Skip to main content
KKupf.1
KKupf.1
Visitor II
November 26, 2021
Question

Writing and locking the Boot Hardware Key using the B-U585I-IOT02A discovery kit

  • November 26, 2021
  • 1 reply
  • 831 views

Hi all,

I’m trying to find out when the Boot Hardware Key (BHK) is exactly written and locked (using the B-U585I-IOT02A discovery kit).

The reference manual (RM0456, page 1513) just says that it is „written by a secure code during boot“.

So I modified an example project where the TrustZone is enabled and assumed that it boots in secure mode and the key is written. I then tried to read out the key and to use it to encrypt data with the SAES module but this didn’t work. So I assume that the key wasn’t written yet. Is there anything else I have to do that the BHK is written during boot or do I have to generate the BHK with my own code? What is meant with secure boot exactly?

Best regards,

Kathrin

This topic has been closed for replies.

1 reply

Amel NASRI
Amel NASRI
Technical Moderator
December 9, 2021

Hi @KKupf.1​ ,

While I'm not an expert on this area, I'll try to provide some hints. That may be helpful for you to find an answer.

If I refer to RM0456, there is a KEYSEL bitfield in SAES control register.

You need to check which key was selected in your case.

If you would like to understand more about Secure Boot mainly and Secure features generally, I suggest you the following references:

If you still don't find the answer to your questions, please keep me updated on the current status of your request (if possible with more precise questions) so that I can look for answers with the help of our experts.

-Amel

To give better visibility on the answered topics, please click on Accept as Solution on the reply which solved your issue or answered your question.
Terms & ConditionsAccessibility statement