Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- STMicroelectronics Community
- STM32 MCUs
- STM32 MCUs Security
- Re: Secure Manager in DFU Mode
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Secure Manager in DFU Mode
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
2024-03-07 01:29 AM - last edited on 2024-03-07 02:59 AM by Amel NASRI
Hello,
Actually am using STM32H5 board am able to load the secure manager using ST-Link Debugger but i would like to load the secure manager using usb dfu mode, is there any possiblity to load it.
Solved! Go to Solution.
Labels:
- Labels:
-
Secure Manager
1 ACCEPTED SOLUTION
Accepted Solutions
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
2024-03-12 02:34 AM
Hello @Hitesh ,
Here are the steps:
1- Go to directory STM32Cube_FW_H5_V1.1.1\Projects\STM32H573I-DK\ROT_Provisioning\SM\
2- Launch provisioning.bat : It will fail at the end because you don't have the board connected but all necessary files have been created
3- Open a command line in same directory
4- set BOOT0 to VDD, power your board, connect USB DFU cable
5- Check DFU connection:
"c:\Program Files\STMicroelectronics\STM32Cube\STM32CubeProgrammer\bin\STM32_Programmer_CLI.exe" -c port=USB1
-------------------------------------------------------------------
STM32CubeProgrammer v2.15.0
-------------------------------------------------------------------
USB speed : Full Speed (12MBit/s)
Manuf. ID : STMicroelectronics
Product ID : DFU in FS Mode
SN : 385E328D3332
DFU protocol: 1.1
Board : --
Device ID : 0x0484
Device name : STM32H5xx
Flash size : 2 MBytes (default)
Device type : MCU
Revision ID : --
Device CPU : Cortex-M336- Install secure manager
"c:\Program Files\STMicroelectronics\STM32Cube\STM32CubeProgrammer\bin\STM32_Programmer_CLI.exe" -c port=USB1 -sfi Binary\SecureManagerPackage.sfi keys\SFI_Global_License.bin -rsse "c:\Program Files\STMicroelectronics\STM32Cube\STM32CubeProgrammer\bin\RSSe\H5\enc_signed_RSSe_SFI_STM32H5_v2.0.0.0.bin"
-------------------------------------------------------------------
STM32CubeProgrammer v2.15.0
-------------------------------------------------------------------
USB speed : Full Speed (12MBit/s)
Manuf. ID : STMicroelectronics
Product ID : DFU in FS Mode
SN : 385E328D3332
DFU protocol: 1.1
Board : --
Device ID : 0x0484
Device name : STM32H5xx
Flash size : 2 MBytes (default)
Device type : MCU
Revision ID : --
Device CPU : Cortex-M33
Protocol Information : static
SFI File Information :
SFI file path : Binary\SecureManagerPackage.sfi
SFI license file path : keys\SFI_Global_License.bin
SFI header information :
SFI protocol version : 2
SFI total number of areas : 13
SFI image version : 0
SFI Areas information :
Parsing Area 1/13 :
Area type : H
Area size : 16
Area destination address : 0x0
Parsing Area 2/13 :
Area type : O
Area size : 112
Area destination address : 0xFFD0100
Parsing Area 3/13 :
Area type : O
Area size : 192
Area destination address : 0xFFD09D0
Parsing Area 4/13 :
Area type : O
Area size : 112
Area destination address : 0xFFD0A80
Parsing Area 5/13 :
Area type : O
Area size : 272
Area destination address : 0xFFD0200
Parsing Area 6/13 :
Area type : S
Area size : 110808
Area destination address : 0x0
Parsing Area 7/13 :
Area type : S
Area size : 128184
Area destination address : 0x0
Parsing Area 8/13 :
Area type : S
Area size : 128184
Area destination address : 0x0
Parsing Area 9/13 :
Area type : S
Area size : 31628
Area destination address : 0x0
Parsing Area 10/13 :
Area type : F
Area size : 14848
Area destination address : 0x806E400
Parsing Area 11/13 :
Area type : F
Area size : 528
Area destination address : 0x8192000
Parsing Area 12/13 :
Area type : F
Area size : 48
Area destination address : 0x8193FD0
Parsing Area 13/13 :
Area type : C
Area size : 48
Area destination address : 0x0
Reconnecting...
