Hi,
I am doing a feasibility study for SBSFU on an STM32H750, specifically firmware encryption and authenticity check. I am using the XCUBE expansion pack v2.8.0.
I have tested the firmware installation using ECDSA signature without encryption.
However, when I attempt to use ECDSA signature with AES128 encryption, I keep getting the errors listed further down.
As mentioned in AN5056, section 4.2, I modified SECBOOT_CRYPTO_SCHEME to SECBOOT_ECCDSA_WITH_AES128_CBC_SHA256. I can see that prebuild.sh detects this change and adjusts accordingly.
1. Error on first boot after flashing external memory with ST Link Debugger (Firmware.bin).
2. Error on first boot when updating firmware through Ymodem Loader (Firmware.sfb).
I see that if (MemoryCompare(fw_tag_output, fw_tag, SE_TAG_LEN) != SFU_SUCCESS){ in sfu_fwimg_common.c is where the error is being caught.
Does anyone have any advice on how I can diagnose this? I am really not sure how to go about this.
Thanks for your help!
