You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: caam/seco/README.md
+52Lines changed: 52 additions & 0 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -15,3 +15,55 @@ This is an example configure for building wolfSSL
15
15
16
16
## Additional cryptodev-linux Examples
17
17
Examples for use in conjunction with SECO are in the cryptodev directory
18
+
19
+
## Arguments
20
+
The first argument to the examples can be a 0 or a 1. 1 is used for creating a new entry and 0 for opening an existing one.
21
+
The second argument is the KeyID.
22
+
The third argument is the Keystore ID.
23
+
24
+
The KeyID should be 0 if creating it for the first time.
25
+
26
+
An example of running aes-cbc would be:
27
+
28
+
```
29
+
#create new keystore and use arbitrary keystore ID of 9
30
+
/tmp/aes-cbc 1 0 9
31
+
[ 46.049273] SECO fp open
32
+
[ 46.055038] SECO setup memory access addr 960A0000 len 66560
33
+
[ 46.061494] SECO memreg permissions set
34
+
[ 46.066412] SECO fp open
35
+
[ 46.070173] SECO setup memory access addr 960C0000 len 66560
36
+
[ 46.076634] SECO memreg permissions set
37
+
Key ID: 581588797
38
+
in = 0xffffe9138750
39
+
out = 0xffffe91386b8
40
+
cipherTxt = 0xffffe[ 46.108136] seco_mu seco_mu2: seco_mu2_ch1: Interrupted by signal
41
+
91386d8
42
+
Encrypting : 74657374206D65737361676520746F20
43
+
Cipher text: E7241091DEF6ACFEE558AA23318BCE75
44
+
Decrypted : 74657374206D65737361676520746F20
45
+
```
46
+
47
+
48
+
Then to reopen and run using the previously created key
49
+
50
+
```
51
+
#reading key ID from the previous run, re-run the example, this time opening the existing keystore
52
+
root@imx8qxpc0mek:~# /tmp/aes-cbc 0 581588797 9
53
+
[ 80.480629] SECO fp open
54
+
[ 80.484912] SECO setup memory access addr 960A0000 len 66560
55
+
[ 80.491351] SECO memreg permissions set
56
+
[ 80.498053] SECO fp open
57
+
[ 80.501851] SECO setup memory access addr 960C0000 len 66560
58
+
[ 80.508357] SECO memreg permissions set
59
+
Key ID: 581588797[ 80.516419] seco_mu seco_mu2: seco_mu2_ch1: Interrupted by signal
60
+
61
+
in = 0xffffc8928500
62
+
out = 0xffffc8928468
63
+
cipherTxt = 0xffffc8928488
64
+
Encrypting : 74657374206D65737361676520746F20
65
+
Cipher text: E7241091DEF6ACFEE558AA23318BCE75
66
+
Decrypted : 74657374206D65737361676520746F20
67
+
```
68
+
69
+
This will create the keystores at /etc/seco_hsm . So far none of he keystores that wolfSSL creates are PERMENANT type ones, just either persistent or ephemeral. So to reset the keystore root can do "rm -rf /etc/seco_hsm" (as suggested by one of NXP's manuals on it) and reset the device.
0 commit comments