OpenSSL is popular software library for applications that secure communications over computer networks against eavesdropping or need to identify the party at the other end. It is widely used in internet web servers, serving a majority of all web sites. OpenSSL contains an open-source implementation of the Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols, it is a robust, commercial-grade, and full-featured toolkit for the SSL and TLS protocols. OpenSSL is also a general-purpose cryptography library. Its core library, written in the C programming language, implements basic cryptographic functions and provides various utility functions. Wrappers allowing the use of the OpenSSL library in a variety of computer languages are available. More and more embeded systems, like IoT gateway, ePOS, based on i.MX use OpenSSL for their secure communications and cryptographic operations. But it's cryptography library is pure software implementation which need to occupy lots of CPU resouce and the perfermance is very weak than dedicated hardware IP (like CAAM).
CAAM is the i.MX's cryptographic acceleration and assurance module, which serves as NXP's latest cryptographic acceleration and offloading hardware. It combines functions previously implemented in separate modules to create a modular and scalable acceleration and assurance engine. It also implements block encryption algorithms, stream cipher algorithms, hashing algorithms, public key algorithms (i.MX6UL/i.MX7D/S), and a hardware random number generator.
The official Yocto release (L4.1.15_2.0.0-ga) of the i.MX only enable cryptodev for accelerating symmetric algorithms and hashing algorithms, not support asymmetric algorithms(RSA, ECC). And its engine in OpenSSL(version 1.0.2h) also miss some features which is used to support symmetric algorithms and hashing algorithms, for example, AES ECB, SHA224/256, etc. These patches in the post will close the above gaps for i.MX Linux system. The software environments as the belows:
Linux kernel: imx_4.1.15_2.0.0_ga
cryptodev: 1.8
OpenSSL: 1.0.2h
The patches include the following key features:
1, Add public key cryptography part in CAAM driver, through protocol commands, to implement a number of public (and private) key functions. These are DSA and ECDSA sign/verify, Diffie-Hellman (DH) and ECDH key agreement, ECC key generation, DLC key generation, RSA encryption/decryption, RSA key-generation finalization.
2, Add big number operation and elliptic curve math in CAAM driver to implement addition, subtraction, multiplication, exponentiation, reduction, inversion, greatest common divisor, prime testing and point add, point double, point multiply.
3, Add API in cryptodev to support RSA encryption/decryption, DSA/ECDSA sign/verify, DH/ECDH key agreement, ECC & DLC & RSA key generation and big number operation and elliptic curve math.
4, Add public key cryptography functions, hardware rng, and missing hash symmetric algorithms in OpenSSL crytodev engine.
Note:
1, You can refer to ecdhtest.c, ecdsatest.c, dhtest.c, dsatest.c, rsa_test.c for how to use crytodev engine in your applications based on libcryto.so. You can also find their executable programs in folder openssl-1.0.2h/test after compiling.
2, If you want to call crytodev API directly to accelerate public key cryptography operations, please refer to asymmetric_cipher.c in cryptodev-linux-1.8/tests.
Current Limitation:
1, CAAM driver don't support AES GCM/CCM but hardware supporting. I plan to add the feature next version.
2, ECDSA sign/verify will fail on some binary curves (sect163r1, sect163r2, sect193r1, sect193r2, sect233r1, sect283r1, sect409r1, sect571r1 and X9.62 binary curves). I will try to find the root cause and fix it.
====================================
for some binary curves (sect163r1, sect163r2, sect193r1, sect193r2, sect233r1, sect283r1, sect409r1, sect571r1 and X9.62 binary curves) are rarely used, so i will try to find the root cause when i'm free.
+++++++++++++++++++++++ updating for Linux-4.14.78-1.1.10 ++++++++++++++++++++++++++++
This updating is for Yocto release of Linux -4.14.78-1.1.10. The new software environments as the belows:
Linux kernel: imx_4.14.78_1.1.10
cryptodev: 1.9
OpenSSL: 1.0.2p
HW platform: i.MX6UL, i.MX7D/S, i.MX8M/8M Mini, i.MX8/8X.
The patches include the following new features:
1, support RSA key generation but defaultly use openssl build-in function (BN_generate_prime_ex) to create prime p, q for higher security. If need to use CAAM accelerating, please comment Macro USE_BUILTIN_PRIME_GENERATION, but don't confirm its security.
2, Add Manufacturing-protection feature, and you can refer to manufacturing_protection_test function in asymmetric_cipher.c.
3, Support AES GCM in cryptodev.
