2022-05-04 01:09 AM
What are the STM32 MCUs, support KMS middleware feature ??
is STM32H753VI supported this KMS feature ??
If NO, is there any way STM32H7 can generate Pair of Keys on the fly during run time to create Self Device Certificate ??
2022-05-04 01:38 AM
KMS was mainly thought for IoT use-cases so we provide it on our "IoT kits":
But you can port it to another board if you want.
In your case (H7), please remember that we enable the secure user memory so there is no secure runtime service.
2022-05-04 01:45 AM
@Fred Thanks for quick reply.
So, on H7, we plan to enable Secure Memory, once jump to application, No Access to Secure Services. That's right, it is clear to me.
But, do we have any other suggestions to generate pair of keys on STM32H753VI during run time ?? like with help of STSAFE-A110 ?? Any views on this ??
2022-05-04 01:50 AM
You need to analyze your requirements and determine the security level you need.
You may have an isolated piece of code in H7 by using MPU but with the limit that only Cortex-M accesses are controlled.
STSAFE-A110 can indeed bring benefits like generating a key:
https://www.st.com/resource/en/datasheet/stsafe-a110.pdf
But, you will have to handle a secure I2C channel, so you will need to protect the pairing keys on STM32 side.