This section contains a summary of all the keys used in TrustFence.

Signature keys

When not provided, Digi Embedded Yocto generates the following keys at the specified TRUSTFENCE_SIGN_KEYS_PATH location (by default, a subfolder in the project called trustfence/):

  • A PKI tree to sign the boot artifacts (under subfolder keys/)

  • A couple of key pairs (public/private) to sign FIT images (under subfolder fit/)

    • One key pair to sign the FIT image nodes

    • One key pair to sign the FIT configuration nodes

The folder contains the following:

  • fit/fitcfg.crt: public key for FIT configuration nodes

  • fit/fitcfg.key: private key for FIT configuration nodes

  • fit/fitimg.crt: public key for FIT image nodes

  • fit/fitimg.key: private key for FIT image nodes

  • keys/key_pass.txt: the eight randomly generated passwords in plain text

  • keys/privateKey00..07.pem: the eight private keys

  • keys/publicKey00..07.pem: the eight public keys

  • keys/publicKeyHash00..07.bin: hashes of the eight ECC public keys

  • keys/publicKeysHashHashes.bin: hash of the eight ECC public keys hashes table

If the key is compromised, you can revoke it and replace it with another one. See Revoke a key.

You must securely back up the entire PKI tree. Digi might require this PKI tree in order to accept RMAs of secured devices. Alternatively, you will be required to perform the signing of custom images and provide them to Digi.