Hello,
I read the document CST_UG.pdf included in the CST tool's zip archive.
However I can't find what it the logic used by the CST tool to retrieve the correct private key to sign the code.
In the CSF files there is usually mentioned the public key certificate like :
File = "../crts/IMG1_1_sha256_4096_65537_v3_usr_crt.der"
These certificates/public keys are used at runtime to verify the validity of signatures.But I can never find a reference to the private key to be used to sign the code.
How does the CST tool retrieve the correct private key to sign the code ? Does it go straight to the /keys subfolder and look for the right one ?
Should I place the private key always in the /keys subfolder ?
thank you
Solved! Go to Solution.
@antonio_santagi
Hello,
Yes, the CST uses the /keys directory to access the keys.
Also, customers can use HSM, as described in the following app note.
https://www.nxp.com/webapp/Download?colCode=AN12812
Regards,
Yuri.
thank you, this is useful.
@antonio_santagi
Hello,
Yes, the CST uses the /keys directory to access the keys.
Also, customers can use HSM, as described in the following app note.
https://www.nxp.com/webapp/Download?colCode=AN12812
Regards,
Yuri.