2024-03-07 01:29 AM - last edited on 2024-03-07 02:59 AM by Amel NASRI
Hello,
Actually am using STM32H5 board am able to load the secure manager using ST-Link Debugger but i would like to load the secure manager using usb dfu mode, is there any possiblity to load it.
Solved! Go to Solution.
2024-03-12 02:34 AM
Hello @Hitesh ,
Here are the steps:
1- Go to directory STM32Cube_FW_H5_V1.1.1\Projects\STM32H573I-DK\ROT_Provisioning\SM\
2- Launch provisioning.bat : It will fail at the end because you don't have the board connected but all necessary files have been created
3- Open a command line in same directory
4- set BOOT0 to VDD, power your board, connect USB DFU cable
5- Check DFU connection:
"c:\Program Files\STMicroelectronics\STM32Cube\STM32CubeProgrammer\bin\STM32_Programmer_CLI.exe" -c port=USB1
-------------------------------------------------------------------
STM32CubeProgrammer v2.15.0
-------------------------------------------------------------------
USB speed : Full Speed (12MBit/s)
Manuf. ID : STMicroelectronics
Product ID : DFU in FS Mode
SN : 385E328D3332
DFU protocol: 1.1
Board : --
Device ID : 0x0484
Device name : STM32H5xx
Flash size : 2 MBytes (default)
Device type : MCU
Revision ID : --
Device CPU : Cortex-M33
6- Install secure manager
"c:\Program Files\STMicroelectronics\STM32Cube\STM32CubeProgrammer\bin\STM32_Programmer_CLI.exe" -c port=USB1 -sfi Binary\SecureManagerPackage.sfi keys\SFI_Global_License.bin -rsse "c:\Program Files\STMicroelectronics\STM32Cube\STM32CubeProgrammer\bin\RSSe\H5\enc_signed_RSSe_SFI_STM32H5_v2.0.0.0.bin"
-------------------------------------------------------------------
STM32CubeProgrammer v2.15.0
-------------------------------------------------------------------
USB speed : Full Speed (12MBit/s)
Manuf. ID : STMicroelectronics
Product ID : DFU in FS Mode
SN : 385E328D3332
DFU protocol: 1.1
Board : --
Device ID : 0x0484
Device name : STM32H5xx
Flash size : 2 MBytes (default)
Device type : MCU
Revision ID : --
Device CPU : Cortex-M33
Protocol Information : static
SFI File Information :
SFI file path : Binary\SecureManagerPackage.sfi
SFI license file path : keys\SFI_Global_License.bin
SFI header information :
SFI protocol version : 2
SFI total number of areas : 13
SFI image version : 0
SFI Areas information :
Parsing Area 1/13 :
Area type : H
Area size : 16
Area destination address : 0x0
Parsing Area 2/13 :
Area type : O
Area size : 112
Area destination address : 0xFFD0100
Parsing Area 3/13 :
Area type : O
Area size : 192
Area destination address : 0xFFD09D0
Parsing Area 4/13 :
Area type : O
Area size : 112
Area destination address : 0xFFD0A80
Parsing Area 5/13 :
Area type : O
Area size : 272
Area destination address : 0xFFD0200
Parsing Area 6/13 :
Area type : S
Area size : 110808
Area destination address : 0x0
Parsing Area 7/13 :
Area type : S
Area size : 128184
Area destination address : 0x0
Parsing Area 8/13 :
Area type : S
Area size : 128184
Area destination address : 0x0
Parsing Area 9/13 :
Area type : S
Area size : 31628
Area destination address : 0x0
Parsing Area 10/13 :
Area type : F
Area size : 14848
Area destination address : 0x806E400
Parsing Area 11/13 :
Area type : F
Area size : 528
Area destination address : 0x8192000
Parsing Area 12/13 :
Area type : F
Area size : 48
Area destination address : 0x8193FD0
Parsing Area 13/13 :
Area type : C
Area size : 48
Area destination address : 0x0
Reconnecting...
Time elapsed during option Bytes configuration: 00:00:00.094
Warning: Option Byte: BOOT_UBE, value: 0xB4, was not modified.
Warning: Option Bytes are unchanged, Data won't be downloaded
Time elapsed during option Bytes configuration: 00:00:00.006
Warning: Option Byte: SECBOOT_LOCK, value: 0xC3, was not modified.
Warning: Option Bytes are unchanged, Data won't be downloaded
Time elapsed during option Bytes configuration: 00:00:00.003
Warning: Option Byte: SECBOOTADD, value: 0xC0000, was not modified.
Warning: Option Byte: SECWM1_STRT, value: 0x0, was not modified.
Warning: Option Byte: SRAM1_3_RST, value: 0x1, was not modified.
Warning: Option Byte: SRAM2_ECC, value: 0x0, was not modified.
Warning: Option Byte: SRAM2_RST, value: 0x0, was not modified.
