STM32 attestation Key Wrap tool

In the context of symmetric or asymmetric cryptography, protecting secret keys is essential. To address this need, ST proposes a solution that ensures keys remain secret at all times and are usable only on a specific device. For that purpose, on STM32, two elements are required:

  • The first element is a hardware coupling and chaining bridge (CCB) that isolates key manipulation within hardware cryptographic IPs.
  • The second element is a Root Security Services extension (RSSe) library that allows user firmware to use the secret key without providing access to the key itself. In this document, the library is referenced as RSSe KW (RSSe for Key Wrap), and the output is referenced as wrapped key.

The RSSe Key Wrap extracts the wrapped DUA key from the device. As input, the user specifies the execution domain in which the application intends to use the DUA key, for example secure HDPL3. The wrapped DUA key can then be used only within that specific context during application execution.

A detailed description of RSSe KW is provided in AN6278


1. RSSe key wrapping for DUA

Provisioning unique keys can be required for some use cases, such as initial attestation. This step is crucial and can be costly to guarantee the uniqueness and confidentiality of the keys. STMicroelectronics addresses this challenge by provisioning each applicable STM32 device with unique key pairs, called device unique authentication (DUA) keys, in secure facilities. These keys are elliptic curve cryptographic (ECC) keys. The public key is accessible through a certificate signed by an STMicroelectronics certificate authority (CA), while the wrapped private key is accessible only through the RSSe KW.

2. RSSe KW principles overview

RSSe KW is a library implemented in STM32 microcontrollers that get wrapped DUA keys. The main goal of RSSe KW is to provide wrapped keys usable only on one specific device. The RSSe KW prevents the sensitive keys from:

  • Being accessed by any firmware or debugging access.
  • Being used by another device (including STM32).

3. DUA wrapped key usage contexts

The output of the RSSe key wrap (KW) includes the selected DUA key, wrapped for a specific context, and the elements required to use it. The specific context depends on the following:

  • The security state: secure or nonsecure
  • The privilege state: privileged or unprivileged
  • The key usage: signature computation or scalar multiplication computation (for ECC keys)
  • The Epoch counter selection (depending on the series).

All these elements can be selected when starting the key wrap command.

Warning
The output wrapped key can only be used on the specific device for which it was requested.. Moreover, it can only be used in the context requested during the service call. This allows the user to restrict the usage of the key to the context needed.


Refer to KW article of each serie to get the list of allowed contexts.

4. RSSe KW interface

Using STM32CubeProgrammer, the user can obtain the wrapped key with one command. The output container is stored in a binary file selected by the user.

If a custom tool is used, install the RSSe KW in STM32 RAM before receiving the KW command, as described in AN6278