4, git clone https://gitee.com/zxd2021-imx/meta-openssl-caam.git, git checkout Linux-4.14.78-1.1.10 and copy meta-openssl-caam to folder <Yocto 4.14.78-1.1.10 dir>/sources/
5, Run DISTRO=fsl-imx-wayland MACHINE=imx6ulevk source fsl-setup-release.sh -b build-imx6ulevk and add BBLAYERS += " ${BSPDIR}/sources/meta-openssl-caam " into /build-imx6ulevk/conf/bblayers.conf
6, bitbake fsl-image-validation-imx
7, Run the below command on your i.MX6UL EVK board.
modprobe cryptodev
openssl genrsa -f4 -engine cryptodev 512 -elapsed
openssl speed dsa -engine cryptodev -elapsed
openssl genrsa -f4 -engine cryptodev 1024 -elapsed
openssl speed rsa -engine cryptodev -elapsed
openssl genrsa -f4 -engine cryptodev 2048 -elapsed
openssl speed ecdsa -engine cryptodev -elapsed
openssl genrsa -f4 -engine cryptodev 3072 -elapsed
openssl speed ecdh -engine cryptodev -elapsed
openssl genrsa -f4 -engine cryptodev 4096 -elapsed
openssl speed -evp sha256 -engine cryptodev -elapsed
openssl speed -evp aes-128-cbc -engine cryptodev -elapsed
openssl speed -evp aes-128-ecb -engine cryptodev -elapsed
openssl speed -evp aes-128-cfb -engine cryptodev -elapsed
openssl speed -evp aes-128-ofb -engine cryptodev -elapsed
openssl speed -evp des-ede3 -engine cryptodev -elapsed
openssl speed -evp des-cbc -engine cryptodev -elapsed
openssl speed -evp des-ede3-cfb -engine cryptodev -elapsed
+++++++++++++++++++++++ updating for Linux-4.14.98-2.3.3 ++++++++++++++++++++++++++++
This updating is for Yocto release of Linux -4.14.98-2.3.3. The new software environments as the belows:
Linux kernel: imx_4.14.98-2.3.3
cryptodev: 1.9
OpenSSL: 1.0.2p
HW platform: i.MX6UL, i.MX7D/S, i.MX8M/8M Mini/8M Nano, i.MX8/8X.
The patches include the following new features:
1, git clone https://gitee.com/zxd2021-imx/meta-openssl-caam.git, git checkout Linux-4.14.98-2.3.3 and copy meta-openssl-caam to folder <Yocto 4.14.98-2.3.3 dir>/sources/
2, Run DISTRO=fsl-imx-wayland MACHINE=imx8mmevk source fsl-setup-release.sh -b build-imx8mmevk and add BBLAYERS += " ${BSPDIR}/sources/meta-openssl-caam " into /build-imx8mmevk/conf/bblayers.conf
3, bitbake fsl-image-validation-imx
4, Run the below command on your i.MX8M Mini EVK board.
modprobe cryptodev
openssl genrsa -f4 -engine cryptodev 512 -elapsed
openssl speed dsa -engine cryptodev -elapsed
openssl genrsa -f4 -engine cryptodev 1024 -elapsed
openssl speed rsa -engine cryptodev -elapsed
openssl genrsa -f4 -engine cryptodev 2048 -elapsed
openssl speed ecdsa -engine cryptodev -elapsed
openssl genrsa -f4 -engine cryptodev 3072 -elapsed
openssl speed ecdh -engine cryptodev -elapsed
openssl genrsa -f4 -engine cryptodev 4096 -elapsed
openssl speed -evp sha256 -engine cryptodev -elapsed
openssl speed -evp aes-128-cbc -engine cryptodev -elapsed
openssl speed -evp aes-128-ecb -engine cryptodev -elapsed
openssl speed -evp aes-128-cfb -engine cryptodev -elapsed
openssl speed -evp aes-128-ofb -engine cryptodev -elapsed
openssl speed -evp des-ede3 -engine cryptodev -elapsed
openssl speed -evp des-cbc -engine cryptodev -elapsed
openssl speed -evp des-ede3-cfb -engine cryptodev -elapsed
+++++++++++++++++++++++ updating for Linux-4.19.35-1.1.2 ++++++++++++++++++++++++++++
This updating is for Yocto release of Linux 4.19.35-1.1.2.
Software environments as the belows:
Linux kernel: imx_4.19.35-1.1.2
cryptodev: 1.10
OpenSSL: 1.1.1l
HW platform: i.MX6UL, i.MX7D/S, i.MX8M/8M Mini/8M Nano, i.MX8/8X.
How to build:
1, git clone https://gitee.com/zxd2021-imx/meta-openssl-caam.git, git checkout Linux-4.19.35-1.1.2 and copy meta-openssl-caam to folder <Yocto 4.19.35-1.1.2 dir>/sources/
2, Run DISTRO=fsl-imx-wayland MACHINE=imx8mmevk source imx-setup-release.sh -b build-imx8mmevk and add BBLAYERS += " ${BSPDIR}/sources/meta-openssl-caam " into <Yocto 4.19.35-1.1.2 dir>/build-imx8mmevk/conf/bblayers.conf.
3, Run bitbake fsl-image-validation-imx.
