FAQs
English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

i.MX93: Encrypted Data Storage API Test Error

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

i.MX93: Encrypted Data Storage API Test Error

‎02-23-2026 08:27 PM
937 Views
petertseng
Contributor IV

Hi Team,

I performed ELE-HSM Tests according to the method provided in the README file at https://github.com/nxp-imx/imx-secure-enclave/blob/lf-6.12.49_2.2.0/

The following error was encountered.

---------------------------------------------------
Encrypted Data Storage API Test
---------------------------------------------------
Data [Encrypted + Signed] stored. SUCCESS

Data [Encrypted + Signed] retrieved. SUCCESS

Signature Verified. SUCCESS.

Decrypted data matches stored Plain data. SUCCESS


SAB Error: SAB CMD [0xa2] Resp [0x329] - Provided key-id, Unknown to key store..

hsm_data_ops [RETRIEVE Again] err: 0x3. SUCCESS
Retrieved Again: Data Empty. SUCCESS
---------------------------------------------------

 

Why is the ELE-HSM test reporting an error?

Do I need to store the key in OTP first?

 

Attach the logfile

 

Thanks,

Peter

Tags (2)
ele_hsm_test.log
0 Kudos
Reply
4 Replies

‎03-01-2026 07:21 PM
860 Views
Zhiming_Liu
NXP TechSupport
NXP TechSupport

Hi @petertseng 

This is a phenomenon consistent with the test expectations; there is no need to store the key in the OTP.

Best Regards,
Zhiming

0 Kudos
Reply

‎03-02-2026 12:22 AM
838 Views
petertseng
Contributor IV

Hi Zhiming,

Can an IMX93 ELE-HSM be used to replace the Crypto Authentication IC (e.g., ATECC608A)?

If possible, how should I achieve this?

I would be extremely grateful if you could provide any relevant information or documents.

 

Thanks,

Peter

0 Kudos
Reply

‎03-03-2026 10:30 PM
797 Views
Zhiming_Liu
NXP TechSupport
NXP TechSupport

Hi @petertseng 

In certain scenarios, their functionalities overlap, but ELE-HSM cannot fully replace ATECC608A. If you require a completely independent/offiline secure element, then ATECC608A should be used. If your needs are limited to key storage + AES encryption/decryption + RNG + SHA + secure boot, then using ELE is an option.

Best Regards,
Zhiming

0 Kudos
Reply

‎03-09-2026 01:25 AM
602 Views
petertseng
Contributor IV

Hi Zhiming,

How can I store the public key on the IMX93 ?

Where is the public key physically stored ? (e.g., in OTP/eFUSE or root filesystem)?

