Hi,
I have a question regarding STiRoT provisioning on the STM32H573.
As I understand, during the Secure Boot provisioning process, the public key hash is injected into the OBKeys area of the device to establish the root of trust. However, I would like to clarify where the original public key itself is stored and how it is handled during runtime verification.
Based on our current design, we are planning the following approach:
The firmware image is signed using our own external HSM, not STM32HSM.
The corresponding public key hash is provisioned into the device OBKeys during manufacturing.
At boot time, STiRoT checks that the public key contained in the firmware image matches the provisioned public key hash, and then uses that public key to verify the firmware signature.
From this perspective, our understanding is that the device does not store the full public key in its internal non-volatile memory (e.g., OBKeys or other secure areas), but instead relies on the provisioned public key hash in OBKeys as the trust anchor, while the actual public key is included in the firmware image and validated against the stored hash before being used for signature verification.
Additionally, in AN6007, Section 5 “Images generation,” our assumption is that the “authentication keys” defined in the STiRoT_Code_Init_Image.xml correspond to this public key used for verification.
Could you please confirm if this understanding is correct?
Also, could you provide any official documentation or reference materials that describe how the public key is stored and used in this process?
Thanks in advance for your support.
Best regards,
Redblue
