IMX6ULLSRM.pdf, page 162, section 5.3.2.2 "AES OTP Key"
Depending on the key path control fuse, the DCP receives the CRYTPO KEY either directly or indirectly through the SNVS trust controller module. The CRYPTO KEY in fuses is actually 256-bit and a mux is used to select the high or low 128 bits of the key.
I couldn't find the "key path control fuse". Where is it located and which paths are set for the values 0 (intact) and 1 (blown)? How do I select the low or high 128 bits of the key?
Looks somebody else had the same question(s) as me:
https://community.nxp.com/thread/325009
I hope it's ok to post what I already got without coming into conflict with NXPs "security by obscurity" concept:
Hello,
It is confirmed, that the same "OTP_KEY_TO_DCP_DISABLE" fuse, as described in
the i.MX 6SL RM exists in i.MX 6ULL.
Documentation team is informed, that corresponding information should be added to
i.MX 6ULL RM.
Regards,
Yuri.
Hi Yuri,
I found the "OTP_KEY_TO_DCP_DISABLE" in the IMX6SLSRM. Can you please provide further information:
regards
Christian
Hello Yuri,
It is now the end of 2020 and I have searched everywhere for the fuse location of "OTP_KEY_TO_DCP_DISABLE" (bank / word or hex location). The [S]RMs for i.MX6SL, i.MX6ULL and i.MX6ULZ do not contain the location.
If possible, please reply privately with this information.
Also: consider raising a request to update the SRMs to avoid this in the future.
Mike