Using ZMK for blobs

キャンセル
次の結果を表示 
表示  限定  | 次の代わりに検索 
もしかして: 
1,230件の閲覧回数
eren_yilmaz
Contributor III

Thanks Yuri.

As a workaround for SEC_CONFIG being not set, can I use ZMK since that can be set in a non-secure mode, and have CAAM use that for blob encapsulation and decapsulation?

0 件の賞賛
返信
1 解決策
1,119件の閲覧回数
Yuri
NXP Employee
NXP Employee

Correct,  ZMK cannot be used in non-secure mode with CAAM.

~Yuri.

元の投稿で解決策を見る

5 返答(返信)
1,119件の閲覧回数
Yuri
NXP Employee
NXP Employee

Hello,

  from i.MX6 Security RM:

When the chip is in the non-secure state, CAAM cannot decapsulate blobs that were
encapsulated while CAAM was in a trustworthy state (either secure state or trusted state).


Have a great day,
Yuri

-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!

- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.

0 件の賞賛
返信
1,119件の閲覧回数
eren_yilmaz
Contributor III

Hello  Yuri,

Yes I know that. But my question is for operations in non-secure state.

Can CAAM use ZMK to encapsulate and decapsulate blobs in a non-secure state?

0 件の賞賛
返信
1,119件の閲覧回数
Yuri
NXP Employee
NXP Employee

Hello,

  In non-secure mode a fixed default key with a known value  is used in place of the master key.

Regards,

Yuri.

0 件の賞賛
返信
1,119件の閲覧回数
eren_yilmaz
Contributor III

Hi Yuri,

So ZMK cannot be used in non-secure mode with CAAM? Instead of that default known key.

Thanks

0 件の賞賛
返信
1,120件の閲覧回数
Yuri
NXP Employee
NXP Employee

Correct,  ZMK cannot be used in non-secure mode with CAAM.

~Yuri.