The PKC Key List is used to generate PublicKeyHash fuse value and to sign images.
In my opinion, only public keys are needed in the first case (no any private keys are needed). And only one private key is needed in the second case (other keys should be public).
However, the PKC Key List format always requires all private keys. It is not secure because all keys can be compromised at the same time. We also need to use different private keys for sign images during flashing and OTA processes. So all 16 public keys must be present on the device, due to any of these keys might be used for signature verification.
Is it possible to use the PKC Key List with:
only one private key and 15 public keys?
all 16 public keys?
If not, will you support this in further JP releases?
as mentioned by developer guide, the security of your device depends on how securely you keep the key file.
it’s also a caution section to mention below..
Avoid generating and storing the key pair under bootloader/ directory but a secure location instead.
Checked that boot after Capsule Update failed with “E> LOADER: Failed to verify PCP hash" error due to only one PKC key in the key list used for building Capsule.
Building Capsule by using all 16 keys solves the issue.
So despite of Thor supports 16 PKC keys, all keys bundled together and behave as one key due to software limitation.