Self Generation script is like this :def generate(): return ECDSA256P1(SigningKey.generate(curve=NIST256p))KEY EXTRACTIONkey = SigningKey.from_pem(pem) if key.curve.name == 'NIST256p': return ECDSA256P1(key) else: raise Exception("Unsupported")is this mean, only NIST256p generated keys ..??Second question is about Firmware encryption support on STM32H753:As mentioned in example, default crypto scheme SECBOOT_ECCDSA_WITH_AES128_CBC_SHA256, is supported on STM32H753 ..??But as i see SECBOOT_ECCDSA_WITH_AES128_CTR_SHA256 scheme is applicable on STM32H7 series with OTFDEC support feature only right ??So can you please tell us on STM32H753VIT6 MCU, what kind of CRYPTO schemes are supported ??

SPati.7

Associate III

Question

is the Asymmetric Cryptography supports ECC NIST256p keys only ..?? Because i tried to generate ECC private key with help of "secp256k1" and got compilation error as NOT SUPPORTED,

Forum|Forum|4 years ago
March 31, 2022
2 replies
2098 views

Self Generation script is like this :

def generate():

return ECDSA256P1(SigningKey.generate(curve=NIST256p))

KEY EXTRACTION

key = SigningKey.from_pem(pem)

if key.curve.name == 'NIST256p':

return ECDSA256P1(key)

else:

raise Exception("Unsupported")

is this mean, only NIST256p generated keys ..??

Second question is about Firmware encryption support on STM32H753:

As mentioned in example, default crypto scheme SECBOOT_ECCDSA_WITH_AES128_CBC_SHA256, is supported on STM32H753 ..??
But as i see SECBOOT_ECCDSA_WITH_AES128_CTR_SHA256 scheme is applicable on STM32H7 series with OTFDEC support feature only right ??

So can you please tell us on STM32H753VIT6 MCU, what kind of CRYPTO schemes are supported ??

This topic has been closed for replies.

SPati.7Author

Associate III

@Jocelyn RICARD Can you please help with the above queries ..??

Jocelyn RICARD

ST Employee

Hello @SPati.7 ,

First, please tag your post with SBSFU. Other supporters following SBSFU may be able to answer as well.

Answer is yes, only one curve is supported in current implementation.

Now, as you have the code you can replace the NIST 256p by the one you want.

You will also have to adapt the python scripts in Middlewares\ST\STM32_Secure_Engine\Utilities\KeysAndImages\ to deal with your specific curve.

Regarding crypto schemes supported you can find them in

Projects\NUCLEO-H753ZI\Applications\2_Images\2_Images_SECoreBin\Inc\se_crypto_config.h:

#define SECBOOT_ECCDSA_WITHOUT_ENCRYPT_SHA256 (1U) /*!< asymmetric crypto, no FW encryption */

#define SECBOOT_ECCDSA_WITH_AES128_CBC_SHA256 (2U) /*!< asymmetric crypto with encrypted Firmware */

#define SECBOOT_AES128_GCM_AES128_GCM_AES128_GCM (3U) /*!< symmetric crypto */

This information can be found in UM2262

Best regards

Jocelyn

Tesla DeLorean

Guru

Mortals can't create new tags, SBSFU doesn't exist as a current tag, I've edited to select existing tag "X-cube-sbsfu"

Tips, Buy me a coffee, or three.. PayPal VenmoUp vote any posts that you find helpful, it shows what's working..

Jocelyn RICARD

ST Employee

Thank you @Community member I should have been more precise!

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded