Hello,
In the LSDK User Guide mentions that the SoCs can internally store keys using an HSM. "NXP SoCs such as LS1046A can store keys securely using built-in SoC capabilities - virtual HSM. With such devices, sensitive private keys never leave the device and cryptographic operations are performed on this virtual HSM"(LSDKUG-Rev21.08, CH 6.5.1).
I could not find a reference to whether it is stored using secure non-volatile storage (SNVS), or if it is stored in volatile memory requiring a battery connected such as the with the "Battery Backed Security Monitor supply". Does the SoC need to keep some voltage after powering off to keep the keys stored securely?
And just to confirm, this feature applies to all arm trusted firmware(TFA) enabled CPUs?
