- Forums
- Product Forums
- General Purpose MicrocontrollersGeneral Purpose Microcontrollers
- i.MX Forumsi.MX Forums
- QorIQ Processing PlatformsQorIQ Processing Platforms
- Identification and SecurityIdentification and Security
- Power ManagementPower Management
- MCX Microcontrollers
- S32G
- S32K
- S32V
- MPC5xxx
- Other NXP Products
- Wireless Connectivity
- S12 / MagniV Microcontrollers
- Powertrain and Electrification Analog Drivers
- Sensors
- Vybrid Processors
- Digital Signal Controllers
- 8-bit Microcontrollers
- ColdFire/68K Microcontrollers and Processors
- PowerQUICC Processors
- OSBDM and TBDML
-
- Solution Forums
- Software Forums
- MCUXpresso Software and ToolsMCUXpresso Software and Tools
- CodeWarriorCodeWarrior
- MQX Software SolutionsMQX Software Solutions
- Model-Based Design Toolbox (MBDT)Model-Based Design Toolbox (MBDT)
- FreeMASTER
- eIQ Machine Learning Software
- Embedded Software and Tools Clinic
- S32 SDK
- S32 Design Studio
- GUI Guider
- Zephyr Project
- Voice Technology
- Application Software Packs
- Secure Provisioning SDK (SPSDK)
- Processor Expert Software
- MCUXpresso Training Hub
-
- Topics
- Mobile Robotics - Drones and RoversMobile Robotics - Drones and Rovers
- NXP Training ContentNXP Training Content
- University ProgramsUniversity Programs
- Rapid IoT
- NXP Designs
- SafeAssure-Community
- OSS Security & Maintenance
- Using Our Community
-
- Cloud Lab Forums
-
- Knowledge Bases
- ARM Microcontrollers
- i.MX Processors
- Identification and Security
- Model-Based Design Toolbox (MBDT)
- QorIQ Processing Platforms
- S32 Automotive Processing Platform
- Wireless Connectivity
- CodeWarrior
- MCUXpresso Suite of Software and Tools
- MQX Software Solutions
-
- Home
- :
- Product Forums
- :
- S32G
- :
- Re: How to encypt with AES algo on #S32G3 - RDB3
How to encypt with AES algo on #S32G3 - RDB3
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
How to encypt with AES algo on #S32G3 - RDB3
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
We are trying to test AES encrypt and decrypt function with the HW of HSE on RDB3 board. We tried PKCS11-tool and Opnessl , none worked. Could you please help have a check?
- PKCS11-tool
~/pkcs11-tool\
> --module /usr/lib/libpkcs-hse.so.1\
> --encrypt\
> --mechanism AES-CBC\
> --id 000101 \
> --iv 0123456789abcdef0123456789abcdef\
> --input-file file1.txt\
> --output-file file1_pkcs11.dat
libhse: initialized, firmware status 0x6b20
Using slot 0 with a present token (0x0)
Using encrypt algorithm AES-CBC
libhse: service response 0xA5AA5317 on channel 5
libhse: read reply failed on channel 5
libhse: closed
error: PKCS11 function C_EncryptUpdate failed: rv = CKR_FUNCTION_FAILED (0x6)
Aborting.
2. OPENSSL
2.1 With -K parameter, key is provided directly. One failure reported and one blank file created. The log as below:
openssl enc -engine pkcs11 -aes-128-cbc -in file1.txt -out file1_HWenc.dat -iv 0123456789ABCDEF0123456789ABCDEF -K 0123456789ABCDEF0123456789ABCDEF -debug
Engine "pkcs11" set.
ctx_load_object returned NULL
BIO[0x55ad1bd370]: ctrl(6) - cipher
BIO[0x55ad1bd2a0]: ctrl(6) - FILE pointer
BIO[0x55ad1bd2a0]: ctrl return 0
BIO[0x55ad1bd370]: ctrl return 0
BIO[0x55ad1bd030]: ctrl(10) - FILE pointer
BIO[0x55ad1bd030]: ctrl return 0
BIO[0x55ad1bd030]: ctrl(2) - FILE pointer
BIO[0x55ad1bd030]: ctrl return 0
BIO[0x55ad1bd030]: read(0,8192) - FILE pointer
BIO[0x55ad1bd030]: read return 1 processed: 367
BIO[0x55ad1bd370]: write(0,367) - cipher
BIO[0x55ad1bd370]: write return 0 processed: 0
error writing output file
BIO[0x55ad1bd030]: Free - FILE pointer
BIO[0x55ad1bd2a0]: Free - FILE pointer
BIO[0x55ad1bd370]: Free - cipher
2.2 When we try to load key from HW, we cannot find a right parameter to use. -inkey/-key/-keyform are not supported on "openssl enc"
Many thanks.
Daniel-Aguirre
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
We assume that you are trying to implement this under Linux, is this correct?
If so, can you let us know which BSP version are you using?
Please, let us know.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Yes,we are working on Linux. The BSP version is 40.0.
Thanks
Daniel-Aguirre
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
Thanks for your feedback.
All information on regards of HSE/Crypto usage under BSP40 are provided under the BSP40 User Manual for S32G3 platform.
Aside from that, we are not seeing much information on regards of PCKS11 and openssl usage, since we understand is not supported directly by NXP. For that, we can recommend contacting the related support team.
We do apologize.
Please, let us know.
