Platform: iMX8ULP
imx-smw: lf-6.6.52-2.2.0
imx-secure-enclave: lf-6.6.52-2.2.0
We are using the PSA crypto api exposed by the imx-smw library as crypto driver for mbedts. We generate a private key in HSM ELE. Our applications use the private key in mbedtls loading it as an opaque key. Multiple applications, running in different processes must be able to use the same key simultaneously. One example is a webserver that uses the HSM wrapped key as its private key.
As far as we know, two different processes can't use the same key using imx-smw library simultaneously, because each process needs to open the same (ele) keystore service to access keys and as stated in HSM doc it is not possible to open the same keystore simultaneously. The case of multiple processes using the same key simultaneously seems to be unsupported.
How can we overcome this issue ?
A possible solution is to create a daemon on top of the imx-smw library, creating in this way a single entry point for accessing keys. But maybe we are missing something and there is another way to deal with it.
