Main Site Documentation

Certificate store and private key protection


#1

Hello,

Is there a secure implementation of the certificate store from GHI ? Maybe more important, is there a secure implementation of a private key store ?

By secure I mean access protected by password and directory encrypted against reverse engineering or things like that (disassembling, …). Is GHIElectronics.NETMF.Hardware.Configuration.TinyBooter.DisableApplicationAccess protecting the stores ?

Thanks for your answers
Lionel


#2

Yes, that method will completely lockout your software.

Now, remember that is impossible to make something 100% secure, on these devices or anything out there. GHI provides no guarantees but we did our best to test it out.


#3

Hello Gus, thanks for your answer,

Related to this question, I wonder if DisableApplicationAccess can be disabled to do a software update ?


#4

You are expected to have your own in-field update method, which should be encrypted and secure to fit your needs. Like customer updating the firmware from a USB memory stick or directly from your website.


#5

Ok thank you for the answer Gus

Best regards
Lionel