STM32L083 AES peripheral

alanmonu12 · ‎2024-02-26

Hi community!

Currently, I am using a MCU STM32L083 and I am trying to implement a bootloader. The firmware to be updated is encrypted with a AES-128 algorithm.

The firmware is encrypted one time with a unique key for each divice and a second time for the model of the device.

Is it possible to use two different keys?

Basically I need to use key1 to descrypt a block of data and then use key2 on that block to get the plain text.

Thank you in advance.

Alan.

tjaekel · ‎2024-02-26

Isn't similar to do a ZIP on a ZIP file? (even in terms of ZIP there is not really a further compression)
Why not?: you can encrypt the same file again and again, with different keys.

Just do the opposite to decrypt, with different keys, on different "stages".

Where is the "problem"?

alanmonu12 · ‎2024-02-26

Hi tjaekel!

The problem comes when I try to decrpy the second "step"

CRYP_HandleTypeDef hcryp_unique;
CRYP_HandleTypeDef hcryp_model;

hcryp_unique.Instance = AES;
hcryp_unique.Init.DataType = CRYP_DATATYPE_8B;
hcryp_unique.Init.pKey = (uint8_t *)unique_key;
hcryp_unique.Init.pInitVect = (uint8_t *)iv;

HAL_CRYP_Init(&hcryp_unique);

hcryp_model.Instance = AES;
hcryp_model.Init.DataType = CRYP_DATATYPE_8B;
hcryp_model.Init.pKey = (uint8_t *)model_key;
hcryp_model.Init.pInitVect = (uint8_t *)iv2;

HAL_CRYP_Init(&hcryp_model);

int result = HAL_CRYP_AESCBC_Decrypt(&hcryp_unique, storage_page, 256, plain, 10000);
result = HAL_CRYP_AESCBC_Decrypt(&hcryp_model, plain, 256, plain2, 10000);

"result" is equals 1 after the sencond time a call HAL_CRYP_AESCBC_Decrypt function. The keys and IVs are correct.