- Forums
- Product Forums
- General Purpose MicrocontrollersGeneral Purpose Microcontrollers
- i.MX Forumsi.MX Forums
- QorIQ Processing PlatformsQorIQ Processing Platforms
- Identification and SecurityIdentification and Security
- Power ManagementPower Management
- Wireless ConnectivityWireless Connectivity
- RFID / NFCRFID / NFC
- Advanced AnalogAdvanced Analog
- MCX Microcontrollers
- S32G
- S32K
- S32V
- MPC5xxx
- Other NXP Products
- S12 / MagniV Microcontrollers
- Powertrain and Electrification Analog Drivers
- Sensors
- Vybrid Processors
- Digital Signal Controllers
- 8-bit Microcontrollers
- ColdFire/68K Microcontrollers and Processors
- PowerQUICC Processors
- OSBDM and TBDML
- S32M
- S32Z/E
-
- Solution Forums
- Software Forums
- MCUXpresso Software and ToolsMCUXpresso Software and Tools
- CodeWarriorCodeWarrior
- MQX Software SolutionsMQX Software Solutions
- Model-Based Design Toolbox (MBDT)Model-Based Design Toolbox (MBDT)
- FreeMASTER
- eIQ Machine Learning Software
- Embedded Software and Tools Clinic
- S32 SDK
- S32 Design Studio
- GUI Guider
- Zephyr Project
- Voice Technology
- Application Software Packs
- Secure Provisioning SDK (SPSDK)
- Processor Expert Software
- Generative AI & LLMs
-
- Topics
- Mobile Robotics - Drones and RoversMobile Robotics - Drones and Rovers
- NXP Training ContentNXP Training Content
- University ProgramsUniversity Programs
- Rapid IoT
- NXP Designs
- SafeAssure-Community
- OSS Security & Maintenance
- Using Our Community
-
- Cloud Lab Forums
-
- Knowledge Bases
- ARM Microcontrollers
- i.MX Processors
- Identification and Security
- Model-Based Design Toolbox (MBDT)
- QorIQ Processing Platforms
- S32 Automotive Processing Platform
- Wireless Connectivity
- CodeWarrior
- MCUXpresso Suite of Software and Tools
- MQX Software Solutions
- RFID / NFC
- Advanced Analog
-
- NXP Tech Blogs
- Home
- :
- i.MX Forums
- :
- i.MX Processors
- :
- crypto af_alg blackkey demo can hardware decrypt data, how to encrypt?
crypto af_alg blackkey demo can hardware decrypt data, how to encrypt?
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
How can we encrypt data/file using a black key instead of using openssl like in the demo?
Does not seem to be an example for encryption, only decryption (caam-decrypt )...
Is there a "caam-encrypt" demo?
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The answer is to use libkcapi for encryption/decryption.
https://github.com/smuellerDD/libkcapi
Otherwise you are going to have roll your own bucket brigade to encrypt a file. It works great and can use the CAAM hardware enc/dec.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The answer is to use libkcapi for encryption/decryption.
https://github.com/smuellerDD/libkcapi
Otherwise you are going to have roll your own bucket brigade to encrypt a file. It works great and can use the CAAM hardware enc/dec.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I'm sorry, I have no idea what you are referring to
Harvey021
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @flobro
Here is the link providing demo for you reference. README.txt\demo-caam-blobs - imx_sec_apps - i.MX Security Application Examples (codeaurora.org)
Best regards
Harvey
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I might also add there is a problem with the patched code when trying to "decap" a red key...
You get a "caam_jr 30902000.jr: Decapsulation job failed" message and the returned value is the same as the encapped value.
There are other messages in the forum about this, just search for "Decapsulation job failed" and you will see them. They have gone unanswered.
I do not see why NXP did not preserve the wrap/unwrap feature that is in the IMX6 kernel drivers, and also have a driver that fails. Code compatibility should be paramount and lead to people using the newer products when you do not have to re-engineer a bunch of code.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
caam-blobs is completely different than af_alg blackkey demo. al_alg is linux Crypto API for userspace that uses caam-decrypt where caam-blobs is a patch tp applt to the kernel which appears to have some issues (I think it was for an older kernel version). It patches, but you get messages about some failures.
Meanwhile I found out how to encrypt by modifying the sample in https://lwn.net/Articles/410833/. Also look at libkcapi for a wrapper around the Crypto API (see kcapi-enc utility)
