On 12/12/22 10:40, Patrick DELAUNAY wrote:
Hi,
Hello Patrick
[...]
Hmmm, what does the BootROM use CRYP for then ?
used for SSP = Secure Secret Provisioning
https://wiki.st.com/stm32mpu/wiki/Secure_Secret_Provisioning_(SSP)
Oh, only this part, I see.
It is necessary to have MP15xC/F for the authenticated boot to work,
but it seems the only difference there is the presence of CRYP. Or is
there some BootROM fuse too ?
Yes, the secure boot feature availability is indicated in the security
field of the chip part number, for STM32MP13 and STM32MP15.
- SSP is not supported
- the associated authentication feature for secure boot is deactivated
in ROM code
=> the key is burned/locked in OTP on these chips
and checked by ROM code before to authenticate the FSBL
Thank you for the clarification, this is really useful.