FAQs
English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

i.MX Need a way to protect SSL certificate private key

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

i.MX Need a way to protect SSL certificate private key

‎03-02-2016 05:34 PM
764 Views
ramansubramania
Contributor I

Reviewed the i.MX6 Solo X security document that describes how to use Crypto HW to securely store information
into non-volatile memory (“Security Reference Manual for i.MX 6Dual, 6Quad, 6Solo, and 6DualLite Families of Applications Processors” (Doc #: IMX6DQ6SDLSRM, Rev. 0, 03/2013)). 

Customer wants to make sure the infrastructure is in place to use the Crypto HW along with some examples of how
to use it.  NXP BSP has a driver that seems to provide at least a driver level abstraction of the Crypto HW. 

Customer wants to know if that is tested? 

Customer wants the additional software that is needed that ties this driver to the user space. 

The Linux Crypto API and infrastructure typically uses sockets with address families such as AF_ALG,
AF_KEY, etc. that allows the user to establish a socket interface into the
kernel and to the Crypto HW.  Customer doesn’t want to re-invent the wheel
and thinks that this might already have been done before.  Customer needs
the code that extends the Linux Crypto API  and infrastructure and
provides this functionality to user space.  Here are some of the use
cases:

  1. Customer wants to
    create an encryption blob.  They are seeking the code that provides this
    capability to user space along with examples of how to use it.  One use
    case would be storing the password that encrypts the private key file used by
    OpenSSL.
  2. Customer wants to
    use eCryptFS which seems like it should use the Crypto drivers for the i.MX6
    Solo X but it doesn’t seem to be using them.  They are seeking the code
    that provides this ability along with examples of how to use it. 
Labels (1)
Labels
0 Kudos
Reply
1 Reply

‎03-02-2016 11:02 PM
515 Views
Yuri
NXP Employee
NXP Employee

Hello,

  Sorry, but the information you are requesting is treated as confidential info at this time  Naturally,

we cannot discuss this with you in public anyway, this requires to be handled as a Service Request

(SR, case).

1)    Please open www.nxp.com

2)    On the top level menu, select Support > Sales and Support (http://www.nxp.com/support/sales-and-support:SUPPORTHOME).

3)    On the bottom of the page, select Hardware & Software.

4)    Register with your business email to access the technical NXP online support.

5)    A verification email will be sent to your account. Click the embedded link to verify your access.

6)    On the NXP online support page, select Contact Support from the top menu and click “submit a new case” to start the process.

Have a great day,
Yuri

-------------------------------------------------------------------------------
Note: If this post answers your question, please click the Correct Answer button. Thank you!
-------------------------------------------------------------------------------

0 Kudos
Reply