I am using the RT1020, but I am told this document applies:
Security Reference Manual for the i.MX RT1050 Processor, Rev. 1, 04/2018
Regarding the following notes found in this section:
Section 126.96.36.199 Key Info Block, pages 78-80
• KIB1 is encrypted to EKIB1 using BEE_KEY1 provisioned in eFUSE
• KIB0 is encrypted to EKIB0 using BEE_KEY0 provisioned in eFUSE
• PRDB0 is encrypted using AES_KEY and IV in EKIB0, while the encrypted region defined in PRDB0 is encrypted by the key source specified in BEE_KEY0_SEL.
• PRDB1 is encrypted using AES_KEY and IV in EKIB1, while the encrypted region defined in PRDB1 is encrypted by the key source specified in BEE_KEY1_SEL.
- So first of all does BEE_KEY1 = BEE_KEY1_SEL and BEE_KEY0 = BEE_KEY0_SEL?
- Why is the PRDB block encrypted with the key and iv in the KIB blocks, when everything else is encrypted using the BEE_KEYn_SEL keys? Why not just use BEE_KEYn_SEL for everything?
Many thanks and kind regards,