Time elapsed during option Bytes configuration: 00:00:00.094
Warning: Option Byte: BOOT_UBE, value: 0xB4, was not modified.
Warning: Option Bytes are unchanged, Data won't be downloaded
Time elapsed during option Bytes configuration: 00:00:00.006
Warning: Option Byte: SECBOOT_LOCK, value: 0xC3, was not modified.
Warning: Option Bytes are unchanged, Data won't be downloaded
Time elapsed during option Bytes configuration: 00:00:00.003
Warning: Option Byte: SECBOOTADD, value: 0xC0000, was not modified.
Warning: Option Byte: SECWM1_STRT, value: 0x0, was not modified.
Warning: Option Byte: SRAM1_3_RST, value: 0x1, was not modified.
Warning: Option Byte: SRAM2_ECC, value: 0x0, was not modified.
Warning: Option Byte: SRAM2_RST, value: 0x0, was not modified.
Reconnecting...
Reconnecting...
Time elapsed during option Bytes configuration: 00:00:00.177
Reconnecting...
Reconnecting...
Reconnected !
Time elapsed during option Bytes configuration: 00:00:01.242
Installing RSSe
Memory Programming ...
Opening and parsing file: enc_signed_RSSe_SFI_STM32H5_v2.0.0.0.bin
File : enc_signed_RSSe_SFI_STM32H5_v2.0.0.0.bin
Size : 53.78 KB
Address : 0x20054100
Erasing memory corresponding to segment 0:
Not flash Memory : No erase done
Download in Progress:
File download complete
Time elapsed during download operation: 00:00:00.106
Get RSSe status...
RSS version = 2.2.0
RSSe version = 2.0.0
Starting SFI
Processing license...
Get RSSe status...
Processing Image Header
Get RSSe status...
Processing Area 1...
Get RSSe status...
Area Address = 0x0
Area Type = H
Processing Area 2...
Get RSSe status...
Area Address = 0xFFD0100
Area Type = O
Processing Area 3...
Get RSSe status...
Area Address = 0xFFD09D0
Area Type = O
Processing Area 4...
Get RSSe status...
Area Address = 0xFFD0A80
Area Type = O
Processing Area 5...
Get RSSe status...
Area Address = 0xFFD0200
Area Type = O
Processing Area 6...
Get RSSe status...
Area Address = 0x0
Area Type = S
Processing Area 7...
Get RSSe status...
Area Address = 0x0
Area Type = S
Processing Area 8...
Get RSSe status...
Area Address = 0x0
Area Type = S
Processing Area 9...
Get RSSe status...
Area Address = 0x0
Area Type = S
Processing Area 10...
Get RSSe status...
Area Address = 0x806E400
Area Type = F
Processing Area 11...
Get RSSe status...
Area Address = 0x8192000
Area Type = F
Processing Area 12...
Get RSSe status...
Area Address = 0x8193FD0
Area Type = F
Processing Area 13...
Can not verify last area
Area Address = 0x0
Area Type = C
SFI Process Finished!
SFI file Binary\SecureManagerPackage.sfi Install Operation Success
Time elapsed during SFI install operation: 00:00:12.703
Best regards
Jocelyn
10 REPLIES 10
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
2024-03-07 05:04 AM
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
2024-03-07 10:07 AM
Hi @Hitesh
I checked with the team, yes it is possible to load the secure manager using the USB DFU mode. This can be done using the same operations in STM32CubeProgrammer with DFU mode.
I'm searching if there is any demo or documentation available to share, I let you know.
best regards,
Younes
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
2024-03-11 10:32 PM
Hi am using STM32H573I-DK board.
