User app not decrypt

asala.19 · ‎2020-04-22

Hi,

I am testing SBSFU in p-nucleo-wb55. when i am flashing user_app.sfb it flash successfully at slot1 (Download Area) but can not decrypt and hang at below STATE can you please help me how to resolve this issue and also tell me how to enable debug log in 2_Images_SECoreBin.

= [SBOOT] System Security Check successfully passed. Starting...
= [FWIMG] Slot #0 @: 8012000 / Slot #1 @: 8047000 / Swap @: 807e000
 
 
======================================================================
=              (C) COPYRIGHT 2017 STMicroelectronics                 =
=                                                                    =
=              Secure Boot and Secure Firmware Update                =
======================================================================
 
 
= [SBOOT] SECURE ENGINE INITIALIZATION SUCCESSFUL
= [SBOOT] STATE: CHECK STATUS ON RESET
          INFO: A Reboot has been triggered by a Software reset!
          Consecutive Boot on error counter = 0 
          INFO: Last execution detected error was:No error. Success.
= [SBOOT] STATE: CHECK NEW FIRMWARE TO DOWNLOAD
= [SBOOT] STATE: CHECK USER FW STATUS
          New Fw Encrypted, to be decrypted
= [SBOOT] STATE: INSTALL NEW USER FIRMWARE

Note:- I have perform AES key provisioning steps successfully provided in readme.txt

STM32_Programmer_CLI.exe -c port=usb1 -wusrkey CKS_OEM_KEY_COMPANY1_key_AES_CBC.bin keytype=1

Thanks,

Arjun

Jocelyn RICARD · ‎2020-04-22

Hello Asala,

when it hangs like this, this means that SBSFU is not able to access to the key in the Custome Key Storage.

Did you follow all the steps in readme file.

Are you sure RSS is in idle state and FUS version is the good one?

Best regards

Jocelyn

asala.19 · ‎2020-04-22

Hi,

Yes i have check my RSS is in idle and also upgrade FUS version because default it is 00050300 ==> FUSv0.5.3. Please find below log of my current FUS version (01000200 ==> 1.0.2) and also RSS state.

arjun@AHMCPU2299:bin$ sudo ./STM32_Programmer_CLI -c port=usb1 -fusgetstate
      -------------------------------------------------------------------
                        STM32CubeProgrammer v2.3.0                  
      -------------------------------------------------------------------
 
 
 
USB speed   : Full Speed (12MBit/s)
Manuf. ID   : STMicroelectronics
Product ID  : DFU in FS Mode
SN          : 207C317B554D
FW version  : 0x011a
Device ID   : 0x0495
Device name : STM32WBxx
Flash size  : 1 MBytes
Device type : MCU
Device CPU  : Cortex-M0+/M4
 
 
FUS state is FUS_IDLE
 
FUS status is FUS_NO_ERROR
getFUSstate command execution finished

FUS version

arjun@AHMCPU2299:bin$ sudo ./STM32_Programmer_CLI -c port=usb1 -r32 0x20030030 1
      -------------------------------------------------------------------
                        STM32CubeProgrammer v2.3.0                  
      -------------------------------------------------------------------
 
 
 
USB speed   : Full Speed (12MBit/s)
Manuf. ID   : STMicroelectronics
Product ID  : DFU in FS Mode
SN          : 207C317B554D
FW version  : 0x011a
Device ID   : 0x0495
Device name : STM32WBxx
Flash size  : 1 MBytes
Device type : MCU
Device CPU  : Cortex-M0+/M4
 
 
Reading 32-bit memory content
  Size          : 4 Bytes
  Address:      : 0x20030030
 
0x20030030 : 01000200

Is there any way we can read or verify that the key is properly store or not?

Thanks,

Arjun

asala.19 · ‎2020-04-23

Hi @Jocelyn RICARD

I have re-flash key by following command and it's return key index 0x3. Now i make change in code se_cks.h

-- #define SBSFU_AES_KEY_IDX 0x01U

++ #define SBSFU_AES_KEY_IDX 0x3U

rebuid all project loader, SECore, SBSFU, UserAPP and flash again.

It goes further but still not up and running the APP. it's fail to verify the signature(SIGNATURE CHECK FAILED!). find below logs.

arjun@AHMCPU2299:bin$ sudo ./STM32_Programmer_CLI -c port=usb1 -wusrkey /home/arjun/STM32CubeExpansion_SBSFU_V2.3.0/Projects/P-NUCLEO-WB55.Nucleo/Applications/2_Images/2_Images_SECoreBin/Binary/CKS_OEM_KEY_COMPANY1_key_AES_CBC.bin keytype=1
      -------------------------------------------------------------------
                        STM32CubeProgrammer v2.3.0                  
      -------------------------------------------------------------------
 
 
 
USB speed   : Full Speed (12MBit/s)
Manuf. ID   : STMicroelectronics
Product ID  : DFU in FS Mode
SN          : 207C317B554D
FW version  : 0x011a
Device ID   : 0x0495
Device name : STM32WBxx
Flash size  : 1 MBytes
Device type : MCU
Device CPU  : Cortex-M0+/M4
 
  Key File path  : /home/arjun/STM32CubeExpansion_SBSFU_V2.3.0/Projects/P-NUCLEO-WB55.Nucleo/Applications/2_Images/2_Images_SECoreBin/Binary/CKS_OEM_KEY_COMPANY1_key_AES_CBC.bin
 
Write user key in memory process started ...
 
