FAQs
English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

logic behind CST tool to find the private key to use

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED
Jump to solution

logic behind CST tool to find the private key to use

Jump to solution
‎04-16-2021 08:06 AM
1,286 Views
antonio_santagi
Contributor IV

Hello,

I read the document CST_UG.pdf included in the CST tool's zip archive.

However I can't find what it the logic used by the CST tool to retrieve the correct private key to sign the code.

In the CSF files there is usually mentioned the public key certificate like : 

File = "../crts/IMG1_1_sha256_4096_65537_v3_usr_crt.der"

These certificates/public keys are used at runtime to verify the validity of signatures.But I can never find a reference to the private key to be used to sign the code. 

How does the CST tool retrieve the correct private key to sign the code ? Does it go straight to the /keys subfolder and look for the right one ?

Should I place the private key always in the /keys subfolder ?

thank you

 

0 Kudos
Reply
1 Solution

Jump to solution
‎04-18-2021 09:38 PM
1,276 Views
Yuri
NXP Employee
NXP Employee

@antonio_santagi 
Hello,

  Yes, the CST uses the /keys directory to access the keys.

Also, customers can use HSM, as described in the following app note.

https://www.nxp.com/webapp/Download?colCode=AN12812

 

Regards,
Yuri.

View solution in original post

Reply
2 Replies

Jump to solution
‎04-19-2021 02:20 AM
1,272 Views
antonio_santagi
Contributor IV

thank you, this is useful.

0 Kudos
Reply

Jump to solution
‎04-18-2021 09:38 PM
1,277 Views
Yuri
NXP Employee
NXP Employee

@antonio_santagi 
Hello,

  Yes, the CST uses the /keys directory to access the keys.

Also, customers can use HSM, as described in the following app note.

https://www.nxp.com/webapp/Download?colCode=AN12812

 

Regards,
Yuri.

Reply