hope that helps,

 

Have a great day,
Kan


-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

返信

‎09-18-2023 08:55 AM
2,762件の閲覧回数
mgrand
Contributor II

Dear Kan_Li,

I still have the exact same question, how is it possible to configure the se050 provider from openssl config file ? I'm using a third party software (which cannot be modified) which is based on openssl to handle a TLS network connection. 

At the moment, I have a semi working setup where the se050 provider seems to completely "hide" the default openssl provider therefore I'm not able to setup a working connection as the se050 provider does not implements all the algorithms needed to setup a TLS connection.

Can you provide me a working configuration file which handles the fallback to the built-in openssl algorithms when an algorithm is not implemented by your provider?

Best regards

0 件の賞賛
返信

‎09-18-2023 07:20 PM
2,726件の閲覧回数
Kan_Li
NXP TechSupport
NXP TechSupport

Hi @mgrand ,

 

As far as I know, such config file is just used for TLS use case in openssl 1.1 / 1.0, while TLS use case is not yet supported for openssl 3.0. So no such config files are present.

 

Have a great day,
Kan


-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

返信

‎11-06-2024 04:30 AM
1,489件の閲覧回数
rhuber
Contributor II
What is the recommended way to communicate with Azure using the TPM?

I summarized my findings in this question of the azure c sdk: https://github.com/Azure/azure-iot-sdk-c/issues/2657
0 件の賞賛
返信

‎09-13-2023 01:23 AM
2,896件の閲覧回数
joaoprudencio
Contributor I

Thank you for your quick answer and I have a one more question.

When I run the script "python3 openssl_rnd.py" everything ends correct, but when I run " python3 openssl_provisionEC.py --key_type prime256v1" at the end I get the following errors:

###############################################################
#
# SUBSYSTEM : se05x
# CONNECTION_TYPE : t1oi2c
# CONNECTION_PARAMETER : none
#
###############################################################
smCom :ERROR:Failed writing data (nrWritten=-1).

smCom :ERROR: - Error in I2C Write.....
smCom :ERROR:phNxpEseProto7816_SendRawFrame Error phNxpEse_WriteFrame
smCom :ERROR:TransceiveProcess Transceive send failed, going to recovery!
smCom :ERROR:phNxpEseProto7816_Open failed
smCom :ERROR: Failed to Open session
sss :ERROR:SM_I2CConnect Failed. Status 7012
# Connection parameters:
# subsystem : se05x
# connection_type : t1oi2c
# connection_data : none

 

My question it's what could be the reason for these errors ?

 

Thank you in advance

Joao

 

0 件の賞賛
返信

‎09-13-2023 05:55 PM
2,854件の閲覧回数
Kan_Li
NXP TechSupport
NXP TechSupport

Hi @joaoprudencio ,

 

Actually I haven't met such kind of issue before, and I am not sure if there is enough space left in your OM-SE050ARD, but maybe you can try to run se05x_Delete_and_test_provision at first. Please kindly let me know if the problem is still there.

 

Have a great day,
Kan


-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

0 件の賞賛
返信