Reconnecting...
Reconnecting...
Time elapsed during option Bytes configuration: 00:00:00.177
Reconnecting...
Reconnecting...
Reconnected !
Time elapsed during option Bytes configuration: 00:00:01.242
Installing RSSe
Memory Programming ...
Opening and parsing file: enc_signed_RSSe_SFI_STM32H5_v2.0.0.0.bin
File : enc_signed_RSSe_SFI_STM32H5_v2.0.0.0.bin
Size : 53.78 KB
Address : 0x20054100
Erasing memory corresponding to segment 0:
Not flash Memory : No erase done
Download in Progress:
File download complete
Time elapsed during download operation: 00:00:00.106
Get RSSe status...
RSS version = 2.2.0
RSSe version = 2.0.0
Starting SFI
Processing license...
Get RSSe status...
Processing Image Header
Get RSSe status...
Processing Area 1...
Get RSSe status...
Area Address = 0x0
Area Type = H
Processing Area 2...
Get RSSe status...
Area Address = 0xFFD0100
Area Type = O
Processing Area 3...
Get RSSe status...
Area Address = 0xFFD09D0
Area Type = O
Processing Area 4...
Get RSSe status...
Area Address = 0xFFD0A80
Area Type = O
Processing Area 5...
Get RSSe status...
Area Address = 0xFFD0200
Area Type = O
Processing Area 6...
Get RSSe status...
Area Address = 0x0
Area Type = S
Processing Area 7...
Get RSSe status...
Area Address = 0x0
Area Type = S
Processing Area 8...
Get RSSe status...
Area Address = 0x0
Area Type = S
Processing Area 9...
Get RSSe status...
Area Address = 0x0
Area Type = S
Processing Area 10...
Get RSSe status...
Area Address = 0x806E400
Area Type = F
Processing Area 11...
Get RSSe status...
Area Address = 0x8192000
Area Type = F
Processing Area 12...
Get RSSe status...
Area Address = 0x8193FD0
Area Type = F
Processing Area 13...
Can not verify last area
Area Address = 0x0
Area Type = C
SFI Process Finished!
SFI file Binary\SecureManagerPackage.sfi Install Operation Success
Time elapsed during SFI install operation: 00:00:12.703
Best regards
Jocelyn
2024-03-07 05:04 AM
2024-03-07 10:07 AM
Hi @Hitesh
I checked with the team, yes it is possible to load the secure manager using the USB DFU mode. This can be done using the same operations in STM32CubeProgrammer with DFU mode.
I'm searching if there is any demo or documentation available to share, I let you know.
best regards,
Younes
2024-03-11 10:32 PM
Hi am using STM32H573I-DK board.
Kindly explain the process how to load the manager in DFU Mode
Thanks
2024-03-12 02:34 AM
Hello @Hitesh ,
Here are the steps:
1- Go to directory STM32Cube_FW_H5_V1.1.1\Projects\STM32H573I-DK\ROT_Provisioning\SM\
2- Launch provisioning.bat : It will fail at the end because you don't have the board connected but all necessary files have been created
3- Open a command line in same directory
4- set BOOT0 to VDD, power your board, connect USB DFU cable
5- Check DFU connection:
"c:\Program Files\STMicroelectronics\STM32Cube\STM32CubeProgrammer\bin\STM32_Programmer_CLI.exe" -c port=USB1
-------------------------------------------------------------------
STM32CubeProgrammer v2.15.0
-------------------------------------------------------------------
USB speed : Full Speed (12MBit/s)
Manuf. ID : STMicroelectronics
Product ID : DFU in FS Mode
SN : 385E328D3332
DFU protocol: 1.1
Board : --
Device ID : 0x0484
Device name : STM32H5xx
Flash size : 2 MBytes (default)
Device type : MCU
Revision ID : --
Device CPU : Cortex-M33
6- Install secure manager
"c:\Program Files\STMicroelectronics\STM32Cube\STM32CubeProgrammer\bin\STM32_Programmer_CLI.exe" -c port=USB1 -sfi Binary\SecureManagerPackage.sfi keys\SFI_Global_License.bin -rsse "c:\Program Files\STMicroelectronics\STM32Cube\STM32CubeProgrammer\bin\RSSe\H5\enc_signed_RSSe_SFI_STM32H5_v2.0.0.0.bin"
-------------------------------------------------------------------
STM32CubeProgrammer v2.15.0
-------------------------------------------------------------------
USB speed : Full Speed (12MBit/s)
Manuf. ID : STMicroelectronics
Product ID : DFU in FS Mode
SN : 385E328D3332
DFU protocol: 1.1
Board : --
Device ID : 0x0484
Device name : STM32H5xx
Flash size : 2 MBytes (default)
Device type : MCU
Revision ID : --
Device CPU : Cortex-M33
Protocol Information : static
SFI File Information :
