Accessing RPMB key in Android 9 and Android 12

取消
显示结果 
显示  仅  | 搜索替代 
您的意思是: 

Accessing RPMB key in Android 9 and Android 12

1,172 次查看
herman_lin
Contributor II

Hi NXP,

Based on the information I have, Widevine DRM is based on different TEEs depending on the Android version in NXP i.MX8MQ solution: Android 9 uses OPTEE, while Android 12 uses Trusty.

In our tests, we found that an RPMB key written under the "Android 9 + OPTEE" architecture fails verification when used under the "Android 12 + Trusty" architecture. After tracing the relevant code, it appears that OPTEE and Trusty use different algorithms to generate the RPMB key.

We would like to know whether Widevine DRM feature can work well while upgrading from "Android 9 + OPTEE" to "Android 12 + Trusty"?
If the differences between OPTEE and Trusty are causing Widevine DRM to malfunction after the upgrade to Android 12, is there a patch from NXP that supports Android 12 with OPTEE?

Thanks!

标签 (1)
0 项奖励
回复
2 回复数

1,123 次查看
Bio_TICFSL
NXP TechSupport
NXP TechSupport

Hello,

You have to change all "setUserAuthenticationRequired(true)" by "setUserAuthenticationRequired(false)" 

 

Regards

0 项奖励
回复

1,091 次查看
herman_lin
Contributor II

Hi BIO,

Let's first clarify one thing: Is it possible to use Widevine DRM with an Android 12 + Trusty environment, even if the RPMB key was originally written in an Android 9 + OP-TEE environment?

Thanks!

0 项奖励
回复