CKS_CRYTPO sample does not work when loading keys via STM32CubeProgrammer

[james-token]

Describe the set-up

• The board (either ST RPN reference or your custom board): STM32 NUCLEO-WB55RG
• IDE or at least the compiler and its version: STM32CubeIDE 1.16.1, STM32CubeProgrammer 2.17.0

Describe the bug
Using sample CKS_CRYPT (STM32CubeWB\Projects\P-NUCLEO-WB55.Nucleo\Applications\CKS) where the keys are preloaded into FUS by keys/Store_keys.bat and WRITE_KEYS is not defined in the project results in an error (specifically, LED 3 turns on, which as per the sample's readme.txt indicates an error). Debugging the sample, the error occurs when the sample attempts to compare the encrypted text with one that it is expecting. It would appear that the bin files in the Keys directory of the sample are not in the correct format.

How To Reproduce
Follow the steps in readme.txt to load all keys via keys/Store_keys.bat. Make sure that WRITE_KEYS is not defined. Build the project in the IDE and start a debugging session. For the simple, cleartext keys, in file app.cks.c at line 187 the function data_cmp returns a non-zero result, causing function CKS_SimpleKeys to return HAL_ERROR. The same happens for function CKS_EncryptedKeys at line 361.

The file format of the bin files in the Keys directory appear to be wrong, at least for the cleartext keys Simple_128.bin and Simple_256.bin. The structure of the files appears to match the payload described in AN5185 (i.e. key-type, key-len, key). If we remove the key-type and key-length bytes and re-run the process on a new, functioning Nucleo WB55RG, we see that function CKS_SimpleKeys now returns no error.

We are currently unable to to make CKS_EncryptedKeys return correctly. We have attempted to modify Master_Key.bin, Encrypted_128.bin and Encrypted_256.bin by removing the key-type and key-length bytes and loading them onto another new Nucleo WB55 and debugging the sample. We first attempted to only modify Master_Key.bin but also tried with the other two Encrypted files without success.

Keys as provided in the sample appear to not be loaded correctly into FUS such that when they are used the produce incorrect cipher text. AN5185 describes the payload format when communicating the keys, but it does not necessarily indicate the requisite format of the files for simple, master and encrypted key files. As per https://community.st.com/t5/stm32-mcus-security/user-app-not-decrypt/td-p/296628, it would appear that the bin key files might not need the CKS header, but in the referenced link this is only attempted with simple cleartext keys and not master and encrypted keys. If we follow this guidance, we also see that cleartext keys work but not master and encrypted keys.

What is the correct file format for all key types when using STM32CubeProgrammer 2.17.0, or is there a last known working available version that will work with this sample?

Thanks!

[mmedvedtoken]

@ALABSTM to provide some context, this is a near term issue for us, we'd like support quickly if possible.

[ALABSTM]

Hi @james-token and @mmedvedtoken,

Your report has been forwarded to our development teams. I will get back to you as soon as I have their feedback.

Meanwhile, did you try to build the application with WRITE_KEYS symbol defined to check whether the issue persists?

With regards,

[ALABSTM]

ST Internal Reference: 195818

[james-token]

Hi @ALABSTM,

I re-tested the sample with WRITE_KEYS symbol defined. I stepped through the sample and observed no errors unlike I do when the WRITE_KEYS symbol is not defined. With WRITE_KEYS defined, I observe LED1 is turned on when the sample runs, indicating no error, as per the sample documentation.

Thanks.

[ALABSTM]

Hi @james-token,

It looks like there is an issue with the format of the provided binary keys, as you suggested. Investigation is still ongoing. I will let you know once there is something new.

With regards,

[james-token]

Thanks @ALABSTM, will wait for follow up.