Ask questions and find answers on STM32 security frameworks and tools, including cryptographic libraries, TrustZone, and the Secure Manager.
How can the debug interface on the STM32H573 be permanently locked via nonvolatile configuration or fuse?The SBS chapter of the manual saysThe debug configuration can be locked thanks to DBGCFG_LOCK in SBS_DBGLOCKR.SBS_DBGCR is then no longer writabl...
Hello!I am trying to provision a DA certificate on STM32H563 through CANFD Bootloader in system memory.I am calling special function 0x83 as described in AN2606 and AN5405. As I can understand, this is an RSSLIB_PFUNC->DataProvisioning.I am filling t...
Hello,I have two applications: one at 0x08000000 and one at 0x08080000. Both run fine individually (when setting the boot config bytes to the fitting offset). Now I want to use the one at 0x08000000 as secure area and escape it by using exitSecureAre...
When I tried it, got the following error:2025-04-18 14:58:31,172 - DEBUG - Executing command: "C:\Program Files\STMicroelectronics\STM32Cube\STM32CubeProgrammer\bin\STM32_Programmer_CLI.exe" -c port=JLINK debugauth=22025-04-18 14:58:31,674 - DEBUG - ...
Post edited by ST moderator to be inline with the community rules especially with the code sharing. In next time please use </> button to paste your code. Please read this post: How to insert source code Hello,I am trying to use AES GCM on the STM32U...
There are several peripherals that have a separate layer of protection based on privileged/unprivileged, here are some examples from the reference manual:MCE:39.2 MCE main features"AHB configuration port, privileged aware"RTC:49.2 RTC main features"A...
Hi, I’m working on porting TF-M to a custom hardware platform based on the STM32U545 running Zephyr. As a starting point, I copied the existing b_u585_iot02a platform and adjusted it for the STM32U545’s 512 KB Flash. However, I haven’t been able to g...
Hi everyone!In our project for stm32f446, we are trying to use X-CUBE-CRYPTOLIB to verify the firmware signature on the device using ED25519. Unfortunately, when trying to call the cmox_eddsa_verify method, we get the CMOX_ECC_ERR_MEMORY_FAIL error. ...
Hi Team,Firmware file are just signed not encrypted through STM32 SigningTool - stm32mcu (STM32_SigningTool_CLI.exe) after generating public and private keys through STM32_KeyGen_CLI.exe.Public key in raw 64 bytes is provided to bootloader_main.c as ...
What is the meaning of the FLASH_OBKCR.NEXTKL field while executing within HDPL_0 (e.g., during execution of ST RSS)?This question might seem irrelevant to me as I'm a user and user code will never execute within HDPL_0, but it might be important fro...