EasyManuals Logo

ST X-CUBE-SBSFU User Manual

ST X-CUBE-SBSFU
94 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #78 background imageLoading...
Page #78 background image
Firmware image preparation tool UM2262
78/94 UM2262 Rev 6
Appendix E Firmware image preparation tool
The X-CUBE-SBSFU STM32Cube Expansion Package is delivered with the prepareimage
firmware image preparation tool allowing:
Taking into account the selected cryptographic scheme and keys
Encrypting the firmware image when required
Generating partial firmware image, by extracting binary differences between two full
images
Generating the firmware header with all the data required for the authentication and
integrity checks
The prepareimage tool is delivered in two formats:
Windows
®
executable: the standard Windows
®
command interpreter is required
Python™ scripts: a Python™ interpreter as well as the elements listed in
Middlewares\ST\STM32_Secure_Engine\Utilities\KeysAndImages\readme.txt are
required
The Windows
®
executable enables a quick and easy use of the package with all three
predefined cryptographic schemes. The Python™ scripts, delivered as source code, offer
the possibility to define additional cryptographic schemes in a flexible manner.
Note: Refer to Appendix F and Appendix G for KMS and STSAFE-A specificities.
E.1 Tool location
The Python™ scripts as well as the Windows
®
executable are located in the Secure Engine
component, in folder Middlewares\ST\STM32_Secure_Engine\Utilities\KeysAndImages.
E.2 Inputs
The package is delivered with some default keys and cryptography settings in folder
Applications\2_Images\2_Images SECoreBin\Binary.
Each of the following files can be used as such, or modified to take the user settings into
account:
ECCKEY.txt: private ECC key in PEM format. It is used to sign the firmware header.
This key is not embedded in the SECoreBin, only the corresponding public key is
generated by the tools in file se_key.s
nonce.bin: this is either a nonce (when AES-GCM is used) or an IV (when AES-CBC is
used). This value is added automatically by the tools to the firmware header.
OEM_KEY_COMPANY1_key_AES_CBC.bin: symmetric AES-CBC key. This key is
used for the AES-CBC encryption and decryption operations, and is embedded in file
se_key.s. This file is exclusive with OEM_KEY_COMPANY1_key_AES_GCM.bin
OEM_KEY_COMPANY1_key_AES_GCM.bin: symmetric AES-GCM key. This key is
used for all AES-GCM operations and is embedded in file se_key.s . This file is
exclusive with OEM_KEY_COMPANY1_key_AES_CBC.bin

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the ST X-CUBE-SBSFU and is the answer not in the manual?

ST X-CUBE-SBSFU Specifications

General IconGeneral
BrandST
ModelX-CUBE-SBSFU
CategoryComputer Hardware
LanguageEnglish

Related product manuals