AnsweredAssumed Answered

Trusty RPMB Key question

Question asked by Li Zhongyue on Apr 3, 2019
Latest reply on Apr 9, 2019 by G.Y. CHEN

Dear NXP engineers,

 

I am from China Hirain company, now i am working on security features on IMX8 with android auto P OS.

I am trying to check RPMB key in trusty trustzone OS, however, it is failed in geting kbox via API "caam_get_keybox()".

 

struct keyslot_package* kbox = caam_get_keybox();    if (strncmp(kbox->magic, KEYPACK_MAGIC, 4)) {
       TLOGE("Invalid magic\n");
     return;
     }

the kbox->magic is null, so rpmb_keyblob cannot be get from caam keybox.

could you help check the reason why the kbox-> magic is null?
it seems there is something wrong with caam features on IMX8 android auto chipset.

However, i still want to know the common RPMB key concept on IMX7 or earlier chipset with CAAM featus.
for example, how is the RPMB key stored in the CAAM Keybox?

 

Outcomes