FAQs
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Security Engine fails to pass tag authentication of the uploaded application image.

APann.3
Associate

‎2023-05-29 07:32 AM

For some reason bootloader fails to pass image tag authentication. SE_AuthenticateFW_Finish(pSeStatus, fw_tag_output, (int32_t *)&fw_tag_len). returns SFU_SUCCESS status. However, compare to the tag retrived from image header located in MCU flash is failed:

if (MemoryCompare(fw_tag_output, fw_tag, SE_TAG_LEN) != SFU_SUCCESS)

Validated, that the tag compiled and incorporated into sfb image is exactly matching the one retrieved by SE mechanism from application image header located in MCU flash. Despite this, tag verification fails.

Also, all chanks of image are passing authentication correctly SE_AuthenticateFW_Append(pSeStatus, fw_image_chunk, (int32_t)fw_chunk_size,

                          fw_chunk, (int32_t *)&fw_chunk_size);

We are using CubeMX IDE environment Version: 1.10.1

Build: 12716_20220707_0928 (UTC)

0 Kudos
4 REPLIES 4
Jocelyn RICARD
ST Employee

‎2023-06-07 11:01 AM

Hello @APann.3​,

we solved your issue through direct support with OLS.

Up to you to share or not how this was solved.

Best regards

Jocelyn

0 Kudos
NAndreadakis
Associate III
In response to Jocelyn RICARD

‎2023-11-21 12:58 AM

Hello Jocelyn,

I am experiencing a similar issue to APann with the SE_AuthenticateFW_Finish function. Specifically, after successfully writing the update SFB firmware to an external EEPROM and passing all other checks, I encounter a discrepancy during authentication. The SE_AuthenticateFW_Finish function returns a false key instead of the correct one obtained from the SFB.

Interestingly, when using the full .bin firmware, everything functions as expected, and the SE_AuthenticateFW_Finish function returns the correct tag.

I would greatly appreciate it if you could provide me with an explanation or any insights into this issue. Your expertise in this matter would be immensely helpful in resolving the authentication discrepancy.

Best regards,

Nikos

Jocelyn RICARD
ST Employee

‎2023-11-21 08:58 AM

Hello @NAndreadakis ,

the previous issue was related to the way sfb image was created. Probably not the same issue on your side.

I would suggest comparing the sfb binary content loaded into your external memory and the actual sfb to check if transfer was performed successfully. Then, you can check the output of decryption if it is the same of the original binary in clear. Checking first bytes and end bytes is enough.

Best regards

Jocelyn

0 Kudos
NAndreadakis
Associate III

‎2023-11-22 01:59 AM

Moved to new topic Re: Issue with SFBU and EEPROM Firmware Update - STMicroelectronics Community

0 Kudos
Top