RT1170 Does HAB API signature verification conflict with CAAM module initialization?

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

RT1170 Does HAB API signature verification conflict with CAAM module initialization?

272 Views
I_AM_ROBOT
Contributor I

In a life cycle, if the CAAM module is initialized, then calling the HAB API to verify the signature will fail. If the CAAM module is not initialized, the signature verification will succeed. What is the reason?

Currently, the CAAM module needs to be used to generate a true random number seed

 

0 Kudos
Reply
1 Reply

218 Views
diego_charles
NXP TechSupport
NXP TechSupport

Hi @I_AM_ROBOT 

Thank you very much for your patience. 

I presume the reason is because the HAB is using the CAAM to accelerate some cryptographic operations during the HAB boot or during the call of signature verification  API from the application. As stated on the RM :

Depending on the algorithm, HAB will use the CAAM to accelerate some crypto
operations:

diego_charles_0-1722288872581.png

I would recommend using the CAAM after executing those APIs.

Let me know if you have any more related questions. 

Diego

 

0 Kudos
Reply