Firmware image size required for AES CBC encryption

chuan_lee · ‎2019-10-03

I am trying out the sample project

STM32CubeExpansion_SBSFU_V2.2.0/Projects/NUCLEO-H753ZI/Applications/1_Image.

I have completed the following build steps:

prebuild.py

Build SECoreBin

Build SBSFU

Build UserApp

The last step postbuild.py (which is SECBOOT_ECCDSA_WITH_AES128_CBC_SHA256.sh) has an assert:

Exception: AES CBC encryption requires the Firmware Image size (22232 bytes) to be a multiple of the AES block size (16 bytes)

I don't know how to get around the problem.

Jocelyn RICARD · ‎2019-10-09

Hello Chuan Lee,

in our GCC implementation for STM32H7 you can find in the .ld file of the user application:

/* Extra ROM section (last one) to make sure the binary size is a multiple of the AES block size (16 bytes) and H7 flash writing unit (32 bytes)*/

.align32 :

{

. = . + 1; /* _edata=. is aligned on 8 bytes so could be aligned on 32 bytes: add 1 byte gap */

. = ALIGN(32) - 1; /* increment the location counter until next 32 bytes aligned address (-1 byte) */

BYTE(0); /* allocate 1 byte (value is 0) to be a multiple of 32 bytes */

} > APPLI_region_ROM

So, please use the same.

Best regards

Jocelyn

View solution in original post

Jocelyn RICARD · ‎2019-10-04

Hello,

which IDE are you using?

I'll try to reproduce your issue

Thank you

Best regards

Jocelyn

chuan_lee · ‎2019-10-04

Jocelyn, thank you for the reply. I think I have resolved the issue this morning (I will post an answer later).

I normally use Eclipse, occasionally TrueSTUDIO. Right now, I'm making my own Makefiles and build from command line.

As for the postbuild.py, prepareimage.py has encrypted SECoreBin (the failed operation that started this question), sha256, and now pack (failed due to missing argument). But it is going further along.

Regards,

-Chuan.

chuan_lee · ‎2019-10-04

Project: STM32CubeExpansion_SBSFU_V2.2.0\Projects\NUCLEO-H753ZI\Applications\1_Image.

Toolchain: GNU Tools ARM Embedded/6-2017-q2/bin/arm-none-eabi-*

Per STM SBSFU Integration Guide - AN5056 (Rev 4), p.33/40:

/* to make sure the binary size is a multiple of the AES block size *16 bytes) and L4 ....*/

define root section aes_block_padding with alignment=16

{

udata8 "Force Alignment";

pad_to 16;

};

<etc.>

I did similar stuff in the following linker scripts:

1_Image_SBSFU/GNUARM/STM32H753ZI-Nucleo/STM32H753ZITx.ld

1_Image_SECoreBin\GNUARM\STM32H753ZI-Nucleo\STM32H753ZITx.ld

1_Image_UserApp\GNUARM\STM32H753ZI-Nucleo\STM32H753ZITx.ld

SECTIONS

{

.SE_CallGate_Code : { KEEP(*(.SE_CallGate_Code)) } > SE_Entry_Secure_ROM_Region

.SE_Key_Data : { KEEP(*(.SE_Key_Data)) } > SE_Key_region_ROM

.SE_Startup_Code : { KEEP ( *se_startup.o (.text .text*)) } > SE_Startup_region_ROM

.text :

{

. = ALIGN(8);

*(.text) /* .text sections (code) */

<etc.>

. = ALIGN(16); /* <----- this was '8' */

_etext = .; /* define a global symbols at end of code */

} >SE_ROM_region

I hope I was doing it right. Only SECoreBin.bin was padded. The other two images -- SBSFU and UserApp -- were already 16-bytes aligned, so their image sizes didn't change.

Jocelyn RICARD · ‎2019-10-09

Hello Chuan Lee,

in our GCC implementation for STM32H7 you can find in the .ld file of the user application:

/* Extra ROM section (last one) to make sure the binary size is a multiple of the AES block size (16 bytes) and H7 flash writing unit (32 bytes)*/

.align32 :

{

. = . + 1; /* _edata=. is aligned on 8 bytes so could be aligned on 32 bytes: add 1 byte gap */

. = ALIGN(32) - 1; /* increment the location counter until next 32 bytes aligned address (-1 byte) */

BYTE(0); /* allocate 1 byte (value is 0) to be a multiple of 32 bytes */

} > APPLI_region_ROM

So, please use the same.

Best regards

Jocelyn