FAQs
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

SBSFU | B-L4S5I-IOT01 2_Images_KMS port to STM32F756ZGTxx | Problem with nvms_low_level.c

Go to solution
Jakub Standarski
Associate III

‎2024-01-26 07:20 AM - edited ‎2024-01-26 10:33 AM

Hello all,

I've encountered an issue while porting 2_Images_KMS B-L4S5I-IOT01 project onto STM32F756ZGTxx.

My build fails while compiling nvms_low_level.c file:

JakubStandarski_0-1706294008311.png

Source of the issue is FLASH driver for STM32F7, which is different from STM32L4. Do you have maybe some quick fix for it or does it require a bit more tweaking?

Labels:
0 Kudos
1 ACCEPTED SOLUTION

Accepted Solutions
Go to solution
Jocelyn RICARD
ST Employee

‎2024-01-26 10:40 AM

Hi Jakub,

Yes, this is what I mean.

The principle of this Key storage is to be able to have a key store that is isolated from application.

This way, keys and associated crypto are running inside behind the firewall and don't expose secret assets to the application.

Now you may want to benefit from this implementation without the isolation but if you want to be able to provision dynamically a key in the store this will need at least to flash sectors. And minimum flash sector size on this device is 32 KB.

You have more details on KMS in chapter 4 of the UM2262

Best regards

Jocelyn

 

View solution in original post

0 Kudos
4 REPLIES 4
Go to solution
Jocelyn RICARD
ST Employee

‎2024-01-26 10:08 AM

Hello @Jakub Standarski ,

The KMS example is useful only on STM32L4 thanks to the firewall isolation. This key store is not usable on STM32F7 where you have much bigger sectors and no isolation.

Now if you absolutely want to make this porting, you can use the STM32F769 SBSFU example to port the flash driver. It should be much closer to STM32L4

Best regards

Jocelyn

0 Kudos
Go to solution
Jakub Standarski
Associate III

‎2024-01-26 10:14 AM

Huh... This is something I haven't expected.
Do you mean that there is no real value in using KMS under F7 because of hardware limitations?

0 Kudos
Go to solution
Jocelyn RICARD
ST Employee

‎2024-01-26 10:40 AM

Hi Jakub,

Yes, this is what I mean.

The principle of this Key storage is to be able to have a key store that is isolated from application.

This way, keys and associated crypto are running inside behind the firewall and don't expose secret assets to the application.

Now you may want to benefit from this implementation without the isolation but if you want to be able to provision dynamically a key in the store this will need at least to flash sectors. And minimum flash sector size on this device is 32 KB.

You have more details on KMS in chapter 4 of the UM2262

Best regards

Jocelyn

 

0 Kudos
Go to solution
Jakub Standarski
Associate III

‎2024-01-26 10:52 AM

Thank you Jocelyn!
Much appreciated.

0 Kudos
Top