Generating a cryptographic key AN5056
28/49 AN5056 Rev 8
Figure 23. New private/public keys
5.3 STM32WB Series specificities
For STM32WB Series, the AES encryption key is not processed through the prebuild.bat
script but is provisioned into the M0+ core. The provisioning process is described in
SECoreBin/readme.txt.
Another way to provision the AES key is to use the recent STM32CubeProgrammer release.
Since V2.5.0, M0+ key provisioning is available as Firmware Upgrade Service (FUS).
First, connect to the bootloader USB interface:
1. nBOOT1 and nSWBOOT0 are checked.
2. Correct boot mode is selected by setting Boot0 pin to VDD:
a) With a P-NUCLEO-WB55 Nucleo board: The jumper is ON between CN7.5 (VDD)
and CN7.7 (Boot0).
b) With an STM32WB5MM-DK Discovery board: A jumper is ON on CN13(VDD-
Boot0) after pin header soldering and another jumper selects ‘USB MCU’ on JP2.
3. A USB cable is connected to the USB_USER interface.
4. The power is ON (Unplug/plug USB cable is connected to ST-LINK).
Then, the function Key provisioning of Firmware Upgrade Services panel is allowed as
shown in
Figure 24.
To Next Page
