ヘルプ
英语(美国) | English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

encrypt & crypto , caam

キャンセル
提案をオンにする
自動提案では、入力時に可能な一致が提案されるので検索結果を素早く絞り込むことができます。
次の結果を表示 
表示  限定  | 次の代わりに検索 
もしかして: 
解決済み
ソリューションへジャンプ

encrypt & crypto , caam

ソリューションへジャンプ
‎10-17-2016 10:42 PM
2,676件の閲覧回数
rans
Senior Contributor I

Hello,

I am a new on the subject of caam with imx6.

I saw some questions on this subject, so please excuse me if I might repeat a question which was asked (though I could not find the answer yet).

We are dealing with a new project, so we shall use the latest BSP.

1. Encapsulate message from ethernet port #1,  Encrypt (AES256\128) data, and send through ethernet port #2

2. Decapsulate message from ethernet port #2 Dencrypt data, and send through ethernet port #1

Thank you for any suggestions and link to documentation !

Ran

ラベル(1)
ラベル
返信
1 解決策

ソリューションへジャンプ
‎10-19-2016 07:40 PM
2,169件の閲覧回数
Yuri
NXP Employee
NXP Employee

Hello,

  Yes, You may use the cryptodev.

Supported options, that should be registered in kernel, are described in

mentioned above Chapter 50  of “i.MX_Linux_Reference_Manual.pdf” 

Regards,

Yuri.

元の投稿で解決策を見る

返信
5 返答(返信)

ソリューションへジャンプ
‎10-17-2016 10:57 PM
2,169件の閲覧回数
Yuri
NXP Employee
NXP Employee

Hello,

 

  When using Linux L4.1.15 : the CAAM drivers are accelerated through the CryptoDev interface. Please refer to Chapter 50 [CAAM (Cryptographic Acceleration and Assurance Module)] of “i.MX_Linux_Reference_Manual.pdf” describes CAAM driver options. Section 9 (Security) of “i.MX_Linux_User's_Guide.pdf” shows how to test CAAM driver with openssl.

 

 

Have a great day,

Yuri

 

------------------------------------------------------------------------------

Note: If this post answers your question, please click the Correct

Answer button. Thank you!

------------------------------------------------------------------------------

返信

ソリューションへジャンプ
‎10-18-2016 10:45 PM
2,169件の閲覧回数
rans
Senior Contributor I

Hi Yuri,

I think that for packet encrypt/decrypt, I better use cryptodev instead of openssl APIs, Right ?

Does cryptodev should be used with "AF_ALG" APIs or "/dev/crypto" APIs ?

I also see that there are many oprtions in cryptodev , see

gocryptodev - GoDoc 

Does CAAM support all of them ?

I wonder what is aes 128/256 among these many options.

Regards,

Ran

0 件の賞賛
返信

ソリューションへジャンプ
‎10-19-2016 07:40 PM
2,170件の閲覧回数
Yuri
NXP Employee
NXP Employee

Hello,

  Yes, You may use the cryptodev.

Supported options, that should be registered in kernel, are described in

mentioned above Chapter 50  of “i.MX_Linux_Reference_Manual.pdf” 

Regards,

Yuri.

返信

ソリューションへジャンプ
‎10-18-2016 05:31 AM
2,169件の閲覧回数
rans
Senior Contributor I

Hi,

Thank you for the responses!

Now If I basicly just need to encrypt/decrypt specific messages with AES256:

Should I catch messages and use direct call to CAAM according to CAAM driver APIs (such solution must involve a kernel module solution I suppose), or should I use openssl to encrypt/decrypt as done in the following example:

http://web.mit.edu/sit/Sipb/iadev/doc/SSLeay/ssl-client.c 

Thank you for the suggestions,

Ran

0 件の賞賛
返信

ソリューションへジャンプ
‎10-17-2016 10:53 PM
2,169件の閲覧回数
BiyongSUN
NXP Employee
NXP Employee

please check the reply in

https://community.nxp.com/thread/436552

0 件の賞賛
返信