FAQs
English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

Implementing TLS on A core [Linux]

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Implementing TLS on A core [Linux]

‎11-14-2024 12:08 AM
1,106 Views
ashwini2024
Contributor II

Hi NXP Community,

I am working with an S32G399A RDB3 board, using Yocto BSP 40, and am focusing on enabling TLS 1.2 and 1.3 support on the A-core Linux environment (Cortex-A53). I have a tls folder with a tls.c file, but I would like to know the best practices and configurations to ensure TLS 1.2 and TLS 1.3 support on this platform.

Specifically, I’d like to ask:

  1. Are there any existing Yocto recipes or configurations to enable TLS 1.2/1.3 on the BSP 40?
  2. If OpenSSL configuration is recommended, are there any specifics for compatibility with this platform?
  3. Are there additional options to leverage HSE for cryptographic acceleration in TLS?

Any guidance or examples would be greatly appreciated. Thank you for your help!

0 Kudos
Reply
2 Replies

‎11-14-2024 03:38 AM
1,090 Views
chenyin_h
NXP Employee
NXP Employee

Hello, @ashwini2024 

Thanks for your post.

I have checked the BSP, and found that currectly only AN14072 includes a simple demo of TLS handshake based on openssl.

Based on formal BSP, there are no such recipes to enable TLS, you may have to reference the AN14072 to manually build the correponding packages in order for testing this feature.

Currently the handshake demo is based on openssl,since openssl used widely in Linux. it has taken use of the HSE for processing TLS handshake.

I suggest referencing the demo and check if it could be helpful on your requirement

 

BR

Chenyin

0 Kudos
Reply

‎01-12-2025 11:36 PM
857 Views
ashwini2024
Contributor II

I appreciate your guidance regarding the AN14072 demo for TLS handshake using OpenSSL with HSE support.

While reviewing Yocto BSP 40, I came across the following path in the Linux kernel source:
net/tls/tls_main.c (GitHub Link)

Could you please confirm if this kernel-level implementation is relevant or can be leveraged in any way to support or enhance the TLS implementation with HSE?

Additionally, if it isn’t directly applicable, would you recommend focusing solely on the AN14072 demo for user-space integration with OpenSSL, or is there any additional guidance you could provide for a more complete integration of TLS with HSE?

Thank you for your continued support.

 

0 Kudos
Reply