4, Run the below command on your i.MX8M Mini EVK board.
modprobe cryptodev
openssl speed dsa
openssl speed rsa
openssl speed ecdsa
openssl speed ecdh
openssl genrsa -f4 -engine devcrypto 512
openssl genrsa -f4 -engine devcrypto 1024
openssl genrsa -f4 -engine devcrypto 2048
openssl genrsa -f4 -engine devcrypto 3072
openssl genrsa -f4 -engine devcrypto 4096
openssl speed -evp sha256 -engine devcrypto -elapsed
openssl speed -evp aes-128-cbc -engine devcrypto -elapsed
openssl speed -evp aes-128-ecb -engine devcrypto -elapsed
openssl speed -evp aes-128-cfb -engine devcrypto -elapsed
openssl speed -evp aes-128-ofb -engine devcrypto -elapsed
openssl speed -evp des-ede3 -engine devcrypto -elapsed
openssl speed -evp des-cbc -engine devcrypto -elapsed
openssl speed -evp des-ede3-cfb -engine devcrypto -elapsed
+++++++++++++++++++++++ updating for Linux-5.4.70-2.3.4 ++++++++++++++++++++++++++++
This updating is for Yocto release of Linux 5.4.70_2.3.4.
Software environments as the belows:
Linux kernel: imx_5.4.70_2.3.4
cryptodev: 1.10
OpenSSL: 1.1.1l
HW platform: i.MX6UL, i.MX7D/S, i.MX8M/8M Mini/8M Nano/8M Plus, i.MX8/8X.
How to build:
1, git clone https://gitee.com/zxd2021-imx/meta-openssl-caam.git, git checkout Linux-5.4.70-2.3.4 and copy meta-openssl-caam to folder <Yocto 5.4.70_2.3.4 dir>/sources/
2, Run DISTRO=fsl-imx-wayland MACHINE=imx8mmevk source imx-setup-release.sh -b build-imx8mmevk and add BBLAYERS += " ${BSPDIR}/sources/meta-openssl-caam " into <Yocto 5.4.70_2.3.4 dir>/build-imx8mmevk/conf/bblayers.conf.
3, Run bitbake imx-image-multimedia.
4, Run the below command on your i.MX8M Mini EVK board.
modprobe cryptodev
openssl speed dsa
openssl speed rsa
openssl speed ecdsa
openssl speed ecdh
openssl genrsa -f4 -engine devcrypto 512
openssl genrsa -f4 -engine devcrypto 1024
openssl genrsa -f4 -engine devcrypto 2048
openssl genrsa -f4 -engine devcrypto 3072
openssl genrsa -f4 -engine devcrypto 4096
openssl speed -evp sha256 -engine devcrypto -elapsed
openssl speed -evp aes-128-cbc -engine devcrypto -elapsed
openssl speed -evp aes-128-ecb -engine devcrypto -elapsed
openssl speed -evp aes-128-cfb -engine devcrypto -elapsed
openssl speed -evp aes-128-ofb -engine devcrypto -elapsed
openssl speed -evp des-ede3 -engine devcrypto -elapsed
openssl speed -evp des-cbc -engine devcrypto -elapsed
openssl speed -evp des-ede3-cfb -engine devcrypto -elapsed
+++++++++++++++++++++++ updating for Linux-5.10.52-2.1.0 ++++++++++++++++++++++++++++
This updating is for Yocto release of Linux 5.10.52_2.1.0.
Software environments as the belows:
Linux kernel: lf-5.10.y
cryptodev: 1.12
OpenSSL: 1.1.1l
HW platform: i.MX6UL, i.MX7D/S, i.MX8M/8M Mini/8M Nano/8M Plus, i.MX8/8X.
How to build:
1, git clone https://gitee.com/zxd2021-imx/meta-openssl-caam.git, git checkout Linux-5.10.52-2.1.0 and copy meta-openssl-caam to folder <Yocto 5.10.52_2.1.0 dir>/sources/
2, Run DISTRO=fsl-imx-xwayland MACHINE=imx8mmevk source imx-setup-release.sh -b build-imx8mmevk and add BBLAYERS += " ${BSPDIR}/sources/meta-openssl-caam " into <Yocto 5.10.52_2.1.0 dir>/build-imx8mmevk/conf/bblayers.conf.
3, Run bitbake imx-image-multimedia.
4, Run the below command on your i.MX8M Mini EVK board.
modprobe cryptodev
openssl speed dsa
openssl speed rsa
openssl speed ecdsa
openssl speed ecdh
openssl genrsa -f4 -engine devcrypto 512
openssl genrsa -f4 -engine devcrypto 1024
openssl genrsa -f4 -engine devcrypto 2048
openssl genrsa -f4 -engine devcrypto 3072
openssl genrsa -f4 -engine devcrypto 4096
openssl speed -evp sha256 -engine devcrypto -elapsed
openssl speed -evp aes-128-cbc -engine devcrypto -elapsed
openssl speed -evp aes-128-ecb -engine devcrypto -elapsed
openssl speed -evp aes-128-cfb -engine devcrypto -elapsed
openssl speed -evp aes-128-ofb -engine devcrypto -elapsed
openssl speed -evp des-ede3 -engine devcrypto -elapsed
openssl speed -evp des-cbc -engine devcrypto -elapsed
openssl speed -evp des-ede3-cfb -engine devcrypto -elapsed
+++++++++++++++++++++++ updating for Linux-5.15.71-2.2.0 ++++++++++++++++++++++++++++
This updating is for Yocto release of Linux 5.15.71-2.2.0.
