FAQs
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

is ACTIVE SLOT Header protected ??

Go to solution
SPati.7
Associate III

‎2022-06-27 05:40 AM

From SBSFU examples, with default SECUSER memory setting except reading from OB registers, it is only protecting SBSFU area alone.

Are we need to protect SBSFU + ACT_SLOT HEADER (1024 Bytes for H7) area as well right ??

So what is your recommendation on protection of HEADER ??

Labels:
0 Kudos
17 REPLIES 17
Go to solution
SPati.7
Associate III
In response to Fred

‎2022-07-04 01:07 AM

@Fred​ Are we replacing ACT SLOT Header with DNLD_SLOT HEADER on swapping of ACT and DNLD Slots ??

If we are swapping headers as well, we are loosing last IMAGE STATE right ??

Also, i need your one suggestion on storing of persistent information on FLASH. is it possible to PUSH ACT SLOT HEADER for 1KB down and use this for persistent storage and protected with SECURE USER MEMORY ??

0 Kudos
Go to solution
Fred
ST Employee
In response to Fred

‎2022-07-04 08:01 AM

Yes, if you update the software, then you update the header, that's true.

And it makes sense to loose the image state because it is a new software you need to validate again.

There are several ways to store persistent information, so it depends on what you need:

  • backup registers can be convenient as they persist over power down if you have Vbat and they can be erased when a tamper is detected
  • FLASH is of course nice but you must be out of the WRP area.

Again, you must assess your constraints and requirements but it may be an option to have a new FLASH area protected by Secure User Memory.

This means you need to update the memory mapping accordingly and beware of not breaking some protections.

0 Kudos
Go to solution
SPati.7
Associate III
In response to Fred

‎2022-07-04 11:00 PM

Thanks @Fred​ for reply.

Yes i agree the risk of WRP protection won't be there, but at least i felt, we can avoid illegal application access.

0 Kudos
Go to solution
SPati.7
Associate III
In response to Fred

‎2022-07-13 11:00 PM

@Fred​  I cam to know that is the Metadata Header also signed ??

Step 1: Compute HASH of Firmware application and Sign with ECC.

Step 2: Store this Signature in Metadata Header.

Step 3: Then fill remaining Header fill with '0's.

Step 4: Then Sign Metadata Header as well ?? If it is, can we verify with same Public Key ??

Can you please clarify on stages of signing involved in SBSFU, without Firmware encryption ??

0 Kudos
Go to solution
SPati.7
Associate III
In response to Fred

‎2022-07-18 04:26 AM

@Fred​  Can you reply for the above ??

0 Kudos
Go to solution
Fred
ST Employee

‎2022-08-01 01:51 AM

Hi,

sorry for the late reply, I was on holidays.

The crypto scheme is like this:

0693W00000QMal1QAD.png

0 Kudos
Go to solution
SPati.7
Associate III
In response to Fred

‎2022-08-01 02:16 AM

@Fred​  Thank you very much for reply.

By default is this is the signing mechanism we follow or Do we configure to SIGN alone metadata header with SHA256 of Metadata Header.??

Looks to me, we compute SHA256 of Firmware, add this TAG in metadata header and sign Metadata header from example. is this correct ??

0 Kudos
Go to solution
Rejane Durand
Associate II

‎2022-09-01 10:05 AM

Hello,

This is correct. This is the signing mechanism followed by the software.

Both tags are checked during the update:

0693W00000SuJmrQAF.jpg 

0 Kudos
Top