Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- STMicroelectronics Community
- STM32 MCUs
- STM32 MCUs Security
- SHCI_C2_FUS_LoadUsrKey doesn't load AES1 key regis...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
SHCI_C2_FUS_LoadUsrKey doesn't load AES1 key registers
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
2025-03-03 8:29 AM - edited 2025-03-04 12:37 AM
Hi all
I'm working on a STM32WB55 nucleo board
I'm designing a simple Signing procedure
At beginning I've try that every thing ok by using a hard codded key and now I want to switch on a key kept secure in FUS zone
I've load 2 256 bits AES keys into FUS user Key secure zone first time with a custom app that will be loaded in prod to set all default keys
second time I've try by cube programmer
I've based my procedure on CKS example
- call HAL_CRYP_DeInit() to clear all AES regs and context
- setup handle.init structure : I'm initializing for a 32 bytes buffer input and AES CBC mode
- call HAL_CRYP_Init() and keeping AES key to NULL (to avoid HAL_CRYP_Encrypt() call overwrite AES KEY registers
- call SHCI_C2_FUS_LoadUsrKey() with the good key index
- call HAL_CRYP_Encrypt()
- finaly unload the key etc ...
if I use 1 or 2 as index SHCI_C2_FUS_LoadUsrKey() is responding SHCI_Success
if I use another index not previously set with a key it's answering SHCI_FUS_CMD_NOT_SUPPORTED
it makes me feel that keys have been correctly wrote to FUS secure zone and when I ask wireless stack to bring me back the keys it's understanding what I'm willing
unfortunately after SHCI_C2_FUS_LoadUsrKey() call noting is wrote into AES KEYR*
I've surely missed something but can't figure what
here you can find my piece of code
// get the SHA_256 hash of FW binary image
SIG_HASH_INIT(&hasher);
SIG_HASH_UPDATE(&hasher,BOOTLOADER_START_APP_ADDRESS,Bootloader_shared_infos_RAM.fwByteSize);
SIG_HASH_DIGEST(&hasher,Bootloader_shared_infos_RAM.Computed_key);
// uint32_t key[]={0x00000000,0x00000000,0x00000000,0x00000000,
// 0x00000000,0x00000000,0x00000000,0x00000000};
uint32_t iv[] ={Bootloader_shared_infos_RAM.Descriptor,Bootloader_shared_infos_RAM.Descriptor,Bootloader_shared_infos_RAM.Descriptor,Bootloader_shared_infos_RAM.Descriptor};
hcryp1.Instance = AES1;
if (HAL_CRYP_DeInit(&hcryp1) != HAL_OK)
return RETURN_ERROR;
hcryp1.Init.DataType = CRYP_DATATYPE_8B;
hcryp1.Init.DataWidthUnit = CRYP_DATAWIDTHUNIT_BYTE;
hcryp1.Init.KeySize = CRYP_KEYSIZE_256B;
hcryp1.Init.Algorithm = CRYP_AES_CBC;
//hcryp1.Init.pKey = key; /* Key will be provided by CKS service */
hcryp1.Init.pKey=NULL; // should be published at next step by FUS himself
hcryp1.Init.HeaderWidthUnit = CRYP_HEADERWIDTHUNIT_WORD;
hcryp1.Init.KeyIVConfigSkip = CRYP_KEYIVCONFIG_ALWAYS;
hcryp1.Init.pInitVect = iv;
if (HAL_CRYP_Init(&hcryp1) != HAL_OK)
return RETURN_ERROR;
printf("load Bootloader Key :");
SHCI_CmdStatus_t res=SHCI_C2_FUS_LoadUsrKey(1); // should write key #1 into AES_KEY_R*
print_SHCI_CmdStatus_t(res);// with index 1/2 i get SHCI_Success return with anything else I get Unknown Cmd answer (looks ok as only first and 2nd key are wrotes
/// when looking in AES_KEYR* reg at this step they are still at 0
uint8_t cyphered[BOOTLOADER_APP_SIGNATURE_SIZE];
if (HAL_CRYP_Encrypt(&hcryp1, Bootloader_shared_infos_RAM.Computed_key, BOOTLOADER_APP_SIGNATURE_SIZE,cyphered, 0xFF) != HAL_OK)
return RETURN_ERROR;
thanks for any idea that would come to your mind
Labels:
- Labels:
-
STM32 Security
2 REPLIES 2
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
2025-03-11 5:08 PM
Hello @oga
After key loading through FUS_LOAD_USR_KEYthere is no way to read back and verify the loaded user keys during manufacturing programming prior to locking . Absolutely no way of any kind to read back keys values directly or indirectly. In other words, the keys stored in the FUS secure zone are protected by hardware isolation, ensuring that they cannot be read back directly or indirectly. The keys are loaded into the secure AES hardware, and no one can read the key content
The procedure to load and use keys that you provided is correct. It involves clearing the AES registers, initializing the CRYP handle, loading the user key from the FUS, performing encryption, and finally unloading the key. This procedure is supported by the FUS and the wireless firmware.
The STM32CubeProgrammer supports key storage with the -wusrkey command, which allows writing user keys when accessing the device in bootloader mode.
For more detailed information, you can refer to the application notes AN5185 and AN5289, which contain information concerning key management and the supported commands
Hope this answer is helpful for you and sorry for my late reply.
Best Regards
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
2025-03-17 1:19 AM - edited 2025-03-17 1:19 AM
thank's for your kind reply
I well understand that key can't be read back once loaded (it makes sense by the way) but it mean only rely on SHCI_C2_FUS_LoadUsrKey() return code to control if key is well loaded and if it's the good one.
just another related question as there are 100key slots available in order to be able to change key during product life time I was planing to set an index reference in flash to indicate the active key slot .. .do you recommend another way to do this kind of stuff ?