Software environments as the belows:
Linux kernel: lf-5.15.71-2.2.0
cryptodev: 1.12
OpenSSL: 3.1.0
HW platform: i.MX6UL, i.MX7D/S, i.MX8M/8M Mini/8M Nano/8M Plus, i.MX8/8X.
How to build:
1, git clone https://gitee.com/zxd2021-imx/meta-openssl-caam.git, git checkout Linux-5.15.71-2.2.0 and copy meta-openssl-caam to folder <Yocto 5.15.71_2.2.0 dir>/sources/
2, Run DISTRO=fsl-imx-xwayland MACHINE=imx8mmevk source imx-setup-release.sh -b build-imx8mmevk and add BBLAYERS += " ${BSPDIR}/sources/meta-openssl-caam " into <Yocto 5.15.71_2.2.0 dir>/build-imx8mmevk/conf/bblayers.conf.
3, Run bitbake imx-image-multimedia.
4, Run the below command on your i.MX8M Mini EVK board.
modprobe cryptodev
openssl speed sm2
openssl speed dsa
openssl speed rsa
openssl speed ecdsa
openssl speed ecdh
openssl genrsa -f4 -engine devcrypto 512
openssl genrsa -f4 -engine devcrypto 1024
openssl genrsa -f4 -engine devcrypto 2048
openssl genrsa -f4 -engine devcrypto 3072
openssl genrsa -f4 -engine devcrypto 4096
openssl speed -evp sha256 -engine devcrypto -elapsed
openssl speed -evp aes-128-cbc -engine devcrypto -elapsed
openssl speed -evp aes-128-ecb -engine devcrypto -elapsed
openssl speed -evp aes-128-cfb -engine devcrypto -elapsed
openssl speed -evp aes-128-ofb -engine devcrypto -elapsed
openssl speed -evp des-ede3 -engine devcrypto -elapsed
openssl speed -evp des-cbc -engine devcrypto -elapsed
openssl speed -evp des-ede3-cfb -engine devcrypto -elapsed
Has any of these patches already been integrated in the latest Linux 4.9.88_2.0.0 Yocto Release for i.MX6UL?
Hi Adrian,
I complete to port these patches to L4.9.88_2.0.0. But L4.9.88_2.0.0 don't support i.MX8X/8QM, also not i.MX8M GA release. So I plan to upload updated patched after integrating them into L4.14.62 which is GA release for i.MX8X/8QM/8M Mini/8MQ and legacy i.MX.
Complete to port these patches to L4.14.78 GA. The new software environments as the belows:
Linux kernel: imx_4.14.78_1.0.0_ga
cryptodev: 1.9
OpenSSL: 1.0.2p
HW platform: i.MX6UL, i.MX7D/S, i.MX8M/MM, i.MX8QM/QXP.
The patches include the following new features:
1, support RSA key generation but defaultly use openssl build-in function (BN_generate_prime_ex) to create prime p, q for higher security. If need to use CAAM accelerating, please comment Macro USE_BUILTIN_PRIME_GENERATION, but don't confirm its security.
2, Add Manufacturing-protection feature, and you can refer to manufacturing_protection_test function in asymmetric_cipher.c.
3, Support AES GCM in cryptodev.
4, run "git apply 0001-Enhance-cryptodev-and-its-engine-in-OpenSSL-by-CAAM-.patch" under folder sources/poky, and "git apply 0001-Add-public-key-cryptography-operations-in-CAAM-drive.patch, git apply 0002-Fix-the-hash-issue-in-caamhash.c-due-to-aligned-outp.patch" under folder sources/meta-fsl-bsp-release for patch these codes.
Note: HMAC feature has the issue on i.MX8M/MM, i.MX8QM/QXP. I already raise the issue to SW guy to fix it.
Dear @xiaodong_zhang,
I am facing the following error while bitbaking the iMX Robot Platform v3.1-L5.15.71-2.2.0 instructed in https://community.nxp.com/t5/i-MX-Processors-Knowledge-Base/i-MX-%E6%9C%BA%E5%99%A8%E4%BA%BA%E5%B9%B...
ERROR: openssl-3.1.0.imx-r0 do_patch: Applying patch '0001-Enhance-cryptodev-s-engine-by-CAAM-public-key-crypto.patch' on target directory '/workdir/imx-yocto-bsp-5_15_71-2_2_x-robotics/imx8mpevk-robot-humble/tmp/work/armv8a-poky-linux/openssl/3.1.0.imx-r0/openssl-3.1.0.imx'
CmdError('quilt --quiltrc /workdir/imx-yocto-bsp-5_15_71-2_2_x-robotics/imx8mpevk-robot-humble/tmp/work/armv8a-poky-linux/openssl/3.1.0.imx-r0/recipe-sysroot-native/etc/quiltrc push', 0, 'stdout: Applying patch 0001-Enhance-cryptodev-s-engine-by-CAAM-public-key-crypto.patch
patching file apps/speed.c
patching file crypto/ec/ec_curve.c
patching file crypto/ec/ec_key.c
patching file crypto/ec/ec_local.h
patching file crypto/sm2/sm2_crypt.c
patching file crypto/sm2/sm2_sign.c
patching file engines/e_devcrypto.c
Hunk #10 FAILED at 747.
