HAB4 - CST descendant key compromised

キャンセル
次の結果を表示 
表示  限定  | 次の代わりに検索 
もしかして: 

HAB4 - CST descendant key compromised

ソリューションへジャンプ
1,112件の閲覧回数
antonio_santagi
Contributor IV

Hello,

I am using HAB4 and CST.

I read that SRK key can be revoked by blowing appropriate fuse.

Suppose I signed an image with an IMG1 key, subordinate , for example, to SRK1 key.

Suppose that IMG1 key gets compromised.

Can I revoke in some way only the IMG1 key, without revoking SRK1 key ? I guess answer is no, but just to double check for official answer.

So an image signed by that IMG1 key will always be authenticated unless correspondent SRK1 key is revoked. Is this correct ? Or can I stop that to happen without revoking SRK1 ?

thank you

ラベル(3)
タグ(3)
0 件の賞賛
返信
1 解決策
1,049件の閲覧回数
Yuri
NXP Employee
NXP Employee

Hello,

 

  Yes, only SRK can be revoked; "an image signed by that IMG1 key will always be authenticated

unless correspondent SRK1 key is revoked".

 

Have a great day,

Yuri.

 

-------------------------------------------------------------------------------

Note:

- If this post answers your question, please click the "Mark Correct" button. Thank you!

- We are following threads for 7 weeks after the last post, later replies are ignored

 

Please open a new thread and refer to the closed one, if you have a related question at a later point in time.

元の投稿で解決策を見る

1 返信
1,050件の閲覧回数
Yuri
NXP Employee
NXP Employee

Hello,

 

  Yes, only SRK can be revoked; "an image signed by that IMG1 key will always be authenticated

unless correspondent SRK1 key is revoked".

 

Have a great day,

Yuri.

 

-------------------------------------------------------------------------------

Note:

- If this post answers your question, please click the "Mark Correct" button. Thank you!

- We are following threads for 7 weeks after the last post, later replies are ignored

 

Please open a new thread and refer to the closed one, if you have a related question at a later point in time.