FAQs
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Determine the padding to save the firmware SHA256 using STM32F746GDISCOVERY to verify integrity

EViei.1
Associate

‎2021-04-16 07:03 AM

I am trying to implement a firmware integrity check using the Cryptographic Library (X-CUBE-CRYPTOLIB) for this I have to calculate the SHA256 checksum and then determine the padding and include it in the binary that I will upload to the board.

I've been watching STM's mooc Security part 4

https://www.youtube.com/watch?v=RahlfYJ1gDs&list=PLnMKNibPkDnF0wt-ZI74SflnsBV4yKzkO&index=7

And in the lab they do the verification for a stm32g0. The problem is that I do not know how to determine the size of the firmware, in the laboratory they use the page size but on my board the flash memory has blocks of different sizes:

0693W000008znA9QAI.png 

I also have an external memory to which I also want to make the SHA256 calculation. This memory consists of 256 blocks of 64k (These are all the same size).

0693W000008znBWQAY.png0693W000008znBlQAI.pngAnother difficulty I have is that the hex file covers two sectors (internal and external flash) so I don't know whether to put the internal and external hashes separately (just after the FW zone hit).

Labels:
0 Kudos
1 REPLY 1
Jocelyn RICARD
ST Employee

‎2021-05-04 11:11 AM

Hello,

You must find a way to compute your firmware size. Either in one part or 2 parts.

There is no padding needed to compute a hash, and no relation with sector size.

Now, if you want to be sure no code will be injected in spare parts of the flash, you can compute the hash on the whole memory, but this will take much longer to check at boot time.

Best regards

Jocelyn

0 Kudos
Top