Several comprehensive online protection measures read to explain, here a brief summary follows:
Stm32 using a unique ID as an encrypted character code is fixed, 16-bit AES encryption byte ciphertext generated in a manner, and then written into the flash ,, app when the program executed stm32 need to determine the unique ID number and read out the AES decryption are the same, the implementation of programs that would otherwise not executed, tested, but the program for the production of too much trouble, do not use here
ChipUniqueID [2] = * (__ IO u32 *) (0X1FFFF7F0); // high byte
ChipUniqueID [1] = * (__ IO u32 *) (0X1FFFF7EC); //
ChipUniqueID [0] = * (__ IO u32 *) (0X1FFFF7E8); // low byte
ChipUniqueID [3] = 0xffffffff;
printf ( "chip unique ID rn ########### is:% X-% X-% X-% X \ n",
ChipUniqueID [0], ChipUniqueID [1], ChipUniqueID [2], ChipUniqueID [3]);
memcpy (aesKey, "chenjianqun66666", 16); // AES encryption key, 16 bytes (128bit)
memset(expressText ,0 ,1024);
memset(expressText ,0 ,1024);
AES_Decrypt(expressText , cipherText , aesKey);//useaesKey decrypt 解密
count[0] =((u32)expressText[3]<<24)|((u32)expressText[2]<<16)|((u32)expressText[1]<<8)|((u32)expressText[0]);
count[1] =((u32)expressText[7]<<24)|((u32)expressText[6]<<16)|((u32)expressText[5]<<8)|((u32)expressText[4]);
count[2] =((u32)expressText[11]<<24)|((u32)expressText[10]<<16)|((u32)expressText[9]<<8)|((u32)expressText[8]);
if((count[0] == flash[0])&&(count[1]== flash [1])&&(count[2] == flash [2]))
{
// App program
}
Option II:
Stm32 read protection using internal flash read protection function, when the chip card reader can not burn, so the need to re-design of the external trigger signal turns off the read protected program and erase flash, (trigger keys may be employed, when the key pressed, the degree of protection off and erasing) can now be read and re-programmed. (To be tested)
if(GPIO_ReadInputDataBit(GPIOA , GPIO_Pin_0))
{
if(FLASH_GetReadOutProtectionStatus()!=RESET)
{
FLASH_Unlock();
FLASH_ReadOutProtection(DISABLE);
// FLASH_EraseAllPages (); // read protection is released when erasing all
FLASH_Lock (); // locked
}
}
else{
if(FLASH_GetReadOutProtectionStatus()!=SET)
{
FLASH_Unlock (); // not unlock FALSH can also be set to read protection
FLASH_ReadOutProtection(ENABLE);
FLASH_Lock (); // locked
}
}
Here can also be used in internal ram's burned into a piece of code, used to cancel the read and erase protection, you need to burn again when using
Boot0, boot1 ram into the state to start
third solution:
Another way to modify the flash option byte (Option type) official tool stlink utility (refer https://blog.csdn.net/hxiaohai/article/details/78546431?fps=1&locationNum=5) also modify the protection level, but it seems not (you can see from the following files 103 and 103 series no option byte file encryption program can only use the above two, but read protection function because there is no way 207 103 in the second scheme, so You can only set the option byte) modify 0xAA STM32F2xx_OPT.s in RDP register as 0x00, Note: this can not be modified to 0xCC, 0xCC the highest level, this change will cause the value of the chip become a brick
According to information on the Internet: http: //www.51hei.com/mcu/2767.html project file can be added opt.s encryption of flash, but still needs time decryption utility to set the official tool of stlink stlink , or else you need to set a default factory settings option byte sram form in which it can be burned to read and write again
207xx / 40xx chips
103 Chip:
---------------------
Author: lilijianqun
Source: CSDN
Original: https: //blog.csdn.net/lilijianqun/article/details/79861270
Disclaimer: This article as a blogger original article, reproduced, please attach Bowen link!