Thanks,

Peter

0 Kudos
Reply
%3CLINGO-SUB%20id%3D%22lingo-sub-2321632%22%20slang%3D%22en-US%22%20mode%3D%22CREATE%22%3Ei.MX93%3A%20Encrypted%20Data%20Storage%20API%20Test%20Error%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2321632%22%20slang%3D%22en-US%22%20mode%3D%22CREATE%22%3E%3CP%3E%3CSPAN%3EHi%20Team%2C%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3CSPAN%3EI%20performed%20ELE-HSM%20Tests%20according%20to%20the%20method%20provided%20in%20the%20README%20file%20at%20%3CA%20href%3D%22https%3A%2F%2Fgithub.com%2Fnxp-imx%2Fimx-secure-enclave%2Fblob%2Flf-6.12.49_2.2.0%2F%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fgithub.com%2Fnxp-imx%2Fimx-secure-enclave%2Fblob%2Flf-6.12.49_2.2.0%2F%3C%2FA%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3CSPAN%3EThe%20following%20error%20was%20encountered.%3C%2FSPAN%3E%3C%2FP%3E%3CPRE%20class%3D%22lia-code-sample%20language-markup%22%3E%3CCODE%3E---------------------------------------------------%0AEncrypted%20Data%20Storage%20API%20Test%0A---------------------------------------------------%0AData%20%5BEncrypted%20%2B%20Signed%5D%20stored.%20SUCCESS%0A%0AData%20%5BEncrypted%20%2B%20Signed%5D%20retrieved.%20SUCCESS%0A%0ASignature%20Verified.%20SUCCESS.%0A%0ADecrypted%20data%20matches%20stored%20Plain%20data.%20SUCCESS%0A%0A%0ASAB%20Error%3A%20SAB%20CMD%20%5B0xa2%5D%20Resp%20%5B0x329%5D%20-%20Provided%20key-id%2C%20Unknown%20to%20key%20store..%0A%0Ahsm_data_ops%20%5BRETRIEVE%20Again%5D%20err%3A%200x3.%20SUCCESS%0ARetrieved%20Again%3A%20Data%20Empty.%20SUCCESS%0A---------------------------------------------------%3C%2FCODE%3E%3C%2FPRE%3E%3CBR%20%2F%3E%3CP%3E%3CSPAN%3EWhy%20is%20the%20ELE-HSM%20test%20reporting%20an%20error%3F%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3CSPAN%3EDo%20I%20need%20to%20store%20the%20key%20in%20OTP%20first%3F%3C%2FSPAN%3E%3C%2FP%3E%3CBR%20%2F%3E%3CP%3E%3CSPAN%3EAttach%20the%20logfile%3C%2FSPAN%3E%3C%2FP%3E%3CBR%20%2F%3E%3CP%3E%3CSPAN%20class%3D%22%22%3EThanks%2C%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22%22%3EPeter%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2324840%22%20slang%3D%22en-US%22%20mode%3D%22CREATE%22%20translate%3D%22no%22%3ERe%3A%20i.MX93%3A%20Encrypted%20Data%20Storage%20API%20Test%20Error%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2324840%22%20slang%3D%22en-US%22%20mode%3D%22CREATE%22%3E%3CP%3EHi%26nbsp%3B%3CSPAN%3EZhiming%2C%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3CSPAN%3ECan%20an%20IMX93%20ELE-HSM%20be%20used%20to%20replace%20the%20Crypto%20Authentication%20IC%20(e.g.%2C%20ATECC608A)%3F%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3CSPAN%3EIf%20possible%2C%20how%20should%20I%20achieve%20this%3F%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3CSPAN%3EI%20would%20be%20extremely%20grateful%20if%20you%20could%20provide%20any%20relevant%20information%20or%20documents.%3C%2FSPAN%3E%3C%2FP%3E%3CBR%20%2F%3E%3CP%3E%3CSPAN%20class%3D%22%22%3EThanks%2C%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22%22%3EPeter%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2324766%22%20slang%3D%22en-US%22%20mode%3D%22CREATE%22%20translate%3D%22no%22%3ERe%3A%20i.MX93%3A%20Encrypted%20Data%20Storage%20API%20Test%20Error%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2324766%22%20slang%3D%22en-US%22%20mode%3D%22CREATE%22%3E%3CP%3EHi%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fcommunity.nxp.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F58032%22%20target%3D%22_blank%22%3E%40petertseng%3C%2FA%3E%26nbsp%3B%3CBR%20%2F%3E%3CBR%20%2F%3EThis%20is%20a%20phenomenon%20consistent%20with%20the%20test%20expectations%3B%20there%20is%20no%20need%20to%20store%20the%20key%20in%20the%20OTP.%3CBR%20%2F%3E%3CBR%20%2F%3EBest%20Regards%2C%3CBR%20%2F%3EZhiming%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2325946%22%20slang%3D%22en-US%22%20mode%3D%22CREATE%22%20translate%3D%22no%22%3ERe%3A%20i.MX93%3A%20Encrypted%20Data%20Storage%20API%20Test%20Error%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2325946%22%20slang%3D%22en-US%22%20mode%3D%22CREATE%22%3E%3CP%3EHi%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fcommunity.nxp.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F58032%22%20target%3D%22_blank%22%3E%40petertseng%3C%2FA%3E%26nbsp%3B%3CBR%20%2F%3E%3CBR%20%2F%3EIn%20certain%20scenarios%2C%20their%20functionalities%20overlap%2C%20but%20ELE-HSM%20cannot%20fully%20replace%20ATECC608A.%20If%20you%20require%20a%20completely%20independent%2Foffiline%20secure%20element%2C%20then%20ATECC608A%20should%20be%20used.%20If%20your%20needs%20are%20limited%20to%20key%20storage%20%2B%20AES%20encryption%2Fdecryption%20%2B%20RNG%20%2B%20SHA%20%2B%20secure%20boot%2C%20then%20using%20ELE%20is%20an%20option.%3CBR%20%2F%3E%3CBR%20%2F%3EBest%20Regards%2C%3CBR%20%2F%3EZhiming%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2328744%22%20slang%3D%22en-US%22%20mode%3D%22CREATE%22%20translate%3D%22no%22%3ERe%3A%20i.MX93%3A%20Encrypted%20Data%20Storage%20API%20Test%20Error%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2328744%22%20slang%3D%22en-US%22%20mode%3D%22CREATE%22%3E%3CP%3EHi%26nbsp%3B%3CSPAN%3EZhiming%2C%3C%2FSPAN%3E%3C%2FP%3E%3CP%3EHow%20can%20I%20store%20the%20public%20key%20on%20the%20IMX93%20%3F%3C%2FP%3E%3CP%3EWhere%20is%20the%20public%20key%20physically%20stored%20%3F%20(e.g.%2C%20in%20OTP%2FeFUSE%20or%20root%20filesystem)%3F%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22%22%3EThanks%2C%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22%22%3EPeter%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E