2022-06-27 05:40 AM
From SBSFU examples, with default SECUSER memory setting except reading from OB registers, it is only protecting SBSFU area alone.
Are we need to protect SBSFU + ACT_SLOT HEADER (1024 Bytes for H7) area as well right ??
So what is your recommendation on protection of HEADER ??
Solved! Go to Solution.
2022-07-04 01:07 AM
@Fred Are we replacing ACT SLOT Header with DNLD_SLOT HEADER on swapping of ACT and DNLD Slots ??
If we are swapping headers as well, we are loosing last IMAGE STATE right ??
Also, i need your one suggestion on storing of persistent information on FLASH. is it possible to PUSH ACT SLOT HEADER for 1KB down and use this for persistent storage and protected with SECURE USER MEMORY ??
2022-07-04 08:01 AM
Yes, if you update the software, then you update the header, that's true.
And it makes sense to loose the image state because it is a new software you need to validate again.
There are several ways to store persistent information, so it depends on what you need:
Again, you must assess your constraints and requirements but it may be an option to have a new FLASH area protected by Secure User Memory.
This means you need to update the memory mapping accordingly and beware of not breaking some protections.
2022-07-04 11:00 PM
Thanks @Fred for reply.
Yes i agree the risk of WRP protection won't be there, but at least i felt, we can avoid illegal application access.
2022-07-13 11:00 PM
@Fred I cam to know that is the Metadata Header also signed ??
Step 1: Compute HASH of Firmware application and Sign with ECC.
Step 2: Store this Signature in Metadata Header.
Step 3: Then fill remaining Header fill with '0's.
Step 4: Then Sign Metadata Header as well ?? If it is, can we verify with same Public Key ??
Can you please clarify on stages of signing involved in SBSFU, without Firmware encryption ??
2022-07-18 04:26 AM
@Fred Can you reply for the above ??
2022-08-01 01:51 AM
Hi,
sorry for the late reply, I was on holidays.
The crypto scheme is like this:
2022-08-01 02:16 AM
@Fred Thank you very much for reply.
By default is this is the signing mechanism we follow or Do we configure to SIGN alone metadata header with SHA256 of Metadata Header.??
Looks to me, we compute SHA256 of Firmware, add this TAG in metadata header and sign Metadata header from example. is this correct ??
2022-09-01 10:05 AM
Hello,
This is correct. This is the signing mechanism followed by the software.
Both tags are checked during the update: