Provisioning by User Code

martinhaefner9 · ‎2024-10-10

Hi,

is there a possibility to do the complete chain to product state "closed" by non secure user code ?

I have a custom bootloader which usually did a set of the old RDP Level.

Now, with a STM32H57 device we have to use the new product state.

I'm able to set the state to provisioning. But when i use

RSSLIB_PFUNC->NSC.DataProvisioning i end up in a hard fault.

I tried to set the provisioning data by ST Cube programmer later on which succeeded. But unfortunately i can not regress to open because the password is wrong.

Any hints about that ?

Thanks in advance.

Jocelyn RICARD · ‎2024-10-10

Hello @martinhaefner9 ,

yes it is possible to perform provisioning through firmware.

On STM32H573, you need to make sure your device is closed to do the provisioning of the DA keys.

Reason is that DA configuration has to be encrypted using the DHUK, and this key is not available in open state.

To perform the provisioning you can use the helper function provided in STM32Cube_FW_H5_V1.3.0\Projects\STM32H573I-DK\Applications\ROT\OEMiROT_Boot\Src\low_level_obkeys.c

OBK_Flash_WriteEncrypted.

The sequence should be

1) First start of firmware: Detect it is still in open state : Change product state to PROVISIONING and immediately to CLOSED and launch system reset to have this new product state taken into account

2) Second start of firmware: Detect product state is CLOSED. Check DA provisioning in OBKey: not present. You need to have the obk file somewhat hardcoded in your firmware to be able to provide the input buffer to the obk write function. Once obk written, you are done with the DA provisioning

The best would be to provide you an example but I don't have it right now and not much time available.

I'll try to provide something by next week

Best regards

Jocelyn