Hello;
I was confusing about the OTP Keyswriter Certificate and would like to get the answer ASAP.
In the link it indicates the KEK(AES256 - a hardware random key per SoC) used the customer's keys encryption when generating
the OTP Keywriter Certificate :
https://software-dl.ti.com/tisci/esd/latest/6_topic_user_guides/key_writer.html
But in the "AM64X_AM243X_OTP_Keywriter_User_Guide_08.02.pdf", the procedure for generating the OTP Keywriter Certificate
is done exclusively in the script and has no interface to the CPU.
So I need the clear explanation of how the KEK is used in this case ?
Is it the OTP Keyswriter Certificate one-to-one per CPU (If the HW access to get the KEK) or it can be used to program the
customer's keys (SMEK/BMEK SMPK/BMPK) for multiple CPUs of the same family.
Regards;
Huynh
