STSAFE - NVM read with host AC

adegrandcourt · ‎2026-02-05

Hello,

I use a STSAFE-A110 chip on a own board based on STM32 MCU.

As I was unable to integrate the STSAFE library provided by ST on my specific fw, I wrote features whom I need as as echo, generate random, retrieve product data, generate host key, retrieve product data partition, read/update NVM.

All works fine but when I am unable to read a NVM zone with 'host' access condition. NVV zones with no specific AC are well read. Find below configuration of the NVM of my STSAFE chip.

+=======+================+==============+========+==============+========+==============+
| Zone  | Data segment   | Read AC      | Read   | Update AC    | Update | One-way      |
| index | length (bytes) | change right | AC     | change right | AC     | Counter      |
+=======+================+==============+========+==============+========+==============+
|     0 |           1000 |        False | always |         True |  never | False, 0     |
|     1 |            700 |         True | always |         True | always | False, 0     |
|     2 |            600 |        False |   host |         True | always | False, 0     |
|     3 |            600 |         True | always |         True | always | False, 0     |
|     4 |           1696 |         True | always |         True | always | False, 0     |
|     5 |             64 |         True | always |         True | always | True, 499259 |
|     6 |             64 |         True | always |         True | always | True, 500000 |
|     7 |           1578 |         True |   host |         True | always | False, 0     |
+-------+----------------+--------------+--------+--------------+--------+--------------+

Obviously, I put successfully the host MAC key and host cipher keys into the STSAFE-A110’s with PUT_ATTRIBUTE command by following 'Host secure channel setup use case' part in documentation. I used default keys provided in doc for my first tests.

host_key = { 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, 0x88, 0x99, 0xAA, 0xBB, 0xCC, 0xDD, 0xEE, 0xFF }

cipher_key = { 0x11, 0x11, 0x22, 0x22, 0x33, 0x33, 0x44, 0x44, 0x55, 0x55, 0x66, 0x66, 0x77, 0x77, 0x88, 0x88 }

+==========+==============+
| Host Key | Host CMAC    |
| presence | seq. counter |
+==========+==============+
|     True |           58 |
+----------+--------------+

When I want to read zone #7, by example, I send data below:

<Command (1 byte)><Zone index(2 bytes)><Offset (2 bytes)><Length (2 bytes)><C-MAC (4 bytes)><CRC (2 bytes)>

[8190.214] I2C write
[8190.214] A5 00 07 00 00 00 20 B5 BB E0 01 A9 CD |...... ...... |

But no data in response.

I don't understand what is my problem especially that got status in response seems to be good (0x00).

Is my CMAC wrong?

Do it exists a tool to check firstly my CMAC?

Someone could be help me to understand this?

adegrandcourt · ‎2026-02-09

Hi @Benjamin BARATTE

Indeed, the host cmac counter is used in cmac calculation as anti replay counter !

I just finally found the issue. It came from timeout for waiting i2c answer. I increased it and get successfully data from NVM zone.

My cmac calculation was fine!!!

Thanks for support.

Best regards,

Alex

View solution in original post

Benjamin BARATTE · ‎2026-02-09

Hi @adegrandcourt

Could you please share the answer of the STSAFE-A120 when you try to read it ?

Do you use the STSELib ?

Regarding the CMAC calculation, as the STSELib is managing the way to calculate the CMAC, only the adaptation of the crypto interface is mandatory.

I have added test vector to check the crypto interface in this post

First you need to check that the vector is correct with your implementation of crypto interface.

Best Regards,

Benjamin

adegrandcourt · ‎2026-02-09

Hi @Benjamin BARATTE

It seems that that STSAFE-A110 answers me STSAFEA_OK as status and data of answer from previous request to the chip. When I try to read NVM zone with 'host' read AC the host cmac sequence counter is well increased. If I read another NVM zone with 'always' r/w AC, I get well data with STSAFEA_OK as status.

In other hand, I checked that the vector is correct with used crypto interface by using test vector link provided. All is good this side.

I don't use the STSELib for reasons mentioned in the first message of post but I re-implemented the StSafeA_ComputeCMAC with my fw environment buffers (based on STM32u5).

Would be possible to provide me an example of I2C request to read read NVM zone #7 at offset 0 on 32 bytes by example (test mac key : 00112233445566778899AABBCCDDEEFF) in order to compare with the one that I sent ; or a tool to check cmac calculation function?

Best regards,

Alex

Benjamin BARATTE · ‎2026-02-09

Hi @adegrandcourt ,

In the CMAC calculation, you have seen that the counter is used as an anti replay counter and therefore, I'm a bit more complex to generate a valid CMAC that will match your version.

If you provide the CMAC counter, I can generate a command with the CMAC associated to your counter.

I don't have a CMAC calculator available but you could use the STSELib as reference software to generate such calculator.

Anyway, if the STSAFE-A is report STSAFEA_OK, this means that the CMAC is valid.

Could you share the full response of the STSAFE-A to your Read request ?

Did you update the memory region content before ? if not, the memory content is 0.

Best Regards,

Benjamin

adegrandcourt · ‎2026-02-09

Hi @Benjamin BARATTE

Indeed, the host cmac counter is used in cmac calculation as anti replay counter !

I just finally found the issue. It came from timeout for waiting i2c answer. I increased it and get successfully data from NVM zone.

My cmac calculation was fine!!!

Thanks for support.

Best regards,

Alex