logic behind CST tool to find the private key to use

キャンセル
次の結果を表示 
表示  限定  | 次の代わりに検索 
もしかして: 

logic behind CST tool to find the private key to use

ソリューションへジャンプ
1,913件の閲覧回数
antonio_santagi
Contributor IV

Hello,

I read the document CST_UG.pdf included in the CST tool's zip archive.

However I can't find what it the logic used by the CST tool to retrieve the correct private key to sign the code.

In the CSF files there is usually mentioned the public key certificate like : 

File = "../crts/IMG1_1_sha256_4096_65537_v3_usr_crt.der"

These certificates/public keys are used at runtime to verify the validity of signatures.But I can never find a reference to the private key to be used to sign the code. 

How does the CST tool retrieve the correct private key to sign the code ? Does it go straight to the /keys subfolder and look for the right one ?

Should I place the private key always in the /keys subfolder ?

thank you

 

0 件の賞賛
返信
1 解決策
1,903件の閲覧回数
Yuri
NXP Employee
NXP Employee

@antonio_santagi 
Hello,

  Yes, the CST uses the /keys directory to access the keys.

Also, customers can use HSM, as described in the following app note.

https://www.nxp.com/webapp/Download?colCode=AN12812

 

Regards,
Yuri.

元の投稿で解決策を見る

2 返答(返信)
1,899件の閲覧回数
antonio_santagi
Contributor IV

thank you, this is useful.

0 件の賞賛
返信
1,904件の閲覧回数
Yuri
NXP Employee
NXP Employee

@antonio_santagi 
Hello,

  Yes, the CST uses the /keys directory to access the keys.

Also, customers can use HSM, as described in the following app note.

https://www.nxp.com/webapp/Download?colCode=AN12812

 

Regards,
Yuri.