cancel
Showing results for 
Search instead for 
Did you mean: 

Can the STM32WB55 OTA handle encrypted user applications?

HRadt.1
Senior

As far as I understand, the OTA example provided (BLE_Ota) supports either flashing the user application directly or handing the processing over to CPU2 for decryption of the Wireless firmware (which comes as an encrypted and signed package).

Is it possible to use the BLE_Ota firmware to handle encrypted user applications? If not is there an example how to?

5 REPLIES 5
Remi QUINTIN
ST Employee

You cannot use the BLE_OTA as is as it is made on purpose to work with Firmware Upgrade Service (FUS) when it comes to upgrade the FUS itself or the encrypted RF stack using a ST specific key.

I recommend you not to modify this BLE_OTA application and, instead, use the SBSFU mechanism that enables an encrypted customer’s application to be uploaded using its own key.

Please have a look the X-CUBE-SBSFU project (Secure Boot and Secure Firmware Update)

https://www.st.com/content/st_com/en/products/embedded-software/mcu-mpu-embedded-software/stm32-embedded-software/stm32cube-expansion-packages/x-cube-sbsfu.html

The SBSFU uses the Customer Key Services (CKS) feature available on the STM32WB. This is a lock where a customer can insert its decryption key for any future usage.

This service is used during the FW update but also on device boot to check user app authenticity when using AES GCM.

Note that this service is a framework consuming some space in the flash memory.

Remi QUINTIN
ST Employee

You can also have a look at the user manual UM2262, and the aplication note AN5056 that you can find on st.com.

HRadt.1
Senior

Thank you for pointing me in the right direction!

To make sure: There is no loader that is based on BLE avaliable (1-Image variant where the SBSFU Loader accepts images via BLE as in the OTA example)?

Thank you in advance.

HRadt.1
Senior

Especially since the SBSFU 2.3.0 release notes state:

Add 1_image variant for P-NUCLEO-WB55.Nucleo board: this new example is based on standalone loader, to be easily replaced by BLE loader. Decrypt in place function added (DecryptImageInSlot0 ) and instalation process updated with a new decrypt in place function

Is there a BLE loader in development?

HRadt.1
Senior

@Remi QUINTIN​ 

AN5056 states:

8.3 Changing the firmware download function in the user

application

> >This possibility is available only in the dual-image mode of operation. <<

Why is that so? There is a lot of contradicting hints regarding 1-image SBSFU operation with wireless loader on STM32WB55 and some clearification would be greatly appreciated.