WolfSSL
/
wolfssl-examples
mirror of https://github.com/wolfSSL/wolfssl-examples.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Update README.md

pull/336/head
JacobBarthelmeh 2022-09-15 03:39:58 +07:00 committed by GitHub
parent e29a428936
commit 69d920cd10
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 52 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

52
caam/seco/README.md
View File

@ -15,3 +15,55 @@ This is an example configure for building wolfSSL
## Additional cryptodev-linux Examples
Examples for use in conjunction with SECO are in the cryptodev directory
## Arguments
The first argument to the examples can be a 0 or a 1. 1 is used for creating a new entry and 0 for opening an existing one.
The second argument is the KeyID.
The third argument is the Keystore ID.
The KeyID should be 0 if creating it for the first time.
An example of running aes-cbc would be:
```
#create new keystore and use arbitrary keystore ID of 9
/tmp/aes-cbc 1 0 9
[ 46.049273] SECO fp open
[ 46.055038] SECO setup memory access addr 960A0000 len 66560
[ 46.061494] SECO memreg permissions set
[ 46.066412] SECO fp open
[ 46.070173] SECO setup memory access addr 960C0000 len 66560
[ 46.076634] SECO memreg permissions set
Key ID: 581588797
in = 0xffffe9138750
out = 0xffffe91386b8
cipherTxt = 0xffffe[ 46.108136] seco_mu seco_mu2: seco_mu2_ch1: Interrupted by signal
91386d8
Encrypting : 74657374206D65737361676520746F20
Cipher text: E7241091DEF6ACFEE558AA23318BCE75
Decrypted : 74657374206D65737361676520746F20
```
Then to reopen and run using the previously created key
```
#reading key ID from the previous run, re-run the example, this time opening the existing keystore
root@imx8qxpc0mek:~# /tmp/aes-cbc 0 581588797 9
[ 80.480629] SECO fp open
[ 80.484912] SECO setup memory access addr 960A0000 len 66560
[ 80.491351] SECO memreg permissions set
[ 80.498053] SECO fp open
[ 80.501851] SECO setup memory access addr 960C0000 len 66560
[ 80.508357] SECO memreg permissions set
Key ID: 581588797[ 80.516419] seco_mu seco_mu2: seco_mu2_ch1: Interrupted by signal
in = 0xffffc8928500
out = 0xffffc8928468
cipherTxt = 0xffffc8928488
Encrypting : 74657374206D65737361676520746F20
Cipher text: E7241091DEF6ACFEE558AA23318BCE75
Decrypted : 74657374206D65737361676520746F20
```
This will create the keystores at /etc/seco_hsm . So far none of he keystores that wolfSSL creates are PERMENANT type ones, just either persistent or ephemeral. So to reset the keystore root can do "rm -rf /etc/seco_hsm" (as suggested by one of NXP's manuals on it) and reset the device.