[i.MX6ULL] Key path control fuse

取消
显示结果 
显示  仅  | 搜索替代 
您的意思是: 

[i.MX6ULL] Key path control fuse

1,528 次查看
ceggers
Contributor V

IMX6ULLSRM.pdf, page 162, section 5.3.2.2 "AES OTP Key"

Depending on the key path control fuse, the DCP receives the CRYTPO KEY either directly or indirectly through the SNVS trust controller module. The CRYPTO KEY in fuses is actually 256-bit and a mux is used to select the high or low 128 bits of the key. 

I couldn't find the "key path control fuse". Where is it located and which paths are set for the values 0 (intact) and 1 (blown)? How do I select the low or high 128 bits of the key?

标签 (1)
标记 (4)
7 回复数

1,392 次查看
ceggers
Contributor V

Looks somebody else had the same question(s) as me:

https://community.nxp.com/thread/325009 

I hope it's ok to post what I already got without coming into conflict with NXPs "security by obscurity" concept:

  • The KEY PATH on i.MX6ULL is set to SNVS at production time by a fuse whose location is not documented publically.
    • This is not reversible by the customer, so the CRYPTO KEY is always provided via the SNVS.

1,392 次查看
Yuri
NXP Employee
NXP Employee

Hello,

 

  It is confirmed, that the same "OTP_KEY_TO_DCP_DISABLE"  fuse, as described in 

the i.MX 6SL RM exists  in i.MX 6ULL.

   Documentation team is informed, that corresponding information should be added to

i.MX 6ULL RM.

 

Regards,

Yuri.

0 项奖励
回复

1,392 次查看
ceggers
Contributor V

Hi Yuri,

I found the "OTP_KEY_TO_DCP_DISABLE" in the IMX6SLSRM. Can you please provide further information:

  1. Where is this fuse located on the i.MX6ULL?
  2. Which key path (OTP controller / SNVS) do I get when the fuse is intact or blown?

regards

Christian

0 项奖励
回复

1,392 次查看
Yuri
NXP Employee
NXP Employee

Hello,

  I've sent You information directly.

Regards,

Yuri.

0 项奖励
回复

1,273 次查看
mike15
Contributor I

Hello Yuri,

It is now the end of 2020 and I have searched everywhere for the fuse location of "OTP_KEY_TO_DCP_DISABLE" (bank / word or hex location).  The [S]RMs for i.MX6SL, i.MX6ULL and i.MX6ULZ do not contain the location.

If possible, please reply privately with this information.

Also: consider raising a request to update the SRMs to avoid this in the future.

Mike

0 项奖励
回复

1,392 次查看
ceggers1
Contributor IV

Hi Yuri,

thank you for working on this. Unfortunately I couldn't find "OTP_KEY_TO_DCP_DISABLE" in IMX6SLRM.pdf. Can you please provide the chapter/page number?

regards

Christian

0 项奖励
回复

1,392 次查看
Yuri
NXP Employee
NXP Employee

Hello,

  I meant the Security Reference Manual. Sorry.

https://www.nxp.com/webapp/Download?colCode=IMX6SLSRM&appType=moderatedWithoutFAE 

Regards,

Yuri.

0 项奖励
回复