Does Openssl API with help of cyrptodev interface using CAAM uses Hardware key for encryption/decryption?

swapnilpendhare · ‎11-02-2015

In Linux kernel CAAM can be accessed with the help of /dev/cyrpto interface to encrypt/decrypt data. as mentioned in document i.MX Linux User's Guide (IMXLUG) document section 9. Security.

using following API,

echo "OpenSSL" | openssl enc -aes-256-cbc -engine cryptodev > openssl1.dat

openssl enc -aes-256-cbc -d -in openssal.dat

Does this encryption decryption mechanism involves hardware keys like OTPMK or software keys like ZMK?

if yes, how can we verify it?

if no, Is there any way to use these key (directly /indirectly ) for user level encryption.

Thanks in advance;

Swapnil

IMXLUG

jamesbone · ‎11-04-2015

Hello Swapnil,

Please review the following link:

iMX6 (CAAM, TrustZone) Hardware Security Blocks Use.

Have a great day,
Jaime

-----------------------------------------------------------------------------------------------------------------------
Note: If this post answers your question, please click the Correct Answer button. Thank you!
-----------------------------------------------------------------------------------------------------------------------

Does Openssl API with help of cyrptodev interface using CAAM uses Hardware key for encryption/decryption?

Does Openssl API with help of cyrptodev interface using CAAM uses Hardware key for encryption/decryption?

i.MX6_All

Linux