STMicroelectronics UM2542 STM32MPx Series Key Generator Software User Manual
- September 14, 2024
- STMicroelectronics
Table of Contents
UM2542 STM32MPx Series Key Generator Software
Product Information
Specifications
- Product Name: STM32MPx series key generator software
- Version: UM2542 – Rev 3
- Release Date: June 2024
- Manufacturer: STMicroelectronics
Product Usage Instructions
1. Install STM32MP-KeyGen
To install the STM32MP-KeyGen software, follow the installation
instructions provided in the user manual.
2. STM32MP-KeyGen Command Line Interface
The STM32MP-KeyGen software can be used from the command line
interface. Below are the available commands:
- –private-key (-prvk)
- –public-key (-pubk)
- –public-key-hash (-hash)
- –absolute-path (-abs)
- –password (-pwd)
- –prvkey-enc (-pe)
- –ecc-algo (-ecc)
- –help (-h and -?)
- –version (-v)
- –number-key (-n)
3. Examples
Here are some examples of how to use STM32MP-KeyGen:
-
* Example 1: -abs /home/user/KeyFolder/ -pwd azerty- Example 2: -abs /home/user/KeyFolder/ -pwd azerty -pe
aes128
- Example 2: -abs /home/user/KeyFolder/ -pwd azerty -pe
FAQ
Q: How many key pairs can be generated at once?
A: You can generate up to eight key pairs simultaneously by
providing eight passwords.
Q: What encryption algorithms are supported?
A: The software supports aes256 and aes128 encryption
algorithms.
UM2542
User manual
STM32MPx series key generator software description
Introduction
The STM32MPx series key generator software (named STM32MP-KeyGen in this
document) is integrated in the STM32CubeProgrammer (STM32CubeProg). STM32MP-
KeyGen is a tool that generates the ECC keys pair needed for signing binary
images. The generated keys are used by the STM32 Signing tool for signing
process. STM32MP-KeyGen generates a public key file, a private key file and a
hash public key file. The public key file contains the generated ECC public
key in PEM format. The private key file contains the encrypted ECC private key
in PEM format. The encryption can be done using the aes 128 cbc or aes 256 cbc
ciphers. The cipher selection is done using the –prvkey-enc option. The hash
public key file contains the SHA-256 hash of the public key in binary format.
The SHA-256 hash is calculated based on the public key without any encoding
format. The first byte of the public key is present just to indicate whether
the public key is in compressed or uncompressed format. Since only
uncompressed format is supported, this byte is removed.
DT51280V1
UM2542 – Rev 3 – June 2024 For further information contact your local STMicroelectronics sales office.
www.st.com
1
Note:
UM2542
Install STM32MP-KeyGen
Install STM32MP-KeyGen
This tool is installed with the STM32CubeProgrammer package (STM32CubeProg).
For more information about the set-up procedure, refer to the section 1.2 of
the user manual STM32CubeProgrammer software description (UM2237). This
software applies to the STM32MPx series Arm®-based MPUs. Arm is a registered
trademark of Arm Limited (or its subsidiaries) in the US and/or elsewhere.
UM2542 – Rev 3
page 2/8
UM2542
STM32MP-KeyGen command line interface
2
STM32MP-KeyGen command line interface
The following sections describe how to use STM32MP-KeyGen from command line.
2.1
Commands
The available commands are listed below:
·
–private-key (-prvk)
Description: private key file path (.pem extension)
Syntax: -prvk
Example: -prvk ../privateKey.pem
·
–public-key (-pubk)
Description: Public key file path (.pem extension)
Syntax: -pubk
Example: -pubk C:publicKey.pem
·
–public-key-hash (-hash)
Description: Hash image file path (.bin extension)
Syntax: -hash
·
–absolute-path (-abs)
Description: Absolute path for output files
Syntax: -abs
Example: -abs C:KeyFolder
·
–password (-pwd)
Description: Password of the private key (this password must contain at least four characters)
Example: -pwd azerty
Note:
Include eight passwords to generate eight keypairs.
Syntax 1:-pwd
Syntax 2: -pwd
·
–prvkey-enc (-pe)
Description: Encrypting private key algorithm (aes128/aes256) (aes256 algorithm is the default algorithm)
Syntax: -pe aes128
·
–ecc-algo (-ecc)
Description: ECC algorithm for keys generation (prime256v1/brainpoolP256t1) (prime256v1 is the default algorithm)
Syntax: -ecc prime256v1
·
–help (-h and -?)
