Hi,
I have Sabre I MX Solox Eval board. I am trying signed HABV4 boot. A want to ask a quick confirmation question may be obvious for many.
Think about you have one board and you are making trials on signed boot.
If the SRK_1_2_3_4_table.bin is installed in CSF with "INSTALL SRK" command; it is irreversible so the public key hashes written to those locations can not be changed. That makes the very first trial is binding the board to set of private keys to sign images in later trials right? So ; the user of the board needs to protect those private keys in order to be able to use the board later for signed boot.
As I understand blowing the SRK_LOCK fuse is just to protect what is written to those locations.
If this is the case (that I understand from the documents it is) , and the evaluation boards are sometimes hard to obtain, the people who may jump on to do a first trial very quick say using 2048 bit key and then decide to use 4096 bit key may have to look for a another board?
Thanks for answering/confirming (possibly trivial question) @nxp Tech support
