How to start with SFI on STM32H5 with Secure Manager

Revision as of 11:59, 2 August 2023 by Registered User (→‎Firmware install)
This message will disappear after all relevant tasks have been resolved.
Semantic MediaWiki
There are 1 incomplete or pending task to finish installation of Semantic MediaWiki. An administrator or user with sufficient rights can complete it. This should be done before adding new data to avoid inconsistencies.

under construction

1. Environment setup

1.1. HW

1.1.1. Board setup

Info white.png Information
This page describes how to use SFI on STM32H573_DK MB1677 board and all screenshots and CLI commands have been token using STM32H735G-DK board.

To set up the hardware environment, STM32H573_DK MB1677 board shall be connected to a personal computer via a USB cable. This connection with the PC allows the user:

  • Programming the STM32TRUSTEE SM package in the board.
  • Interacting with the board via a UART console
  • Debugging Integrator’s non-secure application when STM32TRUSTEE Integrator’s configuration enables it.

The boot pin shall be forced to user Flash via the switch SW1.

Board setup.jpg

1.2. SW

1.2.1. Install STM32CubeH5 SW Package

Clock.png5min

  • Download[1] STM32Cube MCU Package for STM32H5 series
  • Register on www.st.com web site if necessary
  • Unzip the downloaded file

STM32CubeH5 SW Package is now installed on your computer.

This package provides scripts used to run STM32TRUSTEE SM installation using STM32CubeProgrammer.

1.2.2. Install X-CUBE-SEC-M-H5 SW package

Clock.png5min

  • Download X-CUBE-SEC-M-H5[2] STM32Cube Expansion Package STM32TRUSTEE-SM for STM32H5 series
  • Register on www.st.com web site if necessary
  • Unzip the downloaded files and copy them within the installation directory of the STM32CubeH5 SW package.

X-CUBE-SEC-M-H5 SW package is now installed on your computer.

This package delivers STM32TRUSTEE SM.

1.3. Tools

1.3.1. Install STM32CubeProgrammer and STM32TrustedPackageCreator

Clock.png5min

STM32CubeProgrammer (STM32CubeProg) is an all-in-one multi-OS software tool for programming STM32 products. STM32CubeProgrammer provides an easy-to-use and efficient environment for reading, writing, and verifying device memory through both the debug interface (JTAG and SWD) and the bootloader interface (UART, USB DFU, I2C, SPI, and CAN).

STM32TrustedPackageCreator is part of the STM32CubeProgrammer toolset and allows the generation of secure firmware and modules to be used for STM32 secure programming solutions.

  1. Download the latest version of STM32CubeProgrammer[3] Software programming tool for STM32
Security Download STM32CubePROG.png


  1. Unzip the downloaded file and launch the SetupSTM32CubeProgrammer-xxx.exe corresponding to your OS, and follow the instructions.

Make sure to select STM32TrustedPackageCreator add-on during the installation of STM32CubeProgrammer

Security TrustedPackageCreator.png


STM32CubeProgrammer and STM32TrustedPackageCreator are now installed on your computer.

Warning white.png Warning
Make sure to have the folder including 'STM32_Programmer_CLI.exe' and 'STM32TrustedPackageCreator_CLI.exe' in your PATH.
  • Typical path in Windows: C:\Program Files\STMicroelectronics\STM32Cube\STM32CubeProgrammer\bin
  • Advise: right click on the STM32TrustedPackageCreator.exe file in this path and select "Pin to taskbar" to have a quick access to the tool

1.3.2. Terminal emulator

A terminal emulator software is needed to run the non-secure application. It allows to display some information to understand operations done by the embedded applications and it allows to interact with the non-secure application in order to trig some operations. The example in this document is based on Tera Term, an open source free software terminal emulator that can be downloaded from the https://osdn.net/projects/ttssh2/ webpage. Any other similar tool can be used instead (Ymodem protocol support is required).

2. Development @ OEM: Firmware creation

The purpose of the SFI service is to securely install the OEM Firmware developed with STM32TRUSTEE.
So, in order to use this SFI service, the OEM Firmware must be created with SMAK.

3. Secure Room @ OEM: SFI package generation and HSM provisioning

3.1. SFI package generation

OEM must end the non-secure application development with SMAK production preparation phase.

SMAK production preparation phase outputs:

  • SFI image (.sfi)
  • SFI image encryption AES key + nonce
  • Module:
    • Module configuration (.mcsv)
    • Module global license or module encryption AES key + nonce

3.2. HSM programming

inputs :

  • SFI image encryption AES key + nonce
  • Module encryption AES key + nonce

Clock.png10min

To program the HSM, you can follow the same steps described in this section of the SFI article using the STM32H573_DK MB1677 board: HSM programming.

