FAQs
English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

Encrypted storage with TrustZone

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED
Jump to solution

Encrypted storage with TrustZone

Jump to solution
‎08-22-2022 01:40 AM
1,037 Views
brucezhao
Contributor I

Hi, 

    AN12714 (i.MX Encrypted Storage Using CAAM Secure Keys) document describes Encrypted storage with CAAM.

    My question is that if I want to use CSU(Central Security Unit) to limit only OP-TEE can access CAAM, then CAAM can not be accessed by Normal world directly. I mean how to implement encrypted storage with OP-TEE, which uses OTPMK as root key by CAAM. 

    Thanks. 

0 Kudos
Reply
1 Solution

Jump to solution
‎08-25-2022 03:03 AM
1,024 Views
Harvey021
NXP TechSupport
NXP TechSupport

Hi @brucezhao 

OP-TEE itself is secure world, which should be able to access CAAM. AN12714 here mainly uses the kernel module DM-Crypt, which uses CAAM's secure key to implement disk encryption, and does not implement the requirements you mentioned.

Best regards

Harvey

Harvey

 

View solution in original post

0 Kudos
Reply
2 Replies

Jump to solution
‎08-30-2022 12:58 AM
1,009 Views
brucezhao
Contributor I

Hi Harvey, I got it. Thank you for your reply. 

0 Kudos
Reply

Jump to solution
‎08-25-2022 03:03 AM
1,025 Views
Harvey021
NXP TechSupport
NXP TechSupport

Hi @brucezhao 

OP-TEE itself is secure world, which should be able to access CAAM. AN12714 here mainly uses the kernel module DM-Crypt, which uses CAAM's secure key to implement disk encryption, and does not implement the requirements you mentioned.

Best regards

Harvey

Harvey

 

0 Kudos
Reply