Ask questions and find answers on STM32 security frameworks and tools, including cryptographic libraries, TrustZone, and the Secure Manager.
Hi everyone,I tried Secure Firmware Install (SFI) with the Nucleo-H563ZI. The process failed, however my device is still accessible. By connecting to the device via Hot plug and Access port 1 I am able to see that the device is in "Provisioning" stat...
Hi,I have SBSFU working with my HW, which has a STM32U585, with some (minor) modifications to the B-U585I-IOT02A example. I also have an application that I need to run with the secure bootloader (as the nonsecure app), developed by a wider team (lets...
Hello, I am using STM32F103c6 cortex-m3. I am using 100 micro controllers in various boards. In some around 10 micro controllers, I have seen a issue of option bytes getting corrupted. Even though I am writing 0xA5 to RDP to remove read protection wh...
I am trying to run ECDH p384 operation on STM32H753.Using the STM32 Cryptolib 4.5.0, I get the CMOX_ECC_ERR_MEMORY_FAIL error during the operationI increased the stack size to the maximumI was able to run this using mbedTLS + hardware blocks like RNG...
Hello,I am interested in the optional decryption sequence part of secure boot on STM32N6 mcu. As described in UM3234 (How to proceed with boot ROM on STM32N6 MCUs) a key derivation function is used to produce an encryption key. However I am not sure ...
Hello Firends,Two Questions...1. Firmware Flash with DFU Bootloader succesfully done along with RDP bit. Can we re-flash the fiirmware once RDP L1 is set before through DFU using USB ? my custom board uses STM32F303Rb device. 2. Each STM32 device has...
Hi, I managed to enable TrustZone by setting the TZEN-bit to 1 like soSTM32_Programmer_CLI -c port=SWD -ob TZEN=1But I can't seem to manage to turn it off the same way. I've tried doing it from the graphical interface as well, with the same results. ...
Hello!Using h563zi I am trying to update the second bank firmware using an application that has a Secure Part (sectors 0-9) and a Non Secure part with Trust Zone enabled. For easier maintenance the update is done from the Non-Secure part.Settings:SEC...
Hi Everybody,I posted a comment here https://community.st.com/t5/stm32-online-courses/stm32h5-secure-manager-course/bc-p/824487/highlight/true#M27 yesterday because I am trying following the online course and what is written in the wiki to start deve...
From the manual UM3254:4.1.4 PSA firmware update service4.1.4.1 DescriptionThis service provides an implementation of the PSA firmware update API defined in [PSAfwuAPI]. It provides a standard and platform-agnostic interface for firmware updates.The ...