After programming the HSM, it is now ready to be shipped to the CM together with the SFI package created before.

4. Manufacturing @ CM: Secure Firmware Installation

Clock.png6min

In this step, the CM receives from the OEM the HSM card provisioned with the secret key and initialized with a max counter of licenses, the .sfi package to be installed and optionnaly module info (.mcsv & global license).

The SFI process could be performed through a regular JTAG/SWD interface or the system bootloader interface (you can refer to AN2606 for details on the supported interface for each microcontroller).
The following section covers JTAG/SWD and system bootloader interface - each section includes the following sections:

  • Hardware connection
  • Target initial state
  • Secure Firmware Install


4.1. Hardware connection

See §1.1.1.

4.2. Target initial state

The target shall be in OPEN product state.
If it is not the case, a DA full regression shall be performed.
After this step, the device is ready for the SFI process.

4.3. Firmware install

This command starts the SFI process and proceeds with the installation. 

STM32_Programmer_CLI.exe -log .\sfi.log -c port=SWD mode=HOTPLUG -sfi .\image.sfi hsm=1 slot=1 -rsse C:\Program Files\STMicroelectronics\STM32Cube\STM32CubeProgrammer\bin\RSSe\H5\enc_signed_RSSe_SFI_STM32H5_v2.0.0.0.bin -mcsv .\module.mcsv
Info white.png Information
You can refer to AN5054 for details on hsm and slot parameters.

You can check the log of the process saved in the file sfi.log:

      -------------------------------------------------------------------
                       STM32CubeProgrammer v2.14.0
      -------------------------------------------------------------------
 
 ST-LINK SN  : 003600374D46501220383832
 ST-LINK FW  : V3J10M3
 Board       : STM32H573I-DK
 Voltage     : 3.29V
 SWD freq    : 8000 KHz
 Connect mode: Hot Plug
 Reset mode  : Software reset
 Device ID   : 0x484
 Revision ID : --
 Device name : STM32H5xx
 Flash size  : 2 MBytes
 Device type : MCU
 Device CPU  : Cortex-M33
 BL Version  : 0xE4
 SFSP Version: v2.4.0
 
  Protocol Information         : static
 
  SFI File Information         :
 
     SFI file path             : .\image.sfi
     SFI license file path     : .\HSM_License_V1.bin
     SFI header information    :
         SFI protocol version        : 2
         SFI total number of areas   : 11
         SFI image version           : 0
     SFI Areas information     :
 
     Parsing Area 1/11    :
         Area type                   : H
         Area size                   : 16
         Area destination address    : 0x0
 
     Parsing Area 2/11    :
         Area type                   : O
         Area size                   : 112
         Area destination address    : 0xFFD0100
 
     Parsing Area 3/11    :
         Area type                   : O
         Area size                   : 272
         Area destination address    : 0xFFD0200
 
     Parsing Area 4/11    :
         Area type                   : O
         Area size                   : 192
         Area destination address    : 0xFFD09D0
 
     Parsing Area 5/11    :
         Area type                   : O
         Area size                   : 112
         Area destination address    : 0xFFD0A80
 
     Parsing Area 6/11    :
         Area type                   : S
         Area size                   : 102952
         Area destination address    : 0x0
 
     Parsing Area 7/11    :
         Area type                   : S
         Area size                   : 99350
         Area destination address    : 0x0
 
     Parsing Area 8/11    :
         Area type                   : F
         Area size                   : 5744
         Area destination address    : 0x8100000
 
     Parsing Area 9/11    :
         Area type                   : K
         Area size                   : 16
         Area destination address    : 0x0
 
     Parsing Area 10/11    :
         Area type                   : m
         Area size                   : 131072
         Area destination address    : 0x8172000
 
     Parsing Area 11/11    :
         Area type                   : C
         Area size                   : 48
         Area destination address    : 0x0
 
 Warning: Option Byte: BOOT_UBE, value: 0xB4, was not modified.
 Warning: Option Bytes are unchanged, Data won't be downloaded
 Time elapsed during option Bytes configuration: 00:00:00.002
 
 Reconnecting...
 Reconnected !
 
 Reconnecting...
 Reconnected !
 Time elapsed during option Bytes configuration: 00:00:02.442
 ST-LINK SN  : 003600374D46501220383832
 ST-LINK FW  : V3J10M3
 Board       : STM32H573I-DK
 Voltage     : 3.29V
 SWD freq    : 8000 KHz
 Connect mode: Hot Plug
 Reset mode  : Software reset
 Device ID   : 0x484
 Revision ID : --
 Warning: Option Byte: SECBOOT_LOCK, value: 0xC3, was not modified.
 Warning: Option Bytes are unchanged, Data won't be downloaded
 Time elapsed during option Bytes configuration: 00:00:00.004
 Warning: Option Byte: SECBOOTADD, value: 0xC0000, was not modified.
 Warning: Option Byte: SECWM1_END, value: 0x7F, was not modified.
 Warning: Option Byte: SECWM1_STRT, value: 0x0, was not modified.
 Warning: Option Byte: SECWM2_END, value: 0x7F, was not modified.
 Warning: Option Byte: SECWM2_STRT, value: 0x0, was not modified.
 Warning: Option Byte: SRAM1_3_RST, value: 0x1, was not modified.
 