Hunk #11 FAILED at 774.
Hunk #12 succeeded at 808 (offset -14 lines).
Hunk #13 succeeded at 984 (offset -14 lines).
Hunk #14 succeeded at 1061 (offset -14 lines).
Hunk #15 succeeded at 1499 (offset -14 lines).
2 out of 15 hunks FAILED -- rejects in file engines/e_devcrypto.c
patching file test/dsatest.c
patching file test/ecdsatest.c
patching file test/rsa_test.c
Patch 0001-Enhance-cryptodev-s-engine-by-CAAM-public-key-crypto.patch does not apply (enforce with -f)
stderr: ')
ERROR: Logfile of failure stored in: /workdir/imx-yocto-bsp-5_15_71-2_2_x-robotics/imx8mpevk-robot-humble/tmp/work/armv8a-poky-linux/openssl/3.1.0.imx-r0/temp/log.do_patch.544102
ERROR: Task (/workdir/imx-yocto-bsp-5_15_71-2_2_x-robotics/sources/meta-openssl-caam/recipes-openssl-caam/openssl/openssl_3.1.0.imx.bb:do_patch) failed with exit code '1'
I even cloned https://gitee.com/zxd2021-imx/meta-openssl-caam.git into the imx-yocto-bsp-5_15_71-2_2_x-robotics/sources and included it into imx-yocto-bsp-5_15_71-2_2_x-robotics/imx8mpevk-robot-humble/conf/bblayers.conf but the error still persists.
I observe that the patches in meta-openssl-caam/recipes-openssl-caam/openssl/openssl/ and in meta-robot-platform/imx/meta-robot/recipes-security/openssl/openssl/ are the same.
Could you help to resolve, please ?
Thanks in advance and best regards,
Khang
Can you attach your log.do_patch after buildinig openssl_3.1.0.imx?
Hi @xiaodong_zhang ,
I could not attach the file here therefore I sent it to you via the private message channel. Please check!
Best Regards,
Khang
This updated 0001-Enhance-cryptodev-s-engine-by-CAAM-public-key-crypto.patch works after deleting some unmatched blank lines.
Dear @Benjamin_Hu ,
Very good finding! I will give it a try. Thank you!
You may also need this patch for gmssl if running into the error of "glob" is not exported by the File::Glob module.
Hi @xiaodong_zhang , with the above patch, I can build the image but get an error when running on the target.
~# openssl speed sm2
../openssl-3.1.0.imx/apps/speed.c:1663: OpenSSL internal error: assertion failed: ed_curves[EdDSA_NUM - 1].nid == NID_ED448
Aborted
~# openssl speed -evp sha256 -engine devcrypto -elapsed
../openssl-3.1.0.imx/apps/speed.c:1663: OpenSSL internal error: assertion failed: ed_curves[EdDSA_NUM - 1].nid == NID_ED448
Aborted
By looking into openssl-3.1.0.imx source code ( build/tmp/work/cortexa72-cortexa53-tdx-linux/openssl/3.1.0.imx-r0/openssl-3.1.0.imx )in Yocto Project where it has been patched, I find the above error at line 1663 of apps/speed.c comes from the section where OPENSSL_NO_DEVCRYPTOENG is defined, measning devcrypto engine is not enabled when compiling.
1662 │ #ifdef OPENSSL_NO_DEVCRYPTOENG
1663 │ OPENSSL_assert(ed_curves[EdDSA_NUM - 1].nid == NID_ED448);
1664 │ OPENSSL_assert(strcmp(eddsa_choices[EdDSA_NUM - 1].name, "ed448") == 0);
1665 │
1666 │ OPENSSL_assert(ec_curves[EC_NUM - 1].nid == NID_X448);
1667 │ OPENSSL_assert(strcmp(ecdh_choices[EC_NUM - 1].name, "ecdhx448") == 0);
1668 │ #endif
1669 │ OPENSSL_assert(ec_curves[ECDSA_NUM - 1].nid == NID_brainpoolP512t1);
1670 │ OPENSSL_assert(strcmp(ecdsa_choices[ECDSA_NUM - 1].name, "ecdsabrp512t1") == 0)
Furthermore, I enable cryptodev-linux configuration option for OpenSSL in local.con file and try to rebuild it.
