4.5.1.1 Public Keys

Security Objectives:

• Integrity
• Authenticity

As discussed in Secure Boot, the security and authenticity of the code signature verification keys are critical for the security of the product. In Key Revocation of Code Signing Public Keys, the key store is stored in the root of trust and inherently trusted. For systems with a key store in a non-IRT section, the Cryptographic Accelerator Module (CAM) can be used to verify the integrity and authenticity as described in Key Rotation of Code Signing Public Keys.

If the key store needs to be accessed by non-IRT code as well, then the key store can be moved to OTP with writes disabled as discussed in Code Signing Keys of the Secure Boot use case example.