 
FUS state is FUS_IDLE
 
FUS status is FUS_NO_ERROR
Writing key in memory ...
write user key in memory returned the following key index 0x3
write key in memory process finished
Write user key in memory command execution finished
 
Requesting FUS state ...
 
 
FUS state is FUS_IDLE
 
FUS status is FUS_NO_ERROR

= [SBOOT] SECURE ENGINE INITIALIZATION SUCCESSFUL
= [SBOOT] STATE: CHECK STATUS ON RESET
          INFO: A Reboot has been triggered by a Software reset!
          Consecutive Boot on error counter = 0
          INFO: Last execution detected error was:No error. Success.
= [SBOOT] STATE: CHECK NEW FIRMWARE TO DOWNLOAD
= [SBOOT] STATE: CHECK USER FW STATUS
          New Fw Encrypted, to be decrypted
= [SBOOT] STATE: INSTALL NEW USER FIRMWARE
= [SBOOT] STATE: HANDLE CRITICAL FAILURE
= [EXCPT] SIGNATURE CHECK FAILED!
= [SBOOT] STATE: REBOOT STATE MACHINE

Can you please tell me how i can resolve this issues.

Note: In development mode i am disable all Scurity IPs by enabling below macro

#define SECBOOT_DISABLE_SECURITY_IPS

Thanks in Advance.

Regards,

Arjun

asala.19 · ‎2020-04-24

Hi @Jocelyn RICARD ,

Is there any suggestion how to resolve this issue?

i have enable verbose please find below log.

= [SBOOT] SECURE ENGINE INITIALIZATION SUCCESSFUL
= [SBOOT] STATE: CHECK STATUS ON RESET
          INFO: A Reboot has been triggered by a Software reset!
          Consecutive Boot on error counter reset
          Consecutive Boot on error counter = 0
          Consecutive Boot on error counter updated
          INFO: Last execution status before Reboot was:Verifying Fw Image signa                                                      ture.
          INFO: Last execution detected error was:No error. Success.
= [SBOOT] STATE: CHECK NEW FIRMWARE TO DOWNLOAD
= [SBOOT] STATE: CHECK USER FW STATUS
          New Fw Encrypted, to be decrypted
= [SBOOT] STATE: INSTALL NEW USER FIRMWARE
= [SBOOT] RuntimeProtections: 0
          18928 bytes of ciphertext decrypted.
= [FWIMG] The decrypted image is incorrect!
= [FWIMG] FW installation failed!
= [SBOOT] STATE: HANDLE CRITICAL FAILURE
= [EXCPT] SIGNATURE CHECK FAILED!
= [SBOOT] STATE: REBOOT STATE MACHINE
========= End of Execution ==========

Note:- i am using AC6 IDE and work on Linux Ubuntu platform.

Thanks,

Arjun

Jocelyn RICARD · ‎2020-04-24

Hello Asala,

I don't catch why you changed the key index from 0x01 to 0x03.

Anyway, in that case, the SBSFU will read the decryption key in slot 3 of the CKS instead of slot 1

As a consequence, you need to provision your key in this slot 3.

To achieve this, you need to change the CKS header of the key file binary

CKS header is made of 2 bytes: the first byte is the slot, and second is the key size.

So, if you want to use Index 3 of CKS, you need to have

0x03 0x10 as CKS header in CKS_OEM_KEY_COMPANY1_key_AES_CBC.bin

You can do this thanks to a binary editor for instance, but I would suggest you have your own tool to generate the key.

It is important that for production you generate your own key and not reuse the one provided as example !

I hope this will help

Best regards

Jocelyn

asala.19 · ‎2020-04-30

Hi,

i revert back my changes and now #define SBSFU_AES_KEY_IDX 0x01U .But still it fail at SIGNATURE CHECK FAILED! . i am also try with windows platform and stcubeide but still not any success.

below are the step which i have follow.

Perform SECoreBin readme steps for aes key provision.
Build 2_Images_Loader app.
Build 2_Images_SECoreBin app.
Build 2_Images_SBSFU app.(with enable #define SECBOOT_DISABLE_SECURITY_IPS macro)
Build 2_Images_UserApp app.
Make RDP level 0.
Load/Flash SBSFU.bin.
Load UserApp.sfb serially via Ymodem using Teraterm.( After download its show SIGNATURE CHECK FAILED! )

Please suggest me what actually i have missing.

Thanks,

Arjun

Jocelyn RICARD · ‎2020-05-04

Hello Arjun,

I'm sorry for late answer.

I think the issue comes from STM32CubeProgrammer 2.3 relative to the key provisioning.

There was a change between version 2.1 and 2.4. Apparently 2.3 is not working fine fore this purpose.

The SBSFU 3.0 was released when STM32CubeProgrammer 2.1 was available.

The SBSFU 3.1 was released when STM32CubeProgrammer 2.4 was avaialble.

The difference resides in the key format.

With version 2.1 you had to provision with a key file containing the CKS header (CKS_...)

With version 2.4 you just provision the key. No more CKS header.

And each time you will request the key provisioning with this version 2.4 it will use the next available slot.

So, you need to adapt the slot used in SBSFU with SBSFU_AES_KEY_IDX in se_cks.h.

I hope this will you solving your issue.

Best regards

Jocelyn

asala.19 · ‎2020-05-04

Hi,

Thank you so much for support its version issue and CKS header issue.

I have resolve this issue with st programmer 2.4.0. I can successfully load OEM_KEY_COMPANY1_key_AES_CBC.bin(without CKS header) it return key index which i have replace with SBSFU_AES_KEY_IDX default one and now i can perform firmware upgrade successfully.

Thank you once again.

Regards,

Arjun