Tegra Security Engine behaviour after fuse flashing

I have been doing some exploring of the encryption engine accessed via /dev/tegra-crypto and mainly on using it with TEGRA_CRYPTO_IOCTL_NEED_SSK and it’s internal SSK.

Our test device has no fuses set, so

is set to zero and from checking two different nano modules the encryption results are different for each device, so we’re assuming some part of the SSK is device specific and not totally related to the device key, at least we are hoping so anyhow.

My question is mainly would we expect any changes between how things behave now, with no fuses set and once we blow the final production fuse and the device is in production mode? SO even if the Device Key is set to 0, the encryption is device/module specific.

My test code is below, and the “Output Data:” was what we checked, and it was symmetric, so re-encrypting it brought us back to the original and it was different across different modules.

  retcode = ioctl(crypto_dev, TEGRA_CRYPTO_IOCTL_NEED_SSK, 1);

  // Set up
  ourRequest.op = TEGRA_CRYPTO_CBC;
  ourRequest.encrypt = true;
  memset(ourRequest.key, 0 ,TEGRA_CRYPTO_KEY_128_SIZE);
  ourRequest.keylen = TEGRA_CRYPTO_KEY_128_SIZE;
  memset(ourRequest.iv, 0x55 ,TEGRA_CRYPTO_IV_SIZE);
  memcpy(ourRequest.iv, default_iv, TEGRA_CRYPTO_IV_SIZE);
  ourRequest.ivlen = TEGRA_CRYPTO_IV_SIZE;
  ourRequest.plaintext = plaintext;
  ourRequest.result = resulttext;
  ourRequest.plaintext_sz = strlen(plaintext);
  ourRequest.skip_iv = 0;
  ourRequest.skip_exit = false;

  printf("Changing skip_key to 0\n");
  ourRequest.skip_key = 0; 

  // Do the encrypt
  printf("Input Data  : ");
  dump_buffer(plaintext, strlen(plaintext));
  retcode = ioctl(crypto_dev, TEGRA_CRYPTO_IOCTL_PROCESS_REQ, &ourRequest);
  if (retcode != 0) {
    printf("ioctl(TEGRA_CRYPTO_IOCTL_PROCESS_REQ) returned %d (errNo = %s)\n", retcode, strerror(errno));

  printf("Output Data : ");
  dump_buffer(resulttext, strlen(plaintext));


hello mkelly1,

you should get the latest SecureBoot package through Jetson Linux | NVIDIA Developer.
please also refer to the developer guide, please check Security chapter for instructions to enable Jetson security.

there’s Tutorials | NVIDIA Developer page, please see Jetson Security and Secure Boot for an overview of security features for the Jetson product family and explains in detailed steps the secure boot process, fusing, and deployment aspects.

During testing we have secured a module with the public key hash so that it only boots signed images and set the production flash bit to 0x1. We didn’t touch the DK entry.

Our testing seems to show our operation of the Tegera-SE driver via /dev/tegra-crypto is unchanged from our unsecured operation and different modules seem to still have unique encryption results when set to work with TEGRA_CRYPTO_IOCTL_NEED_SSK which is what we wanted.

Kind Regards

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.