PACKAGECONFIG:append:pn-openssl = " cryptodev-linux"
However, I meet compile error.
| ../openssl-3.1.0.imx/engines/e_devcrypto.c: In function 'prepare_cipher_methods':
| ../openssl-3.1.0.imx/engines/e_devcrypto.c:764:9: error: 'do_cipher' undeclared (first use in this function)
| 764 | do_cipher = cipher_do_cipher;
| | ^~~~~~~~~
| ../openssl-3.1.0.imx/engines/e_devcrypto.c:764:9: note: each undeclared identifier is reported only once for each function it appears in
| ../openssl-3.1.0.imx/engines/e_devcrypto.c:769:17: error: 'init' undeclared (first use in this function); did you mean 'int'?
| 769 | init = cryptodev_init_aead_key;
| | ^~~~
| | int
| ../openssl-3.1.0.imx/engines/e_devcrypto.c:771:17: error: 'ctrl' undeclared (first use in this function)
| 771 | ctrl = cryptodev_cbc_hmac_sha1_ctrl;
| | ^~~~
| ../openssl-3.1.0.imx/engines/e_devcrypto.c:772:17: error: 'flags' undeclared (first use in this function)
| 772 | flags = cipher_data[i].flags;
| | ^~~~~
| ../openssl-3.1.0.imx/engines/e_devcrypto.c:789:47: error: 'ctr_do_cipher' undeclared (first use in this function); did you mean 'cipher_do_cipher'?
| 789 | ctr_do_cipher :
| | ^~~~~~~~~~~~~
| | cipher_do_cipher
Again, looking into openssl-3.1.0.imx patched source code, I allocate line 764 of engines/e_devcrypto.c.
764 │ do_cipher = cipher_do_cipher;
765 │ if (cipher_data[i].nid == NID_aes_128_cbc_hmac_sha1
766 │ || cipher_data[i].nid == NID_aes_256_cbc_hmac_sha1
767 │ || cipher_data[i].nid == NID_aes_128_cbc_hmac_sha256
768 │ || cipher_data[i].nid == NID_aes_256_cbc_hmac_sha256) {
769 │ init = cryptodev_init_aead_key;
770 │ do_cipher = cryptodev_aead_cipher;
771 │ ctrl = cryptodev_cbc_hmac_sha1_ctrl;
772 │ flags = cipher_data[i].flags;
───────┴─────────────────────────────────────────────────────
The undeclared errors of do_cipher, init, ctrl and flags variables are all imported from 0001-Enhance-cryptodev-s-engine-by-CAAM-public-key-crypto.patch.
@@ -475,6 +775,16 @@ static void prepare_cipher_methods(void)
cipher_mode = cipher_data[i].flags & EVP_CIPH_MODE;
+ do_cipher = cipher_do_cipher;
+ if (cipher_data[i].nid == NID_aes_128_cbc_hmac_sha1
+ || cipher_data[i].nid == NID_aes_256_cbc_hmac_sha1
+ || cipher_data[i].nid == NID_aes_128_cbc_hmac_sha256
+ || cipher_data[i].nid == NID_aes_256_cbc_hmac_sha256) {
+ init = cryptodev_init_aead_key;
+ do_cipher = cryptodev_aead_cipher;
+ ctrl = cryptodev_cbc_hmac_sha1_ctrl;
+ flags = cipher_data[i].flags;
+ }
do_cipher is defined in crypto/evp.h as a member of struct evp_cipher_st. In engines/e_devcrypto.c where the error happens, do_cipher is referenced directly without any struct evp_cipher_st variable declared. It seems unusual.
Can you please help to have a look at it? Thanks very much!
Hi,
@xiaodong_zhang , @Benjamin_Hu has there been any progress with the undeclared errors concerning errors do_cipher, init, ctrl and flags?
I have also enabled cryptodev-linux in my local.conf and am running into the same errors.
Hi @froos
Except the build guide mentioned by me, you don't need to do any other thing, such as enable cryptodev-linux in the local.conf. Because cryptodev-linux already be added into PACKAGECONFIG for openssl in sources/meta-imx/meta-bsp/recipes-connectivity/openssl/openssl_%.bbappend ( PACKAGECONFIG:append:imx-nxp-bsp = " cryptodev-linux"). You should check your flow.
