帮助
英语(美国) | English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

encrypt & crypto , caam

取消
开启建议
自动建议可通过在您键入时建议可能的匹配,而快速缩小您的搜索结果范围。
显示结果 
显示  仅  | 搜索替代 
您的意思是: 
已解决
跳至解决方案

encrypt & crypto , caam

跳至解决方案
‎10-17-2016 10:42 PM
2,674 次查看
rans
Senior Contributor I

Hello,

I am a new on the subject of caam with imx6.

I saw some questions on this subject, so please excuse me if I might repeat a question which was asked (though I could not find the answer yet).

We are dealing with a new project, so we shall use the latest BSP.

1. Encapsulate message from ethernet port #1,  Encrypt (AES256\128) data, and send through ethernet port #2

2. Decapsulate message from ethernet port #2 Dencrypt data, and send through ethernet port #1

Thank you for any suggestions and link to documentation !

Ran

标签 (1)
标签
回复
1 解答

跳至解决方案
‎10-19-2016 07:40 PM
2,167 次查看
Yuri
NXP Employee
NXP Employee

Hello,

  Yes, You may use the cryptodev.

Supported options, that should be registered in kernel, are described in

mentioned above Chapter 50  of “i.MX_Linux_Reference_Manual.pdf” 

Regards,

Yuri.

在原帖中查看解决方案

回复
5 回复数

跳至解决方案
‎10-17-2016 10:57 PM
2,167 次查看
Yuri
NXP Employee
NXP Employee

Hello,

 

  When using Linux L4.1.15 : the CAAM drivers are accelerated through the CryptoDev interface. Please refer to Chapter 50 [CAAM (Cryptographic Acceleration and Assurance Module)] of “i.MX_Linux_Reference_Manual.pdf” describes CAAM driver options. Section 9 (Security) of “i.MX_Linux_User's_Guide.pdf” shows how to test CAAM driver with openssl.

 

 

Have a great day,

Yuri

 

------------------------------------------------------------------------------

Note: If this post answers your question, please click the Correct

Answer button. Thank you!

------------------------------------------------------------------------------

回复

跳至解决方案
‎10-18-2016 10:45 PM
2,167 次查看
rans
Senior Contributor I

Hi Yuri,

I think that for packet encrypt/decrypt, I better use cryptodev instead of openssl APIs, Right ?

Does cryptodev should be used with "AF_ALG" APIs or "/dev/crypto" APIs ?

I also see that there are many oprtions in cryptodev , see

gocryptodev - GoDoc 

Does CAAM support all of them ?

I wonder what is aes 128/256 among these many options.

Regards,

Ran

0 项奖励
回复

跳至解决方案
‎10-19-2016 07:40 PM
2,168 次查看
Yuri
NXP Employee
NXP Employee

Hello,

  Yes, You may use the cryptodev.

Supported options, that should be registered in kernel, are described in

mentioned above Chapter 50  of “i.MX_Linux_Reference_Manual.pdf” 

Regards,

Yuri.

回复

跳至解决方案
‎10-18-2016 05:31 AM
2,167 次查看
rans
Senior Contributor I

Hi,

Thank you for the responses!

Now If I basicly just need to encrypt/decrypt specific messages with AES256:

Should I catch messages and use direct call to CAAM according to CAAM driver APIs (such solution must involve a kernel module solution I suppose), or should I use openssl to encrypt/decrypt as done in the following example:

http://web.mit.edu/sit/Sipb/iadev/doc/SSLeay/ssl-client.c 

Thank you for the suggestions,

Ran

0 项奖励
回复

跳至解决方案
‎10-17-2016 10:53 PM
2,167 次查看
BiyongSUN
NXP Employee
NXP Employee

please check the reply in

https://community.nxp.com/thread/436552

0 项奖励
回复