cancel
Showing results for 
Search instead for 
Did you mean: 

What is the meaning of Enc/Wrap when create a secret package?

ThinhNguyen
Associate III

I am working on STM32 Trusted Package Creator. I read the artical How to deploy SSP using a step-by-step approach at section "3.1.2.2. Secret file content for STM32MP2 series". I need to create a secret file that contain FIP-EDMK OTP as the image below:

ThinhNguyen_0-1751968065795.png

Could you please explain on Enc/Wrap box.

  1. When should I select No Encryption?
  2. When should I select Wrapping?
  3. When should I select Encryption?

 For the FIP-EDMK What should I select?

 

1 ACCEPTED SOLUTION

Accepted Solutions

Hello,

Understanding 2 is correct.

More precisely, the FIP-EDMK will be Encrypted of Wrapped by the embedded SSP software during the SSP procedure.

Enc/Wrap feature is used to obfuscate the secret programmed on the SoC :

  • No Encryption : the FIP-EDMK is programmed as is in the OTP. If you dump the OTP you will read the same value as the input file.
  • Encryption :  the FIP-EDMK is encrypted then the encrypted data is stored in the OTP. If you dump the OTP the data is different from the input file. Any input file that is a multiple of an AES block can be encrypted. 
  • Wrapping : This a special feature of SAES. The FIP-EDMK is processed by SAES (step 1 figure 538 of @Zakaria1 screenshot). Then the wrapped key is stored in the OTP. If you dump the OTP the data is different from input file. Wrapping can only be used to obfuscate encryption keys.

The main advantage of Wrapping against Encryption is that when you unwrap the FIP-EDMK to retrieve the value the input file, SAES directly write the FIP-EDMK in the key register of SAES : step 2 figure 538 of @Zakaria1 screenshot. So the FIP-EDMK unwrapped is never accessible by the OEM firmware deployed on the product (CubeHAL, OpenSTLinux, ...). The OEM firmware is using the FIP-EDMK without having access to its real value, hence it limits the risk of leak of the FIP-EDMK.

Note : In OSTL, TF-A does not support unwrapping the FIP-EDMK. So if you want to execute a secure boot with an encrypted FIP, you should select "No Encryption" in STM32 Trusted Package Creator.

 

 

View solution in original post

4 REPLIES 4
Zakaria1
ST Employee

Hello @ThinhNguyen,

  • No-Encryption: Multiples of 32 bits (4 bytes)
  • Wrapping: For encryption keys of 128 bits (16 bytes) or 256 bits (32 bytes)
  • Encryption: For any data that is a multiple of 128 bits (AES block size)

According to the Reference Manual, if you choose wrapping, the software using the key must perform steps 2 and 3 (step 1 is handled by the SSP).

Here’s a screenshot from the Reference Manual showing the additional details for wrapping keys.Zakaria1_0-1751979282657.png

Since your binary size is 32 bytes (256 bits), you can use either Wrapping or Encryption. It’s best to choose Encryption to avoid additional steps.

hi @Zakaria1 ,

I have read more in Reference Manual but I am still not clear about the purpose of selecting Enc/Wrap.

We are in the process of creating a Secret file. FIP-EDMK is the input binary file of the Secret file.
Understanding 1:
Enc/Wrap refers to the attribute of the input file. In this case FIP-EDMK. It tells the STM32 Trusted Package Creator Tool that FIP-EDMK is Encrypted/Not Encrypted/Wrap. STM32 Trusted Package Creator will have a way to handle the input file appropriately for each case.
Understanding 2:
Enc/Wrap tells the STM32 Trusted Package Creator that FIP-EDMK needs to be Encrypted/ No Encrypted/Wrap in the secret file.

Please advise which interpretation is correct.

Hello,

Understanding 2 is correct.

More precisely, the FIP-EDMK will be Encrypted of Wrapped by the embedded SSP software during the SSP procedure.

Enc/Wrap feature is used to obfuscate the secret programmed on the SoC :

  • No Encryption : the FIP-EDMK is programmed as is in the OTP. If you dump the OTP you will read the same value as the input file.
  • Encryption :  the FIP-EDMK is encrypted then the encrypted data is stored in the OTP. If you dump the OTP the data is different from the input file. Any input file that is a multiple of an AES block can be encrypted. 
  • Wrapping : This a special feature of SAES. The FIP-EDMK is processed by SAES (step 1 figure 538 of @Zakaria1 screenshot). Then the wrapped key is stored in the OTP. If you dump the OTP the data is different from input file. Wrapping can only be used to obfuscate encryption keys.

The main advantage of Wrapping against Encryption is that when you unwrap the FIP-EDMK to retrieve the value the input file, SAES directly write the FIP-EDMK in the key register of SAES : step 2 figure 538 of @Zakaria1 screenshot. So the FIP-EDMK unwrapped is never accessible by the OEM firmware deployed on the product (CubeHAL, OpenSTLinux, ...). The OEM firmware is using the FIP-EDMK without having access to its real value, hence it limits the risk of leak of the FIP-EDMK.

Note : In OSTL, TF-A does not support unwrapping the FIP-EDMK. So if you want to execute a secure boot with an encrypted FIP, you should select "No Encryption" in STM32 Trusted Package Creator.

 

 

Hi @ThomasBou and @Zakaria1,

Thanks for explaining clearly.