Skip to main content
L
LucaZa
Associate
June 2, 2025
Question

SBSFU - Updating ECC public key in runtime

  • June 2, 2025
  • 2 replies
  • 583 views

Hello,

I would like to replace ECC public key in SE_Key_region_ROM region from my application in runtime. My device has no protection enabled (RDP, PCROP, WRP). I am able to read and write in the region via CubeProgrammer.

I dumped the 256 bytes of SE_Key_region_ROM but I am unable to identify the public key associated to the ECC private key ECCKEY1.txt. How can I retrieve and identify the public key based on the default private key provided by STM (SE_Key_region_ROM region starts at address 0x08000400) ?


This is my use case :
I have a device is running with default SBSFU configuration (ECCKEY1.txt and OEM_KEY_COMPANY1_key_AES_CBC.bin used to sign and encrypt the firmware). My device supports firmware update OTA by cellular.

I would like to test this procedure :
- Sign a firmware with a new ECC private key and update the device with this firmware.
- After download and before rebooting, the first firmware would copy the ECC public key to SE_Key_region_ROM
- After reboot, the bootloader will check the signature of new firmware with new ECC public key.

Thanks for the support.

Best Regards,

Luca

2 replies

A
ahsrabrifat
Senior III
June 2, 2025

STM provides ECCKEY1.txt (a private key) typically in PEM format. You can extract the public key with openssl:

openssl ec -in ECCKEY1.txt -pubout -outform DER -out ECC_pubkey.der

This gives you a DER-encoded public key.

Now, extract the raw X and Y coordinates (each 32 bytes for secp256r1):

openssl ec -in ECCKEY1.txt -pubout -text -noout

Look for this part in the output:

pub:
 04:xx:xx:...:yy:yy

  • The first byte (04) indicates uncompressed form.

  • The next 32 bytes are X.

  • The final 32 bytes are Y.

You can convert this into a 64-byte array:
Public Key = [X || Y]

L
LucaZaAuthor
Associate
June 2, 2025

Hi Ahsrabrifat,

I extracted the public key following your procedure (see attached file). Unfortunately, I don't find it in Flash in address range [0x08000400 ; 0x08000500].

- Is the region SE_Key_region_ROM encrypted by default ?

- Is the ECC public key always stored at the same place in SE_Key_region_ROM (at least in the default mapping) ? 

Thanks,

Luca 

Jocelyn RICARD
Jocelyn RICARD
ST Employee
June 4, 2025

Hello @LucaZa ,

first your use case is really strange. The purpose of the public key is to authenticate your application. If you are able to change it, then you loose the authentication and open the door.

Regarding your concern, the content of this region is generated by a small script that transforms your binary key into code that can be run in PCROP area. To get the key content the SBSFU runs this code. The code puts the key in RAM. SBSFU can then use it to check authentication.

Please check the prebuild script that generates the se_key.s

Best regards

Jocelyn

Terms & ConditionsAccessibility statement