Skip to main content
P
PieterG
Associate III
November 25, 2024
Solved

STM32H562 reading OBK in nonsecure application with TrustZone enabled

  • November 25, 2024
  • 2 replies
  • 1793 views

I am having trouble to get OBK data reading working on the STM32H562 / H563 (which do not support secure storage because they are lacking hardware crypto support).

My plan is to store keys in the OBK area, (encrypted with some storage key of my own) and use HDPL to make sure the application cannot access the bootloader keys.

I am not really using the TrustZone, but I need to enable it in order to get HDPL support.

So my secure application is very small, it configures nonsecure access for GPIO's, most of the flash (apart from the area where the secure application resides), and all IRQ's, then it jumps to my nonsecure bootloader.

When I have TrustZone disabled, I can write and read OBK data like expected.

As soon as I enable TrustZone, I can no longer read OBK data in my nonsecure bootloader or application, instead I'm reading all zeros.

The HDP level matches the area I'm trying to read.

But to be sure I'm trying to read all HDP areas, just in case I'm in an unexpected level.

 

I expect that OBK writing will not work from nonsecure context, because the FLASH_NSOBKCFGR register is only available when TZ_STATE = 0xC3.

But shouldn't OBK reading work?

Perhaps I am overlooking how to configure OBK to be used from nonsecure context?
I did not find any settings to do so.

Best answer by Jocelyn RICARD

Hello @PieterG ,

First if you need encryption of your secure storage, why not using STM32H573 ?

Besides, you don't need TrustZone to be enabled to use HDP levels (or I missed something).

Now, if you enable TrustZone, OBKeys are no more accessible from non secure (even OBK HDPL3 non secure zone)

To access OBKeys you have to create dedicated secure services.

Best regards

Jocelyn

 

2 replies

Jocelyn RICARD
Jocelyn RICARDBest answer
ST Employee
November 25, 2024

Hello @PieterG ,

First if you need encryption of your secure storage, why not using STM32H573 ?

Besides, you don't need TrustZone to be enabled to use HDP levels (or I missed something).

Now, if you enable TrustZone, OBKeys are no more accessible from non secure (even OBK HDPL3 non secure zone)

To access OBKeys you have to create dedicated secure services.

Best regards

Jocelyn

 

    P
    PieterGAuthor
    Associate III
    November 25, 2024

    Thank you for your response Jocelyn.


    We cannot use the STM32H573 in this product because of its condiderably higher BOM price.

    TrustZone is probably not required to have HDP level OBK protection, but it is for flash sector HDP protection:

    PieterG_0-1732558369255.png

    I would prefer not to have to enable TrustZone, but we really need to be able to hide a piece of (bootloader config) flash from the application. That's why we are using this setup with a minimal secure application.

     

    So unfortunately, I understand that having TrustZone enabled means we cannot access the OBK anymore. I'll consider the following options:

    -No longer enable TrustZone, instead hide the bootloader config flash page by encrypting it with a key in OBK area HDPL1, so the application has no way to read it

    (though it can still erase or modify or otherwise corrupt it)

    -provide OBK data through a secure service

    P
    PieterGAuthor
    Associate III
    November 26, 2024

    option 2 to provide OBK data through a secure service turned out to be not a lot of work, so I went for that.

    Since we already had the TrustZone enabled in a minimalistic way, this was the quickest solution.

    Thanks Jocelyn!

    Jocelyn RICARD
    Jocelyn RICARD
    ST Employee
    November 26, 2024

    Hello @PieterG ,

    The extract of Reference Manual you shared is unfortunately a mistake. I will raise the point to have this fixed.

    This error may come from STM32U5 where HDP feature is linked to TrustZone.

    On STM32H5 you can use HDP when TrustZone is disabled.

    You can check here in the wiki for instance. 

    Now, you have found it is easy to create a secure service. So, probably not worth going back.

    What you also gain with TrustZone is the capability to re-open the debugging link using Debug Authentication with certificates which is a nice feature also.

    Best regards

    Jocelyn

      P
      PieterGAuthor
      Associate III
      November 26, 2024

      I have tested with Option Bytes HDPStartSector/HDPEndSector with TrustZone disabled, and I could still access 'hidden' sectors in HDPL3.
      As soon as I enabled TrustZone, it started to work, with the same Option Byte Params.
      I will doublecheck this to make sure.

      P
      PieterGAuthor
      Associate III
      November 27, 2024

      No, you are absolutely right, I just checked this again, and HDPStartSector/HDPEndSector are effectively hiding the specified flash sectors in HDPL2/3 even with TrustZone disabled.

      So HDP works without TrustZone being enabled.

        Terms & ConditionsAccessibility statement