FAQs
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Maximum size of encrypted code that can be kept for OTFDEC ?! STM32L562QE

Go to solution
VNara.1
Associate II

‎2021-03-02 08:30 PM

I have external flash of size 1MB. I want to explore the possibility of having encrypted code of size 500kb in external memory and run it through OTFDEC feature of STM32L562QE.

From the reference manual I saw that provision of 4 different OTFDEC regions is given ( 4 different portions in external flash with 4 different crypto keys if required). My use case is I just want a single key to encrypt whole of my code thus defining a OTFDEC region of size 500kb (is it feasible ?? )

The following was also provided in the manual :

Granularity for the region determination is 4096 bytes.

 

Note:Although OTFDEC does not prevent region overlapping it is not a valid programming and it should be avoided by application software.

 

OTFDEC can decrypt incremental or wrap bursts only if they do not cross the 4096-byte aligned address boundaries.

Does above statements have any impact in my use case ? how should I handle this ? Can some one guide please

Labels:
0 Kudos
1 ACCEPTED SOLUTION

Accepted Solutions
Go to solution
Patrice LF
ST Employee
In response to VNara.1

‎2021-03-19 12:38 AM

​Hello

The 4096-byte aligned address boundary rule is related to the end of a region (ie. the boundary) so that not to attempt to decrypt a word that overlaps over two regions, of course any decryption inside the region whatever the size is possible.

In your case, you may define a single region as long as access properties are identical for all your object files.

Patrice

View solution in original post

0 Kudos
4 REPLIES 4
Go to solution
Imen.D
ST Employee

‎2021-03-09 01:49 AM

Hello @VNara.1​ ,

As defined in the STM32L5 RM0351, the maximum size of an OTFDEC region is 2^28 = 256 Mbytes (28-bits significant (4 MSB are ignored)), so either you create a single region covering this 256Mbytes to put 500KB code or you create a region limited to 500KB (ie. size of 0x7D000) such as

OTFDEC_R0STARTADDR=external memory start address  / OTFDEC_R0ENDADDR= external memory start address + 0x7CFFF

Note that if 4 regions may be declared, they may all use the same key .. so only access properties may differ between regions

Overlap is to be avoided at user application level when defining region start/end address. However in case of overlap, the OTFDEC peripheral applies the following rule : access properties associated with region X will take over the properties of region X+1 for the overlapping memory part.

I hope that my answer brings some help to you.

Please mark my answer as best by clicking on the "Select as Best" button if it fully answered your question. This will help other users find this solution more quickly.

Imen

When your question is answered, please close this topic by clicking "Accept as Solution".
Thanks
Imen
0 Kudos
Go to solution
VNara.1
Associate II
In response to Imen.D

‎2021-03-09 09:46 PM

Hello @Imen DAHMEN​ 

Thanks for the prompt response. I now get clear with one part of my question , that I can have the OTFDEC region as big as 256Mb which is more than my use case (of 500 kb).

The other part which I have asked in the question is , should I also make sure that the overlapping should not happen across 4kb boundaries ?

Meaning, if I have 5 object files A.o with size 3.9 kb , B.o with size 1 kb , C.o with size 7 kb , D.o with size 8kb and E.o with size 500 bytes.

I now have allocated 25 Kb in my OTFDEC region 1

I place the object files one after the other -> A.o followed by B.o followed by c.o followed by D.o and then the E.o

In the reference manual it has been specified that

OTFDEC can decrypt incremental or wrap bursts only if they do not cross the 4096-byte aligned address boundaries.

My question now is,

Should I place A.o in the 1st 4kb and B.o in the 2nd 4kb address ?? because placing B.o right at the end of A.o will cause overlapping across the 4kb region ??

If that is the case, how can I place files that are more than 4kb, like that of C.o ??

Or am I confusion with 4kb stuff ?? Kindly clarify.. !!

0 Kudos
Go to solution
Patrice LF
ST Employee
In response to VNara.1

‎2021-03-19 12:38 AM

​Hello

The 4096-byte aligned address boundary rule is related to the end of a region (ie. the boundary) so that not to attempt to decrypt a word that overlaps over two regions, of course any decryption inside the region whatever the size is possible.

In your case, you may define a single region as long as access properties are identical for all your object files.

Patrice

0 Kudos
Go to solution
VNara.1
Associate II

‎2021-03-22 03:58 AM

@Patrice LF​  and @Imen DAHMEN​  Many thanks both. Couldn't select best for both the answers. Best is absolute !

0 Kudos
Top