Description: Shows help.
·
–version (-v)
Description: Displays the tool version.
·
–number-key (-n)
Description: Generate number of key pairs {1 or 8} with Hash of table file
Syntax: -n
UM2542 – Rev 3
page 3/8
UM2542
STM32MP-KeyGen command line interface
2.2
Examples
The following examples show how to use STM32MP-KeyGen:
·
Example 1
-abs /home/user/KeyFolder/ -pwd azerty
All files (publicKey.pem, privateKey.pem and publicKeyhash.bin) are created in the /home/user/KeyFolder/ folder. The private key is encrypted with the aes256 default algorithm.
·
Example 2
-abs /home/user/keyFolder/ -pwd azerty pe aes128
All files (publicKey.pem, privateKey.pem and publicKeyhash.bin) are created in the /home/user/KeyFolder/ folder. The private key is encrypted with the aes128 algorithm.
·
Example 3
-pubk /home/user/public.pem prvk /home/user/Folder1/Folder2/private.pem hash /home/user/pubKeyHash.bin pwd azerty
Even if the Folder1 and Folder2 does not exist, they are created.
·
Example 4
Generate eight key pairs in the working directory:
./STM32MP_KeyGen_CLI.exe -abs . -pwd abc1 abc2 abc3 abc4 abc5 abc6 abc7 abc8 -n 8
The output gives the following files: eight public key files: publicKey0x{0..7}.pem eight private key files: privateKey0x{0..7}.pem eight public key hash files: publicKeyHash0x{0..7}.bin one file of PKTH: publicKeysHashHashes.bin
·
Example 5
Generate one key pair in the working directory:
./STM32MP_KeyGen_CLI.exe -abs . -pwd abc1 -n 1
The output gives the following files: one public key file: publicKey.pem one private key file: privateKey.pem one public key hash file: publicKeyHash.bin one file of PKTH: publicKeysHashHashes.bin
UM2542 – Rev 3
page 4/8
UM2542
STM32MP-KeyGen command line interface
2.3
Standalone mode
When executing STM32MP-KeyGen in Standalone mode, an absolute path and a password are requested as shown in the figure below.
Figure 1. STM32MP-KeyGen in Standalone mode
When the user press
UM2542 – Rev 3
page 5/8
Revision history
Date 14-Feb-2019 24-Nov-2021
26-Jun-2024
Table 1. Document revision history
Version 1 2
3
Changes
Initial release.
Updated: · Section 2.1: Commands · Section 2.2: Examples
Replaced in the whole document: · STM32MP1 series by STM32MPx series ·
STM32MP1-KeyGen by STM32MP-KeyGen
UM2542
UM2542 – Rev 3
page 6/8
UM2542
Contents
Contents
1 Install STM32MP-KeyGen . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2 2 STM32MP-
KeyGen command line interface. . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . 3
2.1 Commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 2.2
Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 2.3
Standalone mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 Revision
history . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6
UM2542 – Rev 3
page 7/8
UM2542
IMPORTANT NOTICE READ CAREFULLY STMicroelectronics NV and its subsidiaries
(“ST”) reserve the right to make changes, corrections, enhancements,
modifications, and improvements to ST products and/or to this document at any
time without notice. Purchasers should obtain the latest relevant information
on ST products before placing orders. ST products are sold pursuant to ST’s
terms and conditions of sale in place at the time of order acknowledgment.
Purchasers are solely responsible for the choice, selection, and use of ST
products and ST assumes no liability for application assistance or the design
of purchasers’ products. No license, express or implied, to any intellectual
property right is granted by ST herein. Resale of ST products with provisions
different from the information set forth herein shall void any warranty
granted by ST for such product. ST and the ST logo are trademarks of ST. For
additional information about ST trademarks, refer to www.st.com/trademarks.
All other product or service names are the property of their respective
owners. Information in this document supersedes and replaces information
previously supplied in any prior versions of this document.
© 2024 STMicroelectronics All rights reserved
UM2542 – Rev 3
page 8/8
Read User Manual Online (PDF format)
Read User Manual Online (PDF format) >>