FAQs
English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

RT1020 - How is the OTPMK set and used?

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

RT1020 - How is the OTPMK set and used?

‎07-06-2020 01:31 PM
1,794 Views
rshipman
Contributor V

Hi,

I have some questions regarding the OTPMK key:

  1. How do I set the OTPMK for the RT1020?
  2. When setting BEE_KEY0_SEL=b10 to use the OTPMK, does it use the OTPMK unchanged, or does it combine it with other things, like the unique ID? In other words, when you select OTPMK as the key source, does it use a derived key tied to the chip, or does it use the OTPMK as it is burnt into fuses?
  3. What is the difference between using the OTPMK and SW_GP2 other than they are different fuses?

Thanks and regards,

Ronnie

Labels (1)
Labels
0 Kudos
Reply
3 Replies

‎07-08-2020 04:03 PM
1,659 Views
FelipeGarcia
NXP Employee
NXP Employee

Hi Ronnie,

 

Please see my answers below.

 

1. The OTPMK fuse value is programmed by NXP during chip manufacture. You cannot set this value.

 

2. The OTPMK key value is derived, it can be used on the device but cannot be read even by NXP or directly from fuses.

 

3. The main difference is that SW-GP2 is user-defined key, not provisioned by NXP. If the SWGP2 fuse is used as a key you can write and read locking of the fuse using SW_GP2_LOCK and SW_GP2_RLOCK.

 

I hope this helps!

 

Best regards,

Felipe

-------------------------------------------------------------------------------

Note:

- If this post answers your question, please click the "Mark Correct" button. Thank you!

- We are following threads for 7 weeks after the last post, later replies are ignored.

Please open a new thread and refer to the closed one, if you have a related question at a later point in time.

------------------------------------------------------------------------------ 

Reply

‎07-09-2020 12:43 AM
1,658 Views
rshipman
Contributor V

Thank you Felipe.

More questions:

1. Is the 'derived OTPMK' actually the 'crypto key' which is also based on the 'unique id' and possibly other stuff?

2. In otherwords the 'derived OPTMK' is tied inextricably to the chip. So I cannot download and update the KIB in the field if I needed to because it needs to be generated by the chip. The only way to do this without the same chip is to use the SW_GP2 key? I'm not saying I need to do this, I just want to confirm I understand this. And this is also the reason for the DEK blob stuff if I wanted to use that.

Kind regards,

Ronnie

0 Kudos
Reply

‎07-15-2020 11:52 AM
1,659 Views
FelipeGarcia
NXP Employee
NXP Employee

Hi Ronnie,

 

1. OTPMK is unique secret key programmed and locked by NXP. The structure cannot be shared.

 

2. That is correct.

 

Best regards,

Felipe

0 Kudos
Reply