AnsweredAssumed Answered

HAB4 - CST descendant key compromised

Question asked by Antonio Santagiuliana on Mar 27, 2020
Latest reply on Mar 29, 2020 by Yuri Muhin


I am using HAB4 and CST.

I read that SRK key can be revoked by blowing appropriate fuse.

Suppose I signed an image with an IMG1 key, subordinate , for example, to SRK1 key.

Suppose that IMG1 key gets compromised.

Can I revoke in some way only the IMG1 key, without revoking SRK1 key ? I guess answer is no, but just to double check for official answer.

So an image signed by that IMG1 key will always be authenticated unless correspondent SRK1 key is revoked. Is this correct ? Or can I stop that to happen without revoking SRK1 ?



thank you