STM32 MCUs Security

Resolved! STM32H753 SBSFU unable to transfer application firmware

Hello.I'm having trouble transfer the UserApp to SBSFU. Here's the description of the issue. Any help is appreciated!I prepared the NUCLEO-H753ZI board by disabling all the security and fully erase the board (by setting RDP level 1->0 ).I'm using the...

STM 32F4xx - what hacks are known around Level 2 security?

It seems perfectly possible, under Level 2, to have a "boot block" which accepts a firmware block (say via USB MSC or via HTTP), encrypted with a key stored in the boot block, and you have a product whose firmware can be upgraded but can't be extract...

Problem with ST cryptographic library (CMOX) AES CBC encryption

We are doing updates on a project which uses STM32H747 and ST cryptographic library (CMOX) / X-CUBE-CRYPTOLIB. It encrypts and decrypts data using these two functions:cmox_cipher_encrypt(CMOX_AES_CBC_ENC_ALGO, ....cmox_cipher_decrypt(CMOX_AES_CBC_DEC...

RDP protection code for STM32H563IIK6

We are using the STM32H563IIK6 in our Device.I want to Enabled CRP protection. We are thinking use Level1only. Please can you share any test code.

OSPI_NOR usage with SBSFU (B-U585I-IOT02A)

Hi, I've decided to create a new post based on the similar one (https://community.st.com/t5/stm32-mcus-security/solved-stm32u5-tfm-example-b-u585i-iot02a-memory-mapped-psram/td-p/108722) which has been solved but doesn't work for me.The problem is as...

How to implement cryp library to SBSFU

HiI am using the SBSFU application on the stm32u585 board and I am trying to use the crypto library as explained in the CRYP_SAES_ECB_CBC example but the error_handler is triggered when the MX_SAES_AES_Init is initialized.Any help?

CRP protection not working on STM32H563IIK6

I tried CRP protection for STM32H563IIK6. But is it not working. This is the code.#define OB_RDP_LEVEL_0 ((uint8_t)0xAA)#define OB_RDP_LEVEL_1 ((uint8_t)0x55)#define OB_RDP_LEVEL_2 ((uint8_t)0xCC)HAL_StatusTypeDef FLASH_If_WriteProtectionConfig(uint3...

ANSSI certification for STM32U5

Hi, I'm quite familiar with STM32 trustzone features. Also I know due to there's a random number generator it should be ANSSI capable. But I can't find anywhere a text "ANSSI". Have you as a ST already applied a ANSSI certificate for STM32U545 or any...

STM32F423ZHT6 is Support for Secure Boot?

Hi, good morning, sir/madam.We are using a STM32F423ZHT6 MCU for Smart Lock in our project.We have some security purposes for our lock and need security boot options.So please clarify this MCU has secure boot options. If this MCU has secure boot opti...

Resolved! Topic: Increase the space of SBSFU_Secure Application in SBSFU application

Hello We are testing the SBSFU project on STM32U585 released in the cubeu5 project and came to see that the secure project uses 14kb of size and non secure approximate 1.2MB. Our requirement is to add some modules into the secure area and we need to ...

STM32 MCUs Security

Forum Posts

Resolved! STM32H753 SBSFU unable to transfer application firmware

STM 32F4xx - what hacks are known around Level 2 security?

Problem with ST cryptographic library (CMOX) AES CBC encryption

RDP protection code for STM32H563IIK6

OSPI_NOR usage with SBSFU (B-U585I-IOT02A)

How to implement cryp library to SBSFU

CRP protection not working on STM32H563IIK6

ANSSI certification for STM32U5

STM32F423ZHT6 is Support for Secure Boot?

Resolved! Topic: Increase the space of SBSFU_Secure Application in SBSFU application

Could not disable Encryption in STM32 Trusted Pack...

is RDP LEVEL 1 Enough?

STM32H743 with STM32CubeIDE automatically save CRC...

STM32H563 Warning: The Core is locked up

Public Key decompression, get Y from X: HAL_PKA_Mo...

How to set the firmware using X-CUBE-MATTER's SBSF...