FAQs
English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

Though OCOTP_LOCK[SRK_LOCK] was set, SRKs in the shadow registers can be seen.

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED
Jump to solution

Though OCOTP_LOCK[SRK_LOCK] was set, SRKs in the shadow registers can be seen.

Jump to solution
‎08-19-2015 10:50 AM
1,234 Views
george
Senior Contributor II

Dear All,

We use HAB.

And OCOTP_LOCK[SRK_LOCK] was set.

However, the keys can be seen via the shadow registers.

Is this the correct behavior?

Writen Lock Register :

  • OCOTP_LOCK => 0x00004040 (SRK_LOCK, SJC_RESP_LOCK)

Read Shadow Registers :

  • 21B_C580  OCOTP_SRK0  (The written key value)
  • 21B_C590  OCOTP_SRK1  (The written key value)
  • 21B_C5A0  OCOTP_SRK2  (The written key value)
  • 21B_C5B0  OCOTP_SRK3  (The written key value)
  • 21B_C5C0  OCOTP_SRK4  (The written key value)
  • 21B_C5D0  OCOTP_SRK5  (The written key value)
  • 21B_C5E0  OCOTP_SRK6  (The written key value)
  • 21B_C5F0  OCOTP_SRK7  (The written key value)
  • 21B_C600  OCOTP_RESP0  0xBADABADA
  • 21B_C610  OCOTP_RESP1  0xBADABADA

Is there something where you noticed ?

Best Regards,

George

Labels (6)
Reply
1 Solution

Jump to solution
‎08-20-2015 11:49 PM
854 Views
Yuri
NXP Employee
NXP Employee

  From the RM :

SRK_LOCK :
0 - Unlock

   1 - Write Protect + Override Protect


No read protection.

Have a great day,
Yuri

-----------------------------------------------------------------------------------------------------------------------
Note: If this post answers your question, please click the Correct Answer button. Thank you!
-----------------------------------------------------------------------------------------------------------------------

View solution in original post

0 Kudos
Reply
4 Replies

Jump to solution
‎08-20-2015 11:49 PM
855 Views
Yuri
NXP Employee
NXP Employee

  From the RM :

SRK_LOCK :
0 - Unlock

   1 - Write Protect + Override Protect


No read protection.

Have a great day,
Yuri

-----------------------------------------------------------------------------------------------------------------------
Note: If this post answers your question, please click the Correct Answer button. Thank you!
-----------------------------------------------------------------------------------------------------------------------

0 Kudos
Reply

Jump to solution
‎08-21-2015 01:59 AM
854 Views
george
Senior Contributor II

Dear Yuri,

Thank you for telling carefully.

I understand very well.

Thnaks,

George

0 Kudos
Reply

Jump to solution
‎08-20-2015 11:24 AM
854 Views
george
Senior Contributor II

Dear All,

Is the above my misapprehension?

Can't it prevent looking into SRK?

Best Regards,

George

0 Kudos
Reply

Jump to solution
‎08-20-2015 11:35 PM
854 Views
Yuri
NXP Employee
NXP Employee

George, hello

  OCOTP_SRKx registers contain hash of the SRK - just for checking of public keys,

assuming private key pairs are not accessible and are located on safe servers.
"The SRK table allows installation of one of four (maximum) public keys. This key is used as

the root of the HAB public key infrastructure. The SRK table is constructed from up to four public

SRKs. A cryptographic hash of this table is generated by the CST; the generated cryptographic

hash is then provisioned to the SRK_HASH field in OTP fuses during manufacturing."

Regards,
Yuri.

Reply