Kindly explain the process how to load the manager in DFU Mode
Thanks
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
2024-03-12 02:34 AM
Hello @Hitesh ,
Here are the steps:
1- Go to directory STM32Cube_FW_H5_V1.1.1\Projects\STM32H573I-DK\ROT_Provisioning\SM\
2- Launch provisioning.bat : It will fail at the end because you don't have the board connected but all necessary files have been created
3- Open a command line in same directory
4- set BOOT0 to VDD, power your board, connect USB DFU cable
5- Check DFU connection:
"c:\Program Files\STMicroelectronics\STM32Cube\STM32CubeProgrammer\bin\STM32_Programmer_CLI.exe" -c port=USB1
-------------------------------------------------------------------
STM32CubeProgrammer v2.15.0
-------------------------------------------------------------------
USB speed : Full Speed (12MBit/s)
Manuf. ID : STMicroelectronics
Product ID : DFU in FS Mode
SN : 385E328D3332
DFU protocol: 1.1
Board : --
Device ID : 0x0484
Device name : STM32H5xx
Flash size : 2 MBytes (default)
Device type : MCU
Revision ID : --
Device CPU : Cortex-M336- Install secure manager
"c:\Program Files\STMicroelectronics\STM32Cube\STM32CubeProgrammer\bin\STM32_Programmer_CLI.exe" -c port=USB1 -sfi Binary\SecureManagerPackage.sfi keys\SFI_Global_License.bin -rsse "c:\Program Files\STMicroelectronics\STM32Cube\STM32CubeProgrammer\bin\RSSe\H5\enc_signed_RSSe_SFI_STM32H5_v2.0.0.0.bin"
-------------------------------------------------------------------
STM32CubeProgrammer v2.15.0
-------------------------------------------------------------------
USB speed : Full Speed (12MBit/s)
Manuf. ID : STMicroelectronics
Product ID : DFU in FS Mode
SN : 385E328D3332
DFU protocol: 1.1
Board : --
Device ID : 0x0484
Device name : STM32H5xx
Flash size : 2 MBytes (default)
Device type : MCU
Revision ID : --
Device CPU : Cortex-M33
Protocol Information : static
SFI File Information :
SFI file path : Binary\SecureManagerPackage.sfi
SFI license file path : keys\SFI_Global_License.bin
SFI header information :
SFI protocol version : 2
SFI total number of areas : 13
SFI image version : 0
SFI Areas information :
Parsing Area 1/13 :
Area type : H
Area size : 16
Area destination address : 0x0
Parsing Area 2/13 :
Area type : O
Area size : 112
Area destination address : 0xFFD0100
Parsing Area 3/13 :
Area type : O
Area size : 192
Area destination address : 0xFFD09D0
Parsing Area 4/13 :
Area type : O
Area size : 112
Area destination address : 0xFFD0A80
Parsing Area 5/13 :
Area type : O
Area size : 272
Area destination address : 0xFFD0200
Parsing Area 6/13 :
Area type : S
Area size : 110808
Area destination address : 0x0
Parsing Area 7/13 :
Area type : S
Area size : 128184
Area destination address : 0x0
Parsing Area 8/13 :
Area type : S
Area size : 128184
Area destination address : 0x0
Parsing Area 9/13 :
Area type : S
Area size : 31628
Area destination address : 0x0
Parsing Area 10/13 :
Area type : F
Area size : 14848
Area destination address : 0x806E400
Parsing Area 11/13 :
Area type : F
Area size : 528
Area destination address : 0x8192000
Parsing Area 12/13 :
Area type : F
Area size : 48
Area destination address : 0x8193FD0
Parsing Area 13/13 :
Area type : C
Area size : 48
Area destination address : 0x0
Reconnecting...
Time elapsed during option Bytes configuration: 00:00:00.094
Warning: Option Byte: BOOT_UBE, value: 0xB4, was not modified.
Warning: Option Bytes are unchanged, Data won't be downloaded
Time elapsed during option Bytes configuration: 00:00:00.006
Warning: Option Byte: SECBOOT_LOCK, value: 0xC3, was not modified.
Warning: Option Bytes are unchanged, Data won't be downloaded
Time elapsed during option Bytes configuration: 00:00:00.003
Warning: Option Byte: SECBOOTADD, value: 0xC0000, was not modified.
Warning: Option Byte: SECWM1_STRT, value: 0x0, was not modified.
Warning: Option Byte: SRAM1_3_RST, value: 0x1, was not modified.
Warning: Option Byte: SRAM2_ECC, value: 0x0, was not modified.
Warning: Option Byte: SRAM2_RST, value: 0x0, was not modified.
Reconnecting...
