Other Parts Discussed in Thread: MSPM0G3519, MSPM0G3507
Tool/software:
On MSPM0G3519, I want to clarify the correct way to load keys into the Keystore.
From the TRM and SDK, my understanding is:
-
Keys are normally loaded into the Keystore during the Customer Secure Code (CSC) init phase using
DL_KEYSTORECTL_writeKey(). -
In the provided SDK examples, the keys are hardcoded in source code and placed into a
.secretflash section via the linker script, and then written into the Keystore. (aesadv_cmac_256_enc_dec.c)
(This is my understanding please correct it If I am wrong)
My questions are:-
Is hardcoding keys into
.secretflash and then writing them into Keystore via CSC the only supported option, or are there alternatives? -
For production, what is the recommended secure provisioning flow to ensure each device has unique keys without exposing plaintext keys in source code?
-
My requirement is that I would like to store the key in flash in encrypted format, and then use a flash read API to read it and load it into the Keystore. Is this flow feasible/supported, or must the Keystore only accept plaintext keys at load time?
Additional note (MSPM0G3507):
On MSPM0G3507, I see that only the basic AES accelerator is available and there is no Keystore controller. What is TI’s recommended secure provisioning method in this case, since keys can only be loaded via software into AES registers? -