Tool/software:
Hi,
As given, The keyring is a set of keys which can be imported by SBL after importing the HSM runtime binary on an HS-SE device. For importing keyring TIFS-MCU expects an X.509 certificate signed by customer active root of trust (MPK). If X.509 certificate is containing symmetric keyring extension, the symmetric keyring blob must be encrypted with active root key.
In RBL, already certificate generation and its validation is completed,. Then what's the significance of certificate in SBL? Why are the keys again inserted into certificate?
And do we generate certificate 2 times i.e, during RBL for loading SBL and during SBL for loading application image?
If yes, does this certificate in SBL is same as RBL process. If not same, what might the difference between them?
Thanks and Regards,
Geetha.