Hi @xiaodong_zhang ,
is it really supposed to run properly on iMX7D? I mean other openssl features shouldn't suffer. With patch applied for some reason
produces garbage, but not valid rsa private key of specified length, like this
Generating RSA private key, 2048 bit long modulus (2 primes)
..............+++++
.......................+++++
e is 65537 (0x010001)
-----BEGIN RSA PRIVATE KEY-----
MIIBHwIBAAIBAAIDAQABAgEAAoGBAN3eqM7EE0qYOpX4ugVj+oDWvtxQtE2++NRo
zUmvI+rUQ4QPEEZPDsLMxk5OTy2MdV1I4pn5g8LxTNheercbl100haL6dLvrD0X+
8ZUhdBWcPjjdKVRNcTht1Peiep7wN0pCinMtkxn2EhzoBW+zLgOU/zbaA6cVK62h
qnBlr6IVAoGBAMcNJwIghbtCBOJPS4flH+j2ZL+Ul9SzmEaFuWCla2prfLMn0hc5
GZYCX4PKb6RJ2ue9Hrog23OioPpkuTuBUrWm8KesjBH+lhIZwoR7wAFmniQrf8oN
J1dXv6jEiRNXOBe8Cd9SVTeVkppnjOyXueG6aavfPLvXJV3LyVMXmem5AgEAAgEA
AgEA
-----END RSA PRIVATE KEY-----
reports errors like below. Other sites may produce different errors
CONNECTED(00000005)
depth=0 CN = *.google.com
verify error:num=66:EE certificate key too weak
verify return:1
depth=2 C = US, O = Google Trust Services LLC, CN = GTS Root R1
verify return:1
depth=1 C = US, O = Google Trust Services LLC, CN = GTS CA 1C3
verify error:num=7:certificate signature failure
verify return:1
depth=1 C = US, O = Google Trust Services LLC, CN = GTS CA 1C3
verify return:1
depth=0 CN = *.google.com
verify error:num=7:certificate signature failure
verify return:1
depth=0 CN = *.google.com
verify return:1
1996328992:error:1012606B:elliptic curve routines:EC_POINT_set_affine_coordinate s:point is not on curve:../openssl-1.1.1t/crypto/ec/ec_lib.c:813:
1996328992:error:10098010:elliptic curve routines:o2i_ECPublicKey:EC lib:../open ssl-1.1.1t/crypto/ec/ec_asn1.c:1210:
1996328992:error:100D708E:elliptic curve routines:eckey_pub_decode:decode error: ../openssl-1.1.1t/crypto/ec/ec_ameth.c:174:
1996328992:error:0B09407D:x509 certificate routines:x509_pubkey_decode:public ke y decode error:../openssl-1.1.1t/crypto/x509/x_pubkey.c:125:
1996328992:error:1416F0EF:SSL routines:tls_process_server_certificate:unable to find public key parameters:../openssl-1.1.1t/ssl/statem/statem_clnt.c:1943:
---
Certificate chain
0 s:CN = *.google.com
i:C = US, O = Google Trust Services LLC, CN = GTS CA 1C3
1 s:C = US, O = Google Trust Services LLC, CN = GTS CA 1C3
i:C = US, O = Google Trust Services LLC, CN = GTS Root R1
2 s:C = US, O = Google Trust Services LLC, CN = GTS Root R1
i:C = BE, O = GlobalSign nv-sa, OU = Root CA, CN = GlobalSign Root CA
---
no peer certificate available
---
No client certificate CA names sent
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 6813 bytes and written 319 bytes
Verification error: certificate signature failure
---
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 7 (certificate signature failure)
---
Unloading cryptodev module fixes these issues.
Should it not work on iMX7 at all?
Hi @kef2
For issue 2, CAAM in i.MX only support affine coordinate not jacobian coordinate (one of projective coordinate) used in openssl. In general, EC key in certificate use Jacobian coordinate which points Add and multiplication is more efficient than affine coordinate. You should convert projective points of EC key in certificate to affine points firstly when use CAAM to accelerate elliptic curve cryptography .
For issue 1, cryptodev and CAAM is only used to accelerate calculating n, d, dp, dq, qp, not create PEM or DER format. But genrsa print private key with PEM format. So I will debug and find the root cause.
Thank you for reply.
Thanks for 1.
Regarding openssl s_client. If I, perhaps, can let openssl use SW mode cipher supplying openssl with some command line switches, I've no control for libssl, which some SW may use. Another problem is inability to login to target over openssh, unless cryptodev is unloaded. Enhanced caam shouldn't break anything, I think. If iMX7 is limited, then could be there some if/else's to support limited CAAM?
Thanks and regards
This patches is a reference for i.MX users how to use CAAM to offload CPU on public key cryptography operations. Users can modify other applications or libs in OpenSSL based on the patches to meet their needs.
OK, thanks. So enhancing cryptodev and OpenSSL in the title actually means lab setup to try some not easily accessible CAAM features at the cost of broken cryptodev+OpenSSL. Great idea as title says, unfortunately not very complete. Perhaps it is perfect on newer iMX8/9, no OpenSSL features broken?
Thank you for your time and regards
Hi @kef2
For issue 1, I updated cryptodev patch (meta-openssl-caam/recipes-openssl-caam/cryptodev/files/0001-Add-the-new-feature-to-support-asymmetric-cryptograp.patch) in gitee to fix it. The root cause is that cryptodev don't return the length of n,d, etc, after calculating RSA key.
For CAAM limitation, it needs many many efforts to modify and maintain openssl. There is a workaound here which you can decide to enable or disable CAAM to accelerate elliptic curve cryptography by checking customized environment value ( such as CAAM_ECC_ENABLE) used API getenv in function cryptodev_has_pkc().
BTW, i.MX8 has the same limitation in CAAM. i.MX9 don't have CAAM and may not support accelerating elliptic curve cryptography.
Well, patching OpenSSL leads to recompile of half of minimalistic Yocto OS.
Regarding efforts to make it ideal, why not just #ifdef incomplete features, or ones, which are i.MX variant specific, which needs additional efforts to test on all variants. Such less Enhanced but really working setup would be very helpful evaluating usefulness of CAAM assisted cryptography, I think.
