OpenSSL, using CAAM, signature verification fail

noammoshe · ‎08-24-2017

When using the CAAM (Cryptographic Accelerator and Assurance Module) module in IMX6 via OpenSSL I'm getting a 'Segmentation fault' due to 'Cannot allocate memory'. strace:

I'm trying to verify a signature of a large file (~700MB).

OpenSSL default engine ('Dynamic engine loading support'), software implementation, is working fine. When using '(cryptodev) BSD cryptodev engine' engine (with CAAM) the file verification fail.

Is anyone can assist? is it a known issue of CAAM?

Info about the connection of CAAM to OpenSSL:

https://www.digi.com/resources/documentation/digidocs/90001546/reference/android/r_caam_android.htm
http://trac.gateworks.com/wiki/ventana/encryption

Yuri · ‎08-24-2017

Hello,

Please check memory (over night mode), using the Stress test :

i.MX6/7 DDR Stress Test Tool V2.70

Try the recent NXP BSPs. Please look at section 9 (Security) of "i.MX_Linux_User's_Guide.pdf"

http://www.nxp.com/webapp/Download?colCode=L4.1.15_1.0.0_LINUX_DOCS&Parent_nodeId=133769948107170617...

i.MX 6 / i.MX 7 Series Software and Development Tool|NXP

Have a great day,
Yuri

-----------------------------------------------------------------------------------------------------------------------
Note: If this post answers your question, please click the Correct Answer button. Thank you!
-----------------------------------------------------------------------------------------------------------------------

OpenSSL, using CAAM, signature verification fail

OpenSSL, using CAAM, signature verification fail

i.MX6DL

i.MX6Dual

i.MX6DualPlus6QuadPlus

i.MX6Quad

i.MX6S

i.MX6SL

i.MX6SoloX

i.MX6UL

i.MX7Dual

i.MX7Solo

Linux

Multimedia

Suspected Software Defect

Yocto Project