Tool/software:
Hello,
In [1] it is stated, that in AM62X processors the host doesn't have access to the Crypto Accelerator.
Question 1:
Does this mean, we cannot use option 1
"System Firmware programs SA2UL with DKEK. Host performs encryption/decryption with SA2UL."
mentioned in [2] ?
Question 2:
Is it possible to reference the dkek key or some data in the extended OTP efuses when calling the encryption API from the HOST referenced in [3]? Or do I have to provide the key in a plain form when calling the API?
The reason I am asking is following:
We have a requirement to to store a firmware in the eMMC, encrypted with a device specific unique key. I would like to avoid, exposing the key to the host.
Thanks
Hakan
[3] https://software-dl.ti.com/tisci/esd/latest/6_topic_user_guides/csp.html#cryptographic-services
