Is device id and ftpm importen for ekb

hey

I am working on encrypting the storage of the orin nano.
then I was trying to run the example.sh from optee hwkey I ended commented

 -in_device_id device_id_cert.der \
 -in_ftpm_sn 00000000000000000000 \ 
 -in_ftpm_eps_seed ftpm_eps_seed \
 -in_ftpm_rsa_ek_cert ftpm_rsa_ek_cert.der \
 -in_ftpm_ec_ek_cert ftpm_ec_ek_cert.der \

out as I didn’t know how to generate the files.
what is it used for and how imported are they

hello lucasjeppesen,

you may refer to developer guide, Generating Per-device EKB for more details.

hey
I am currently using Jetson r35.5.0 is the documentation valid for this jetson version?

hello lucasjeppesen,

you may see-also below for details.
$public_sources/r35.5.0/Linux_for_Tegra/source/public/atf_and_optee/optee/samples/ftpm-helper/README.md
$public_sources/r35.5.0/Linux_for_Tegra/source/public/atf_and_optee/optee/samples/ftpm-helper/host/tool/oem_ekb_gen.py

1 Like

thanks
this seams to be for the ftpm.
what about the device id ?

hello lucasjeppesen,

it’s explained here…
$public_sources/r35.5.0/Linux_for_Tegra/source/public/atf_and_optee/optee/samples/hwkey-agent/host/tool/gen_ekb/README
-in_device_id: A device ID cert in DER format [t234 only]

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.