Registered User mNo edit summary Tag: 2017 source edit |
Registered User m (Flash changed to flash memory (lower case)) |
||
| (One intermediate revision by one other user not shown) | |||
| Line 1: | Line 1: | ||
== What is SFIx == | == What is SFIx == | ||
The OEM product can embed external flash memory additionally to STM32 internal flash memory.<br> | |||
OEM product can embed external | The SFIx solution provides security when programming STM32 devices and external flash memory in a nontrusted facility owned by a Contract Manufacturer (CM).<br> | ||
The SFIx solution provides security when programming STM32 devices and external | The SFIx solution is the same solution as the [[Security: SFI |SFI]] solution, which also allows the external flash memory programming. | ||
The SFIx solution is the same solution as the [[Security: SFI |SFI]] solution, | |||
{{Info| For details on SFIx, please refer to [https://www.st.com/resource/en/application_note/dm00355688-overview-secure-firmware-install-sfi-stmicroelectronics.pdf AN4992] STM32 MCUs secure firmware install (SFI) overview}} | {{Info| For details on SFIx, please refer to [https://www.st.com/resource/en/application_note/dm00355688-overview-secure-firmware-install-sfi-stmicroelectronics.pdf AN4992] STM32 MCUs secure firmware install (SFI) overview}} | ||
== External | == External flash memory programming principle == | ||
The OEM external | The OEM external flash memory content must be encrypted to ensure the OEM data confidentiality. | ||
External | External flash memory crypto is handled by the OTFDEC peripheral. This peripheral can encrypt firmware and data in the device. It can above all decrypt on-the-fly external firmware and data stored in external flash memory connected to STM32 microcontrollers through the OCTOSPI interface. The OTFDEC can handle up to four regions of external flash memory, each one with its own dedicated key. The OTFDEC uses standard AES CTR 128-bit algorithm for encryption and decryption operations. Refer to the OTFDEC section of the STM32 microcontroller reference manual to get more insight. | ||
The STM32 receives encrypted external firmware, decrypts them with the SFI OEM key, and re-encrypts them with an external | The STM32 receives encrypted external firmware, decrypts them with the SFI OEM key, and re-encrypts them with an external flash memory AES key common to all devices to be programmed or with a unique external flash memory AES key per device.<br> | ||
The STM32 stores the encryption result within SRAM. <br> | The STM32 stores the encryption result within SRAM. <br> | ||
Then the STM32 (external flash memory loader) takes the previous result and | Then the STM32 (external flash memory loader) takes the previous result and programs it within the external flash memory.<br> | ||
{{Warning | The external | {{Warning | The external flash memory programming is under the responsibility of OEM, meaning that OEM must use an external flash memory loader that fits its external flash memory specificities.<br> | ||
ST does not provide such external | ST does not provide such external flash memory loader, except for demonstration purpose on ST boards supporting external flash memory.<br>}} | ||
<br> | <br> | ||
| Line 26: | Line 25: | ||
<br> | <br> | ||
{{Info | The SFIx cannot handle internal | {{Info | The SFIx cannot handle internal flash memory in a first sequence and external in a separate independent one: when SFIx handles external firmware, it must first handle internal firmware that in turn enable the decryption at runtime of the external firmware.<br> | ||
Thus, the internal | Thus, the internal flash firmware must enable the read/fetch of data/code within the external flash memory, using the OTFDEC and the OCTOSPI peripherals.}} | ||
== External | == External flash memory encryption with global key == | ||
This section focuses on the external | This section focuses on the external flash memory AES key common to all devices. | ||
In this case, the external | In this case, the external flash memory AES key is provided by the OEM and is programmed in the STM32 through the SFIx. | ||
<br> | <br> | ||
| Line 38: | Line 37: | ||
[[File:SFIx global key overview.png|700px|center]] | [[File:SFIx global key overview.png|700px|center]] | ||
== External | == External flash memory encryption with chip unique key == | ||
This section focuses on the external | This section focuses on the external flash memory AES key unique per chip. | ||
In this case, the OEM requests the STM32, | In this case, the OEM requests the STM32, through the SFIx procedure, to generate the external flash memory AES key and to program it at a given address in the STM32. | ||
<br> | <br> | ||
Latest revision as of 11:25, 14 March 2025
1. What is SFIx
The OEM product can embed external flash memory additionally to STM32 internal flash memory.
The SFIx solution provides security when programming STM32 devices and external flash memory in a nontrusted facility owned by a Contract Manufacturer (CM).
The SFIx solution is the same solution as the SFI solution, which also allows the external flash memory programming.
2. External flash memory programming principle
The OEM external flash memory content must be encrypted to ensure the OEM data confidentiality.
External flash memory crypto is handled by the OTFDEC peripheral. This peripheral can encrypt firmware and data in the device. It can above all decrypt on-the-fly external firmware and data stored in external flash memory connected to STM32 microcontrollers through the OCTOSPI interface. The OTFDEC can handle up to four regions of external flash memory, each one with its own dedicated key. The OTFDEC uses standard AES CTR 128-bit algorithm for encryption and decryption operations. Refer to the OTFDEC section of the STM32 microcontroller reference manual to get more insight.
The STM32 receives encrypted external firmware, decrypts them with the SFI OEM key, and re-encrypts them with an external flash memory AES key common to all devices to be programmed or with a unique external flash memory AES key per device.
The STM32 stores the encryption result within SRAM.
Then the STM32 (external flash memory loader) takes the previous result and programs it within the external flash memory.
3. External flash memory encryption with global key
This section focuses on the external flash memory AES key common to all devices. In this case, the external flash memory AES key is provided by the OEM and is programmed in the STM32 through the SFIx.
4. External flash memory encryption with chip unique key
This section focuses on the external flash memory AES key unique per chip. In this case, the OEM requests the STM32, through the SFIx procedure, to generate the external flash memory AES key and to program it at a given address in the STM32.
5. References