Skip to main content
EViei.1
EViei.1
Visitor II
April 16, 2021
Question

Determine the padding to save the firmware SHA256 using STM32F746GDISCOVERY to verify integrity

  • April 16, 2021
  • 1 reply
  • 1138 views

I am trying to implement a firmware integrity check using the Cryptographic Library (X-CUBE-CRYPTOLIB) for this I have to calculate the SHA256 checksum and then determine the padding and include it in the binary that I will upload to the board.

I've been watching STM's mooc Security part 4

https://www.youtube.com/watch?v=RahlfYJ1gDs&list=PLnMKNibPkDnF0wt-ZI74SflnsBV4yKzkO&index=7

And in the lab they do the verification for a stm32g0. The problem is that I do not know how to determine the size of the firmware, in the laboratory they use the page size but on my board the flash memory has blocks of different sizes:

0693W000008znA9QAI.png 

I also have an external memory to which I also want to make the SHA256 calculation. This memory consists of 256 blocks of 64k (These are all the same size).

0693W000008znBWQAY.png0693W000008znBlQAI.pngAnother difficulty I have is that the hex file covers two sectors (internal and external flash) so I don't know whether to put the internal and external hashes separately (just after the FW zone hit).

This topic has been closed for replies.

1 reply

Jocelyn RICARD
Jocelyn RICARD
ST Employee
May 4, 2021

Hello,

You must find a way to compute your firmware size. Either in one part or 2 parts.

There is no padding needed to compute a hash, and no relation with sector size.

Now, if you want to be sure no code will be injected in spare parts of the flash, you can compute the hash on the whole memory, but this will take much longer to check at boot time.

Best regards

Jocelyn

Terms & ConditionsAccessibility statement