Reconnecting...
Time elapsed during option Bytes configuration: 00:00:00.177
Reconnecting...
Reconnecting...
Reconnected !
Time elapsed during option Bytes configuration: 00:00:01.242
Installing RSSe
Memory Programming ...
Opening and parsing file: enc_signed_RSSe_SFI_STM32H5_v2.0.0.0.bin
File : enc_signed_RSSe_SFI_STM32H5_v2.0.0.0.bin
Size : 53.78 KB
Address : 0x20054100
Erasing memory corresponding to segment 0:
Not flash Memory : No erase done
Download in Progress:
File download complete
Time elapsed during download operation: 00:00:00.106
Get RSSe status...
RSS version = 2.2.0
RSSe version = 2.0.0
Starting SFI
Processing license...
Get RSSe status...
Processing Image Header
Get RSSe status...
Processing Area 1...
Get RSSe status...
Area Address = 0x0
Area Type = H
Processing Area 2...
Get RSSe status...
Area Address = 0xFFD0100
Area Type = O
Processing Area 3...
Get RSSe status...
Area Address = 0xFFD09D0
Area Type = O
Processing Area 4...
Get RSSe status...
Area Address = 0xFFD0A80
Area Type = O
Processing Area 5...
Get RSSe status...
Area Address = 0xFFD0200
Area Type = O
Processing Area 6...
Get RSSe status...
Area Address = 0x0
Area Type = S
Processing Area 7...
Get RSSe status...
Area Address = 0x0
Area Type = S
Processing Area 8...
Get RSSe status...
Area Address = 0x0
Area Type = S
Processing Area 9...
Get RSSe status...
Area Address = 0x0
Area Type = S
Processing Area 10...
Get RSSe status...
Area Address = 0x806E400
Area Type = F
Processing Area 11...
Get RSSe status...
Area Address = 0x8192000
Area Type = F
Processing Area 12...
Get RSSe status...
Area Address = 0x8193FD0
Area Type = F
Processing Area 13...
Can not verify last area
Area Address = 0x0
Area Type = C
SFI Process Finished!
SFI file Binary\SecureManagerPackage.sfi Install Operation Success
Time elapsed during SFI install operation: 00:00:12.703
Best regards
Jocelyn
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
2024-03-13 04:24 AM
Hi, @Jocelyn RICARD
Thanks for the quick response, it worked as you mentioned.
Please also let me know the process of regression (Debug Authentication)
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
2024-03-13 07:26 AM
Hello @Hitesh ,
Debug authentication requires usage of JTAG/SWD. No possibility to do this through USB.
So, you just need to use the regression.bat located in
STM32Cube_FW_H5_V1.1.1\Projects\STM32H573I-DK\ROT_Provisioning\DA\Certificates\
Best regards
Jocelyn
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
2024-03-13 10:03 PM
Thanks @Jocelyn RICARD , for your support.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
2024-11-12 02:29 PM
@Jocelyn RICARD I followed your steps to provision my H573I-DK board, but got the following error:
C:\projects\Secure\GSV1_SM\ROT_Provisioning\SM>"c:\Program Files\STMicroelectronics\STM32Cube\STM32CubeProgrammer\bin\STM32_Programmer_CLI.exe" -c port=USB1 -sfi Binary\SecureManagerPackage.sfi keys\SFI_Global_License.bin -rsse "c:\Program Files\STMicroelectronics\STM32Cube\STM32CubeProgrammer\bin\RSSe\H5\enc_signed_RSSe_SFI_STM32H5_2M_v2.0.1.0.bin"
-------------------------------------------------------------------
STM32CubeProgrammer v2.17.0
-------------------------------------------------------------------
USB speed : Full Speed (12MBit/s)
Manuf. ID : STMicroelectronics
Product ID : DFU in FS Mode
SN : 3658B23E3231
DFU protocol: 1.1
Board : --
Device ID : 0x0484
Device name : STM32H56x/573
Flash size : 2 MBytes (default)
Device type : MCU
Revision ID : --
Device CPU : Cortex-M33
Protocol Information : static
SFI File Information :
SFI file path : Binary\SecureManagerPackage.sfi
SFI license file path : keys\SFI_Global_License.bin
