Package Description; Tfm Application Description - ST STM32CubeU5 TFM User Manual

8

Package description

The STM32CubeU5
reference implementation.
• TFM: application with full TF‑M services.
• SBSFU: application with only the Secure Boot and Secure Firmware Update services of the TF‑M.
This document focuses on the TFM application only. Refer to
application.
This section details the TFM application in the STM32CubeU5 MCU Package and the way to use it.
8.1

TFM application description

The main features of the Secure Boot and Secure Firmware Update application are:
• Configurable asymmetric cryptography for image authentication:
– RSA-2048
– RSA-3072
– EC-256
• SHA256 cryptography for image integrity check.
• Retention of a hash reference porting on each image (boot time acceleration).
Image verification consists mainly of computing a hash over the image (integrity check) and then
generating a signature over this hash (authentication check). With this feature, it is possible to avoid the
computation of a signature by reference of its hash that is stored in a fixed location (so-called HASH REF).
This area contains the hash of which the signature has already passed the verification process so that the
next signature verification can be bypassed. This feature is an optimization (under the
MCUBOOT_USE_HASH_REF define) that is applied on each image and is efficient from the second boot.
• AES-CTR cryptography for image encryption, with symmetric key encrypted in RSA-OAEP or ECIES-P256
provided in the image itself. Image encryption is configurable (for example, it can be deactivated).
• Two cryptography modes: Full software cryptography or a mix of software and hardware-accelerated
cryptography to accelerate operations and reduce the memory footprint (with or without DPA resistance
against side-channel and timing attacks).
• Configurable slots mode:
– Single primary slot mode, which enables maximizing image size. The downloaded image is in the
same memory slot as the installed image. The new downloaded image overwrites the previous
installed image. The devices with 512 Kbytes of flash memory only support this configuration.
– Primary and secondary slots mode, which enables safe image programming. The downloaded image
and installed image are in different memory slots.
• Image programming resistant to asynchronous power down and reset.
• Flexible number of application images:
– Either one application image (secure and nonsecure binaries combined in a single image) with:
◦
◦
– Or two application images (a secure image and a nonsecure image) with:
◦
◦
◦
• Flexible number of data images: one data image (secure or nonsecure) or two images (secure and
nonsecure) with the policies defined on application images (authenticity and integrity verification,
antirollback version check, decryption).
• Integration of the full entropy TRNG source (RNG hardware peripheral) for random numbers generation
(boot seed generation, tamper protection) or random delays (FIH).
UM2851 - Rev 4
MCU Package proposes two different examples of applications, based on the TF‑M
Unique key pair
Antirollback version check
Dedicated key pairs per firmware image
Dedicated antirollback version check per firmware image
Images version dependency management
[AN5447] for more information on the SBSFU
UM2851
Package description
page 16/117