FAQs
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

How many Public Keys we can store in Secure Boot. As per understanding from SBSFU examples, we can store only one public key to verify the signature of firmware. Can't we store more than one KEY ??

SPati.7
Associate III

‎2022-05-23 02:02 AM

We want to store up to 4 Public Keys as backup, in case of any exploit in one KEY, we can switch to another.

So, Can you provide any solution to store more than one Public KEY in SBSFU solution??

Labels:
0 Kudos
5 REPLIES 5
Bubbles
ST Employee

‎2022-05-23 02:33 AM

Hi @SPati.7​ ,

on what product are you developing? Some SBSFU implementations include a KMS to deal with multiple keys in a hierarchy, including key loading and revoking. I believe there is such example with one of the L4 IOT demo boards.

Using 4 keys without means to control the key lifetime would not help your cause, only increase attack surface. The secure boot must be able to distinguish exploited keys for your scheme to work.

BR,

J

To give better visibility on the answered topics, please click on Accept as Solution on the reply which solved your issue or answered your question.

0 Kudos
SPati.7
Associate III
In response to Bubbles

‎2022-05-23 03:30 AM

We are using STM32H753 MCU, where we don't have KMS.

For us KEY lifetime doesn't matter, we should able to switch to new KEYS in case of KEY1, exploit.

0 Kudos
Fred
ST Employee

‎2022-05-23 04:16 AM

This depends on what you define in your linker file.

You can extend the keys area if needed:

/* SE key region protected by MPU isolation */

define exported symbol __ICFEDIT_SE_Key_region_ROM_start__    = __ICFEDIT_SE_CallGate_Region_ROM_End__ + 1;

define exported symbol __ICFEDIT_SE_Key_region_ROM_end__     = __ICFEDIT_SE_Key_region_ROM_start__ + 0x2FF; /* H7: The minimum PCROP area that can be set is 16 Flash words, that is 512 bytes. */

You can refer to AN5056 section 3.2.1.

0 Kudos
SPati.7
Associate III

‎2022-05-23 05:33 AM

Sure @Fred​ . Thanks for details.

But with this much size 512 Bytes, How many ECC256 type of Keys can be stored ??

0 Kudos
Fred
ST Employee

‎2022-05-23 09:27 AM

The 512 bytes are the minimum size you must configure for this section because of PCROP but you can go beyond it.

Your are mentioning ECC256 so I guess you have 256-bit keys so 32 bytes per key.

You can see how several keys can be provisioned via prebuild.bat in SE_CoreBin project:

:ECDSA

set "ecckey=%1\\..\\Binary\\ECCKEY1.txt"

set "command=%python%%prepareimage% trans -k %ecckey% -f SE_ReadKey_1_Pub -v %cortex% >> %asmfile%"

%command%

IF %ERRORLEVEL% NEQ 0 goto error

set "ecckey=%1\\..\\Binary\\ECCKEY2.txt"

IF NOT EXIST %ecckey% goto end

set "command=%python%%prepareimage% trans -k %ecckey% -f SE_ReadKey_2_Pub -v %cortex% >> %asmfile%"

%command%

IF %ERRORLEVEL% NEQ 0 goto error

set "ecckey=%1\\..\\Binary\\ECCKEY3.txt"

IF NOT EXIST %ecckey% goto end

set "command=%python%%prepareimage% trans -k %ecckey% -f SE_ReadKey_3_Pub -v %cortex% >> %asmfile%"

%command%

IF %ERRORLEVEL% NEQ 0 goto error

If you do not use the multi-images feature of X-CUBE-SBSFU then you can probably reuse these "slots".

0 Kudos
Top