cancel
Showing results for 
Search instead for 
Did you mean: 

What is the meaning of Enc/Wrap when create a secret package?

ThinhNguyen
Associate III

I am working on STM32 Trusted Package Creator. I read the artical How to deploy SSP using a step-by-step approach at section "3.1.2.2. Secret file content for STM32MP2 series". I need to create a secret file that contain FIP-EDMK OTP as the image below:

ThinhNguyen_0-1751968065795.png

Could you please explain on Enc/Wrap box.

  1. When should I select No Encryption?
  2. When should I select Wrapping?
  3. When should I select Encryption?

 For the FIP-EDMK What should I select?

 

1 REPLY 1
Zakaria1
ST Employee

Hello @ThinhNguyen,

  • No-Encryption: Multiples of 32 bits (4 bytes)
  • Wrapping: For encryption keys of 128 bits (16 bytes) or 256 bits (32 bytes)
  • Encryption: For any data that is a multiple of 128 bits (AES block size)

According to the Reference Manual, if you choose wrapping, the software using the key must perform steps 2 and 3 (step 1 is handled by the SSP).

Here’s a screenshot from the Reference Manual showing the additional details for wrapping keys.Zakaria1_0-1751979282657.png

Since your binary size is 32 bytes (256 bits), you can use either Wrapping or Encryption. It’s best to choose Encryption to avoid additional steps.