FAQs
English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

Using secure memory in crypto APIs

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Using secure memory in crypto APIs

‎12-01-2016 07:45 AM
584 Views
ethanyang
Contributor II

Hi,

In the CAAM sample code, it uses buffer allocated with kzalloc() when doing crypto calculation:

input = kzalloc(block_size, GFP_KERNEL | GFP_DMA);
 memcpy(input, text, block_size);
 sg_init_one(sg, input, block_size);
iv_len = crypto_ablkcipher_ivsize(tfm);
 if (iv_len)
 memset(&iv, 0xff, iv_len);
ablkcipher_request_set_crypt(req, sg, sg, block_size, iv);

Is is possible to use the memory from keystore to do the ciphering?

Something like:

  1. addr_dst = kspriv->slot_get_address(ksdev, unit, slot_dst);  
  2. sm_keystore_slot_alloc(ksdev, unit, size, &slot_dst);  

We need this when we're doing the key variant calculation.

We want the calculated result is located in the secure memory as it will be used as a cipher key.

 

Regards,

Ethan

Labels (3)
Labels
Tags (2)
0 Kudos
Reply
1 Reply

‎12-01-2016 11:31 PM
406 Views
Yuri
NXP Employee
NXP Employee

Hello,

 

 “CAAM implements operations that convert between blob encapsulation
and black-key encapsulation without exposing the key in plaintext.”

   But we do not have such example for publishing, sorry.

You may apply to Professional Services:

NXP Professional Services|NXP 

Have a great day,

Yuri

-----------------------------------------------------------------------------------------------------------------------
Note: If this post answers your question, please click the Correct Answer button. Thank you!
-----------------------------------------------------------------------------------------------------------------------

0 Kudos
Reply