 Reconnecting...
 Reconnected !
 Time elapsed during option Bytes configuration: 00:00:01.253
 ST-LINK SN  : 003600374D46501220383832
 ST-LINK FW  : V3J10M3
 Board       : STM32H573I-DK
 Voltage     : 3.29V
 SWD freq    : 8000 KHz
 Connect mode: Hot Plug
 Reset mode  : Software reset
 Device ID   : 0x484
 Revision ID : --
 
 Reconnecting...
 Reconnected !
 
 Reconnecting...
 Reconnected !
 Time elapsed during option Bytes configuration: 00:00:02.884
 ST-LINK SN  : 003600374D46501220383832
 ST-LINK FW  : V3J10M3
 Board       : STM32H573I-DK
 Voltage     : 3.29V
 SWD freq    : 8000 KHz
 Connect mode: Hot Plug
 Reset mode  : Software reset
 Device ID   : 0x484
 Revision ID : --
 Installing RSSe
 
 Memory Programming ...
 Opening and parsing file: enc_signed_RSSe_SFI_STM32H5_v2.0.0.0.bin
   File          : enc_signed_RSSe_SFI_STM32H5_v2.0.0.0.bin
   Size          : 53.81 KB
   Address       : 0x20054100
 
 Erasing memory corresponding to segment 0:
 Download in Progress:
 
 File download complete
 Time elapsed during download operation: 00:00:00.134
 
 MCU Reset
 ST-LINK SN  : 003600374D46501220383832
 ST-LINK FW  : V3J10M3
 Board       : STM32H573I-DK
 Voltage     : 3.29V
 SWD freq    : 8000 KHz
 Connect mode: Hot Plug
 Reset mode  : Software reset
 Device ID   : 0x484
 Revision ID : --
 Get RSSe status...
 
 RSS version = 2.2.0
  
 RSSe version = 2.0.0
 
 Starting SFI
 
 Processing license...
 Get RSSe status...
 Processing Image Header
 Get RSSe status...
 Processing Area 1...
 Get RSSe status...
 Area Address = 0x0
 Area Type    = H
 Processing Area 2...
 Get RSSe status...
 Area Address = 0xFFD0100
 Area Type    = O
 Processing Area 3...
 Get RSSe status...
 Area Address = 0xFFD0200
 Area Type    = O
 Processing Area 4...
 Get RSSe status...
 Area Address = 0xFFD09D0
 Area Type    = O
 Processing Area 5...
 Get RSSe status...
 Area Address = 0xFFD0A80
 Area Type    = O
 Processing Area 6...
 Get RSSe status...
 Area Address = 0x0
 Area Type    = S
 Processing Area 7...
 Get RSSe status...
 Area Address = 0x0
 Area Type    = S
 Processing Area 8...
 Get RSSe status...
 Area Address = 0x8100000
 Area Type    = F
 Processing Area 9...
 Get RSSe status...
 Area Address = 0x0
 Area Type    = K
  
 MCSV file parsing...
 Total modules number: 1
    +  Module number : [0]
           Name      : .\module.smu
           Type      : Global license
           Size      : 128.00 KB
           Address   : 0x08172000
 
 Prepare module payload with license data...
 Processing Area 10...
 Get RSSe status...
 Area Address = 0x8172000
 Area Type    = m
 Processing Area 11...
 Can not verify last area
 Area Address = 0x0
 Area Type    = C
 SFI Process Finished!
 SFI file .\image.sfi Install Operation Success
  
 Time elapsed during SFI install operation: 00:00:18.984

After the installation of the multiple chunks of the code, the SFI process completes successfully.
At this step, the device is programmed with the Secure Manager and OEM non-secure application.

4.4. Troubleshooting

In case of failure, you can check sfi.log and run the \STM32Cube_FW_H5\Firmware\Projects\STM32H573I-DK\ROT_Provisioning\DA\regression.bat.

  1. STM32CubeH5
  2. STM32CubeH5
  3. STM32CubeProgrammer
Retrieved from "https://wiki.st.com/stm32mcu/index.php?title=Security:How_to_start_with_SFI_on_STM32H5_with_Secure_Manager&oldid=37901"
No categories assignedEdit