FAQs
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

STM32H7Sx - How many 256-bit AHKs can be stored in option byte keys for a given HDPL?

Eliasvan
Associate II

‎2025-09-22 3:51 AM - edited ‎2025-09-22 4:02 AM

Dear,

For a given HDPL, how many 256-bit AHKs (Application Hardware Keys) can be stored in the option byte keys?
And how many of those are:

  • only usable by SAES?
  • usable by software?

The reference manual states the following:

  • 5.2 FLASH main features:
    "Up to 1 Kbyte of protected non-volatile option byte keys, readable either by software or
    usable as a secret AES key through SAES peripheral (as AHK keys)"
    • It is unclear whether this is for just one HDPL, or whether this is a grand total comprising all three HDPLs that support option byte key storage (HDPL0, HDPL1, HDPL2).
      Suppose it is for just one HDPL, then this would be able to store 32 (= 1 K byte * (8 bit / byte) / 256 bit) 256-bit AHKs. This seems to be a reasonable assumption since if it were for all three HDPLs, this number would have to be divisible by 3, which it is not (32/3 = ~10.667).
  • 5.9.18 FLASH option byte key control register (FLASH_OBKCR):
    "OBKSIZE[1:0]: Option byte key size
    Application must use this bitfield to specify how many bits must be used for the new key.
    Embedded flash ignores OBKSIZE during read of option keys because size is stored with the
    key.
    00: Key size is 32 bits
    01: Key size is 64 bits
    10: Key size is 128 bits
    11: Key size is 256 bits"
    "OBKINDEX[4:0]: Option byte key index
    This bitfield represents the index of the option byte key in a given hide protection level.
    Reading keys with index lower that 8, the value is not be available in OBKDRx registers. It is
    instead sent directly to SAES peripheral. All others keys can be read using OBKDRx registers.
    Up to 32 keys can be provisioned per hide protection level (0, 1 or 2), provided there is enough
    space left in the flash to store them."
    • The underlined text seems to suggest that 32 keys is an upper bound and that this amount would be lower if the key size is higher.
      This means the upper bound of 32 keys would correspond with the lower bound of the key size, being 32 bits. The total number of key bits per HDPL would then be 1024 bits (= 32 keys * 32 bit/key) or 128 bytes (= 1024 bit / (8 bit / byte)). Hence, only 4 256-bit keys (= 1024 bit / (256 bit / key)) would be able to be stored per HDPL, which contradicts the number 32 calculated in the assumption of section 5.2.
Labels:
0 Kudos
0 REPLIES 0
Top