On 4/11/2018 8:26 PM, Fabio Estevam wrote: > Hi Horia, > > On Wed, Apr 11, 2018 at 7:15 AM, Horia Geantă <horia.geanta@xxxxxxx> wrote: > >> You'd want to make sure rsa is offloaded to caam in this case - check in >> /proc/crypto. >> IIRC there are some i.mx parts that don't have support for Public Key >> acceleration (PKHA). > > PKHA is present on mx6ul and not present on mx6q. > > mx6uq uses the generic rsa driver and handles the certificate correctly. > > mx6ul uses pkcs1pad(rsa-caam,sha256) and it fails to handle the certificate. > > So that explains the different behavior of mx6q versus mx6ul. > Thanks for confirming my guess. > Any ideas as to how to fix rsa-caam? > Yes, driver needs to strip off leading zeros from input data before feeding it to the accelerator. I am working at a fix. Horia