Generate new private key with PHK(private hardware key) in msm7x30

Overview
To access the private hardware key in 7x30, JTAG must be disabled so it will inconvenience to debug. so the workaround is to use PHK to generate the derived oem private key, which can be used to encrypt the RAMFS.
Prerequisite
1. To practice the code, the MARM_ANY_MODE_DISABLE and SC_SPIDEN_DISABLE efuse must be blown to gain the access to PHK.
2. CS Chipsets are required because all the CS chips has random PHK blown but ES chip leave it blank. customer can refer 80-VJ693-4 (7x30 revision guide) to know which version chip is CS.
Sample code in osbl
With the code, the derrived_key[] is generated and put into IMEM, so after re-enable the Jtag by configure override register. and customer can check the value in the IMEM to check their generated private keys.The generated keys are unique for each handset because PHK is unique for each chip

void osbl_main_ctl
(
boot_dbl_if_shared_info_type *dbl_shared_info_ptr
)
{
/*snip*/
/* Add the OSBL address range to the memory protection */
boot_clobber_add_global_protection_region( (void*) OSBL_CODE_BASE,
OSBL_MAX_IMAGE_SIZE );

{
uint32 ao_debug_privilege;
Crypto2_AES_Ctx ctx;
CE_Result_Type ret_val = CE_ERROR_NONE;
HAL_CE_CipherModeType ce_mode = HAL_CRYPTO_CIPHER_MODE_ECB;
HAL_CE_CipherEncryptDir ce_dir = HAL_CRYPTO_CIPHER_ENCRYPT;

uint8 plaintxt_input[16] = {1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16};
uint8 derrived_key[16] = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0};
uint32 der_key[4] = {0,0,0,0};
ret_val = CE_Cipher_Init( &ctx,
HAL_CRYPTO_CIPHER_ALG_AES );
if (ret_val != CE_ERROR_NONE)
{
return;
}

ret_val = CE_Cipher_SetParam( &ctx,
HAL_CRYPTO_CIPHER_PARAM_MODE,
(void *)&ce_mode,
sizeof(HAL_CE_CipherModeType));
if (ret_val != CE_ERROR_NONE)
{
return;
}
ret_val = CE_Cipher_SetParam( &ctx,
HAL_CRYPTO_CIPHER_PARAM_DIRECTION,
&ce_dir,
sizeof(HAL_CE_CipherEncryptDir));
if (ret_val != CE_ERROR_NONE)
{
return;
}

ret_val = CE_Cipher_SetKey( &ctx, NULL, 0);
if (ret_val != CE_ERROR_NONE)
{
return;
}
ret_val = CE_Cipher_ProcessBlocks( &ctx,
HAL_CRYPTO_CIPHER_ALG_AES,
plaintxt_input,
sizeof(plaintxt_input),
derrived_key);

if (ret_val != CE_ERROR_NONE)
{
return;
}
//write the pseudo key into IMEM: 0x80040000 to 0x8005ffff
der_key[0] = derrived_key[0];
der_key[1] = derrived_key[1];
der_key[2] = derrived_key[2];
der_key[3] = derrived_key[3];

(*((volatile uint32 *) (0x80040000)) = ((uint32) (der_key[0])));
(*((volatile uint32 *) (0x80040004)) = ((uint32) (der_key[1])));
(*((volatile uint32 *) (0x80040008)) = ((uint32) (der_key[2])));
(*((volatile uint32 *) (0x8004000C)) = ((uint32) (der_key[3])));

/* Create mARM debug enable value to override e-fuses and
enable mARM JTAG debugging. */
ao_debug_privilege = 1 <<
HWIO_SHFT( OVERRIDE_1, OVRID_MARM_DBG_DISABLE );

/* Enable mARM JTAG debugging. */
HWIO_OUTM( OVERRIDE_1,
HWIO_FMSK( OVERRIDE_1, OVRID_MARM_DBG_DISABLE ),
ao_debug_privilege );
}

osbl_do_procedures( &bl_shared_data,
osbl_main_procs );
/*snip*/
}