cancel
Showing results for 
Search instead for 
Did you mean: 

STM32H750 User data in secure flash

i2399
Associate III

Hello,

I am using X-CUBE SBSFU for an application running on STM32H750 mcu.

The user application is running from QSPI, and I want to encrypt/decrypt some data that will be stored into an external EEPROM.
To do this I would like to use an AES algorithm and I would like to store the crypto key in a secure area.
In this regard it is not clear to me whether it is possible to store selected data/code in secure flash that can be accessed through the call gate feature by the user application.

I will use encrypted firmware update, so it would also be fine to access the firmware encryption AES private key or encryption functions using that key.

Thanks to anyone who could help me to put some light on this topic,

Ivan

1 ACCEPTED SOLUTION

Accepted Solutions
Bubbles
ST Employee

hi @i2399,

the secure call gate is really a call gate and unless the code residing behind the gate doesn't provide the data, it cannot be retrieved using the gate. I'd probably hide behind the gate in the secure memory the whole AES code accessing that EEPROM, so the key would never be exposed out of the secure area.

BR,

J

To give better visibility on the answered topics, please click on Accept as Solution on the reply which solved your issue or answered your question.

View solution in original post

3 REPLIES 3
Bubbles
ST Employee

hi @i2399,

the secure call gate is really a call gate and unless the code residing behind the gate doesn't provide the data, it cannot be retrieved using the gate. I'd probably hide behind the gate in the secure memory the whole AES code accessing that EEPROM, so the key would never be exposed out of the secure area.

BR,

J

To give better visibility on the answered topics, please click on Accept as Solution on the reply which solved your issue or answered your question.

Hi Bubbles,

thanks for your reply and suggestions.
The reference user application code in X-CUBE SBSFU examples is in the file se_user_code.c and its dependencies, is that correct?

Ivan

Hi @i2399 ,

yes, I remind the UM2262 section I.3 is the detailed description.

BR.

J

To give better visibility on the answered topics, please click on Accept as Solution on the reply which solved your issue or answered your question.