FAQs
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

STSAFE-A120 Symmetric Decryption Support

tamoorman
Visitor

‎2025-08-29 11:14 AM - edited ‎2025-08-29 11:37 AM

Hello,

We are working on an STM32F469/79-based device that uses SBSFU, which we are seeking to modify to use the STSAFE-A120 to perform the authentication and decryption algorithms.

Section 2.7 of the STSAFE-A120 datasheet includes that the STSAFE-A120 supports the following symmetric ciphers for encryption and decryption.

  • AES in CCM*/CTR mode
  • AES in CBC mode
  • AES in ECB mode
  • AES in GCM/GMAC mode

Section 4.7 of the STSAFE-A120 datasheet includes that the STSAFE-A120 supports symmetric decryption by chunks via the "Start decrypt", "Process decrypt", and "Finish decrypt" commands.

We planned to use X-CUBE-STSE01 (v1.0.0) to interface with the STSAFE-A120. However, we were surprised to see that AES-CBC decryption does not seem to supported. This prevents us from using the STSAFE-A120 with SBSFU crypto scheme "SECBOOT_ECCDSA_WITH_AES128_CBC_SHA256". X-CUBE-STSE01 seems to also lack support for AES-GCM decryption by chunks. This prevents us from using the STSAFE-A120 with SBSFU crypto scheme "SECBOOT_AES128_GCM_AES128_GCM_AES128_GCM".

We noted that X-CUBE-STSE01 seems to use STSELib v1.0.0, but the STSELib GitHub repo shows that the latest STSELib release is v1.1.2. The release notes for STSELib v1.0.2 mention that it added support for AES-GCM & AES-CCM* decryption by chunks.

Given all of these findings, we had a few questions.

  1. Is X-CUBE-STSE01 the correct software expansion package or middleware for our purposes? If not, what should our project use instead?
  2. Are there plans to update STSELib to support AES-CBC decryption by chunks? If not, would it be possible for us to implement that functionality ourselves? If so, it would be appreciated if you could point us to the information required to do so.
  3. Is there an updated X-CUBE-STSE01 release planned to update the included STSELib? If so, when do you expect that to be released? If not, would there be issues with us manually updating the included STSELib from v1.0.0 to the latest version (v1.1.2)?
  4. SBSFU v2.7.0 (the latest we are aware of) uses STM32_Cryptographic v3.1.5. X-CUBE-STSE01 v1.0.0 uses STM32_Cryptographic v4.0.2. Are there any concerns with updating STM32_Cryptographic from v3.1.5 to v4.0.2? From a quick investigation, the only compilation issue seems to be a difference in an AES-GCM struct, which would only be relevant if we had to switch SBSFU crypto schemes.

Thank you,

0 REPLIES 0
Top