SFI header information :
SFI protocol version : 2
SFI total number of areas : 12
SFI image version : 0
SFI Areas information :
Parsing Area 1/12 :
Area type : H
Area size : 16
Area destination address : 0x0
Parsing Area 2/12 :
Area type : O
Area size : 112
Area destination address : 0xFFD0100
Parsing Area 3/12 :
Area type : O
Area size : 192
Area destination address : 0xFFD09D0
Parsing Area 4/12 :
Area type : O
Area size : 112
Area destination address : 0xFFD0A80
Parsing Area 5/12 :
Area type : O
Area size : 272
Area destination address : 0xFFD0200
Parsing Area 6/12 :
Area type : S
Area size : 110808
Area destination address : 0x0
Parsing Area 7/12 :
Area type : S
Area size : 128184
Area destination address : 0x0
Parsing Area 8/12 :
Area type : S
Area size : 77800
Area destination address : 0x0
Parsing Area 9/12 :
Area type : F
Area size : 15312
Area destination address : 0x805A400
Parsing Area 10/12 :
Area type : F
Area size : 528
Area destination address : 0x81A6000
Parsing Area 11/12 :
Area type : F
Area size : 48
Area destination address : 0x81A7FD0
Parsing Area 12/12 :
Area type : C
Area size : 48
Area destination address : 0x0
Warning: Option Byte: BOOT_UBE, value: 0xB4, was not modified.
Warning: Option Bytes are unchanged, Data won't be downloaded
Time elapsed during option Bytes configuration: 00:00:00.002
Warning: Option Byte: SECBOOT_LOCK, value: 0xC3, was not modified.
Warning: Option Bytes are unchanged, Data won't be downloaded
Time elapsed during option Bytes configuration: 00:00:00.003
Warning: Option Byte: SECBOOTADD, value: 0xC0000, was not modified.
Warning: Option Byte: SECWM1_END, value: 0x7F, was not modified.
Warning: Option Byte: SECWM1_STRT, value: 0x0, was not modified.
Warning: Option Byte: SECWM2_END, value: 0x7F, was not modified.
Warning: Option Byte: SECWM2_STRT, value: 0x0, was not modified.
Warning: Option Byte: SRAM1_3_RST, value: 0x1, was not modified.
Warning: Option Byte: SRAM2_ECC, value: 0x0, was not modified.
Warning: Option Byte: SRAM2_RST, value: 0x0, was not modified.
Warning: Option Bytes are unchanged, Data won't be downloaded
Time elapsed during option Bytes configuration: 00:00:00.003
Reconnecting...
Time elapsed during option Bytes configuration: 00:00:00.710
Installing RSSe
Memory Programming ...
Opening and parsing file: enc_signed_RSSe_SFI_STM32H5_2M_v2.0.1.0.bin
File : enc_signed_RSSe_SFI_STM32H5_2M_v2.0.1.0.bin
Size : 55.31 KB
Address : 0x20050300
Erasing memory corresponding to segment 0:
Not flash Memory : No erase done
Download in Progress:
File download complete
Time elapsed during download operation: 00:00:00.111
Get RSSe status...
Error: Failed to get RSSe Status!
Error: Cannot launch RSSe...
Error: Binary\SecureManagerPackage.sfi SFI file Install Operation Failure! Please, try again.
Any suggestions?
Thank you!
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
2024-11-12 08:00 PM
One difference in the output was that yours had a "Reconnected !" before Installing RSSe, not sure if that matters.
Reconnecting... Reconnected ! Time elapsed during option Bytes configuration: 00:00:01.242 Installing RSSe
Related Content
- Is psa_generate_random() equivalent to HAL_RNG_GenerateRandomNumber()? in STM32 MCUs Security
- How to access UID_BASE from non-secure app in STM32H573? in STM32 MCUs Security
- Issue with USB CDC-ACM on STM32U5G9ZJT6Q - Device Not Recognized in Device Manager in STM32 MCUs Embedded software
- Failed to provision Secure Manager 1.2 in STM32 MCUs Security
- Debug issue in STM32H7S78-DK when I have added external memory segments in the linker files. in STM32 MCUs TouchGFX and GUI