Visible to Intel only — GUID: thr1569939080616
Ixiasoft
Visible to Intel only — GUID: thr1569939080616
Ixiasoft
2.2. Anti-Rollback Capability
The Intel® MAX® 10 BMC RoT provides anti-rollback capability through the code signing key ID cancellation feature. A CSK is assigned an ID, a number between 0-127, during the signing process. CSK ID cancellation information is stored in 128-bit fields in write-once locations in flash. When a code signing key ID is canceled, the Intel® MAX® 10 BMC RoT rejects all signatures created with a CSK that is assigned that ID. If a CSK ID that is used in an old update is canceled after applying a new update with a different CSK ID, the Intel® MAX® 10 BMC RoT rejects the signature of the old update, preventing a rollback to the old update.