Showing results for 
Search instead for 
Did you mean: 

STM32 firmware update (USB DFU) and encryption

Associate III


I successfully got the USB DFU bootlader working in 2 hours.

This one:

Now i would like to add some encryption to it with a time budget of couple of hours.

I am already using python for USB DFU update.

What is the quickest way forward?


ST Employee

Hello @MK..1 


Here's a step-by-step guide to get you started:

Step 1: Choose an Encryption Algorithm

Step 2: Install a Python Encryption Library

You can use the pycryptodome library, which is a self-contained Python package of low-level cryptographic primitives. Install it using pip:

pip install pycryptodome

Step 3: Encrypt the firmware

Before sending the firmware via DFU, you'll need to encrypt it.

Step 4: Decrypt the firmware in the bootloader

Your bootloader will need to decrypt the firmware before applying the update. You'll need to securely transfer the encryption key and IV (Initialization Vector) to the bootloader. The decryption process will be the inverse of the encryption process.

Step 5: Update the DFU script

Modify your existing Python DFU script to encrypt the firmware before sending it to the device.

If your question is answered, please close this topic by clicking "Accept as Solution".