Hi everyone!
I started working with RW612 and I think I read all documentation related to RW612 (User manual, User guides, Application Notes, Videos, etc...). There is at least one area that it is very hard for me to understand, could You explain to me how it works?
When I want to securely provision device, I can use MCUXpresso Provisioning Tool or nxpdevhsm from SPSDK tools to generate secure software package (SB packages). To generate secure image I have to use one, random board with RW612 (i.e. frdm_rw612). That secure image is authenticated (signed with private key bonded with RoT keys hash burned in OTP memory) and encrypted (it is done using CUST_MK_SK fuses). All of this infos are mentioned here https://www.nxp.com/company/about-nxp/smarter-world-videos/IMP-DEV-HSM-VID and here https://www.youtube.com/watch?v=UrUsczq19Iw .
That secure software then can be send to my manufacturer who flashes devices. Then I can securely provision ANY of my custom RW612 boards. Tbh, I don't understand how it is handled, that using just one eval board, I can then provision any RW612 and there is no vector for man-in-the-middle attack.
Every RW612 has its own PUF, all its keys are uniqually wrapped depending on PUF and its CKDF, but still I am able to securerly pass OEM keys to device and manufacturer can't modify it. What is common ingredient X for every RW612 that I can provision any board using just one software package?
Is NXP loading symmetric key during NXP provisioning process that allows to decode my secure software package? If yes, what will happen if that key will be breached? If there is any option to flash my 'generic' devices using my own, custom solution or I have to rely on NXP solution?
