I'm checking the usage of Platform SCP inside Plug and trust middleware.

About the SCP keys in MCU/MPU side, as far as I checked the document, my understanding is we have following 3 options.

- hard-coded in the source code

- placed in linux file system

- Secured using PUF(LPC55S) 

And I wonder if we also have any example using edgelock secure enclave in MCXN/RW/i.MX9 etc.

Do we have such plan?

@michaelsalfer Thank you for your comment, I understand current situation.

>Is there a specific customer project requesting this?

No specific customer for now, I will contact you if any customer really require it.

Hello Shinji,

these options you wrote are correct. There is currently not yet a plan to explicitly implement a secure enclave interface for PlatformSCP keys, although the wish exists.

In general the PlatformSCP crypto is abstracted by Plug & Trust using the host cryptography implementation which can make use of Mbed TLS or OpenSSL. So if secure enclave provides e.g. a OpenSSL provider with offloading to secure enclave via a mechanism like reference keys this could be directly used by Plug & Trust. Similar for Mbed TLS. For neither option a full analysis was made so far what exactly needs to be configured. 

Still I expect mid term we can get such examples, may be for the release of MW in the coming year. Is there a specific customer project requesting this?

Thank You,
Michael