Configuration Update with Key Revocation

Versal ACAP Technical Reference Manual (AM011)

Document ID
AM011
Release Date
2022-04-26
Revision
1.4 English

Now that a baseline configuration update use case has been described, it is necessary to look at that use case when booting using the A-HWRoT mode. Key revocation is an integral part of any public key system. When keys are changed (as is a good key management practice), or if a private key has been compromised, the ability to revoke keys is needed to provide rollback protections. This section describes the process of revoking both PPKs and SPKs, as well as the use of revocation as a tamper penalty.