Thanks, issue 1 seems working. Another issue with RSA:
# Create test data
echo "012345678797878787878 plain data" > ~/data
rmmod cryptodev
# generate key
openssl genrsa > ~/rkey
# extract public key
openssl rsa -in ~/rkey -pubout > ~/rkeypub
# encrypt using public key
openssl rsautl -encrypt -inkey ~/rkeypub -pubin -in ~/data > ~/rsaenc
modprobe cryptodev
openssl rsautl -decrypt -inkey ~/rkey -in ~/rsaenc
RSA operation error
1996242976:error:04065076:rsa routines:rsa_ossl_private_decrypt:unknown padding type:../openssl-1.1.1t/crypto/engine/eng_devcrypto.c:4749:
Thanks
Hi @kef2
i.MX variant specific look like the workaround mentioned by me before. I already use #ifdef to handle incomplete features, but unfortunately don't conver all of openssl. The other option is to create i.MX specific engine to handle CAAM assisted ECC. And user can load the engine library dynamically when need CAAM to save CPU resource. I will consider these potential solutions and find the best.
Hi @xiaodong_zhang!
I am working with an i.MX8 M Plus and the "Linux-5.15.71-2.2.0" branch of the repo.
My goal is to create an elliptic curve private key (SECP256R1) via CAAM that is stored within a black key and derive the corresponding public key from it. This key pair is then to be used in an ECDH scheme to derive a shared secret. The ECDH operation should also be executed within the CAAM module, making sure that the plain text private key never leaves the CAAM / "secure world".
Is it possible to achieve this with the present state of the layer or are there any fundamental things I missed?
What I achieved so far was to
openssl ecparam -engine devcrypto -name prime256v1 -out blackkey.pem
This is however where the problems begin.
Trying to create the public key with something like
openssl ec -in blackkey.pem -pubout > pub.pem
results in the following error:
read EC key
Could not read private key from blackkey.pem
20D06980FFFF0000:error:1608010C:STORE routines:ossl_store_handle_load_result:unsupported:../openssl-3.1.0.imx/crypto/store/store_result.c:151:
20D06980FFFF0000:error:1608010C:STORE routines:ossl_store_handle_load_result:unsupported:../openssl-3.1.0.imx/crypto/store/store_result.c:151:
unable to load Key
Other operations involving blackkey.pem and "openssl ec..." result in similar errors.
Do you have any idea what I might be doing wrong?
Or is the whole approach of using the layer for the stated task fundamentally wrong?
I'd be more than happy about any insights you might have.
Best regards and thanks a lot in advance!
Hi @cgk
For your issue, here is two points:
1, EC key created by CAAM is not black key only red key. You need to use CAAM to covert it to black. securekeystore_ioctl.c and sm_test.c in Linux kernel is good reference. In addition, keyctl-caam( sources/meta-imx/meta-bsp/recipes-security/smw/keyctl-caam_git.bb and https://github.com/nxp-imx/keyctl_caam/tree/lf-5.15.71-2.2.2 ) is tools in user space to generate a black key and encapsulate it into a black blob.
2, EC key created by CAAM is affine coordinate point not jacobian coordinate, so the other apps in openssl can't handle it. So need more effort to modify them to support affine coordinate for CAAM.
thanks a lot for the quick reply.
Regarding 1) I will look into it and see what we can do here. Do you think the OpenSSL operations provided by this layer would still be usable with an externally created black key? Or a black key created by conversion from a red key?
Regarding 2) If understand you correctly we can use this layer in the present state only for operations within CAAM on keys created by the CAAM. Is this correct?
OpenSSL seems to provide functions for converting affine to Jacobian coordinates and vice versa: https://www.openssl.org/docs/manmaster/man3/EC_POINT_set_affine_coordinates_GF2m.html
So there seems to be just a question of where to perform these conversions...
If you have any spontaneous thoughts about this I'd really appreciate your opionion.
Ideally there is a central place - maybe when loading the keys? - to perform the required conversions, so that there is no need to patch each and every operation...
Hi @cgk
1, CAAM's PKC don't use black key directly and need to recover to red key in advance. So I don't recommend openssl for black key. You can You can combine cryptodev and keyctl-caamto meet your requirements.
2, Not, EC key created by the other component of openssl also can be used for CAAM. Or EC key created by CAAM can be used for openssl. Those keys need to be covert to suitable coordinates. BTW, The curves also need per-processing.
I believe that no matter where the conversion is performed, it can't avoid making many changes to OpenSSL.
Dear @xiaodong_zhang,
again thank you for the prompt reply!
We will double check with our security concept regarding the use of black vs red keys and also see how we can fit the patches to meet our needs...
Hi @kef2
I update the openssl patch (https://gitee.com/zxd2021-imx/meta-openssl-caam/blob/Linux-4.14.98-2.3.3/recipes-openssl-caam/openss... to fix the issue of rsautl decrypt with CAAM enable.
Hi,
we use kernel 4.14 with following patches https://github.com/nxp-imx-support/imx_sec_apps/tree/master/caam-ecdsa-blackkey
This patch provides simple operations to generate/sign/verify with ECDSA black key
Does anybody know if similar patches is available for the kernel 5.15?
Hi @kukosa ,
I asked more or less the same thing in the community, seems that in recent BSPs the generate/sign/verify with ECDSA is done via PKCS#11 interface with optee backend, making the black keys not needed (private key will be stored in optee encrypted storage)
Hi @msalvinik
thanks for your response.