Relocate encryption key slot to the end of the flash partition

[danielinux]

• Encryption key slot moved to the end of the partition
• When encryption is enabled, partition flag and sector flags bitmap are moved back by ENCRYPT_KEY_SIZE + ENCRYPT_NONCE_SIZE
• Updated uart_flash_server to detect and support encrypted partitions
  ZD 10733

[dgarske]

Hi @danielinux ,

Code changes look great, but I am having trouble validating on the STM32WB55. Here are the steps I've done. Hopefully you can spot the issue with these:

cp ./config/examples/stm32wb-uart-flash-encryption.config .config
make clean
make

st-flash write factory.bin 0x08000000

./tools/scripts/prepare_encrypted_update.sh
./tools/uart-flash-server/ufserver ./test-app/image_v2_signed_and_encrypted.bin /dev/cu.usbmodem14624103

Warning: the binary file provided does not appear to contain a valid firmware partition file. (If the update is encrypted, this is OK)

** TARGET REBOOT **
Version running on target: 1
[|] Writing backup blocks  			^C

Thanks, David

[danielinux]

@dgarske I tested both encrypted and non-encrypted case on STM32WB55.

• For the encrypted case, you may need to reboot twice, because the test application will set the temporary key.

• It could be that the update is not starting because the image is not marked. Please use tools/scripts/prepare_encrypted_update.sh to create update.bin and then launch ufserver with update.bin which is padded and contains the right flag to trigger the installation.

Thanks,

--
Daniele

[dgarske]

Thanks @danielinux . Excellent improvement to the encryption feature.