SFI file path : Binary\SecureManagerPackage.sfi
SFI license file path : keys\SFI_Global_License.bin
SFI header information :
SFI protocol version : 2
SFI total number of areas : 13
SFI image version : 0
SFI Areas information :
Parsing Area 1/13 :
Area type : H
Area size : 16
Area destination address : 0x0
Parsing Area 2/13 :
Area type : O
Area size : 112
Area destination address : 0xFFD0100
Parsing Area 3/13 :
Area type : O
Area size : 192
Area destination address : 0xFFD09D0
Parsing Area 4/13 :
Area type : O
Area size : 112
Area destination address : 0xFFD0A80
Parsing Area 5/13 :
Area type : O
Area size : 272
Area destination address : 0xFFD0200
Parsing Area 6/13 :
Area type : S
Area size : 110808
Area destination address : 0x0
Parsing Area 7/13 :
Area type : S
Area size : 128184
Area destination address : 0x0
Parsing Area 8/13 :
Area type : S
Area size : 128184
Area destination address : 0x0
Parsing Area 9/13 :
Area type : S
Area size : 31628
Area destination address : 0x0
Parsing Area 10/13 :
Area type : F
Area size : 14848
Area destination address : 0x806E400
Parsing Area 11/13 :
Area type : F
Area size : 528
Area destination address : 0x8192000
Parsing Area 12/13 :
Area type : F
Area size : 48
Area destination address : 0x8193FD0
Parsing Area 13/13 :
Area type : C
Area size : 48
Area destination address : 0x0
Reconnecting...
Time elapsed during option Bytes configuration: 00:00:00.094
Warning: Option Byte: BOOT_UBE, value: 0xB4, was not modified.
Warning: Option Bytes are unchanged, Data won't be downloaded
Time elapsed during option Bytes configuration: 00:00:00.006
Warning: Option Byte: SECBOOT_LOCK, value: 0xC3, was not modified.
Warning: Option Bytes are unchanged, Data won't be downloaded
Time elapsed during option Bytes configuration: 00:00:00.003
Warning: Option Byte: SECBOOTADD, value: 0xC0000, was not modified.
Warning: Option Byte: SECWM1_STRT, value: 0x0, was not modified.
Warning: Option Byte: SRAM1_3_RST, value: 0x1, was not modified.
Warning: Option Byte: SRAM2_ECC, value: 0x0, was not modified.
Warning: Option Byte: SRAM2_RST, value: 0x0, was not modified.
Reconnecting...
Reconnecting...
Time elapsed during option Bytes configuration: 00:00:00.177
Reconnecting...
Reconnecting...
Reconnected !
Time elapsed during option Bytes configuration: 00:00:01.242
Installing RSSe
Memory Programming ...
Opening and parsing file: enc_signed_RSSe_SFI_STM32H5_v2.0.0.0.bin
File : enc_signed_RSSe_SFI_STM32H5_v2.0.0.0.bin
Size : 53.78 KB
Address : 0x20054100
Erasing memory corresponding to segment 0:
Not flash Memory : No erase done
Download in Progress:
File download complete
Time elapsed during download operation: 00:00:00.106
Get RSSe status...
RSS version = 2.2.0
RSSe version = 2.0.0
Starting SFI
Processing license...
Get RSSe status...
Processing Image Header
Get RSSe status...
Processing Area 1...
Get RSSe status...
Area Address = 0x0
Area Type = H
Processing Area 2...
Get RSSe status...
Area Address = 0xFFD0100
Area Type = O
Processing Area 3...
Get RSSe status...
Area Address = 0xFFD09D0
Area Type = O
Processing Area 4...
Get RSSe status...
Area Address = 0xFFD0A80
Area Type = O
Processing Area 5...
Get RSSe status...
Area Address = 0xFFD0200
Area Type = O
Processing Area 6...
Get RSSe status...
Area Address = 0x0
Area Type = S
Processing Area 7...
Get RSSe status...
Area Address = 0x0
Area Type = S
Processing Area 8...
Get RSSe status...
Area Address = 0x0
Area Type = S
Processing Area 9...
Get RSSe status...
Area Address = 0x0
Area Type = S
Processing Area 10...
Get RSSe status...
Area Address = 0x806E400
Area Type = F
Processing Area 11...
Get RSSe status...
Area Address = 0x8192000
Area Type = F
Processing Area 12...
Get RSSe status...
Area Address = 0x8193FD0
Area Type = F
Processing Area 13...
Can not verify last area
Area Address = 0x0
Area Type = C
SFI Process Finished!
SFI file Binary\SecureManagerPackage.sfi Install Operation Success
Time elapsed during SFI install operation: 00:00:12.703
Best regards
Jocelyn
2024-03-13 04:24 AM
Hi, @Jocelyn RICARD
Thanks for the quick response, it worked as you mentioned.
Please also let me know the process of regression (Debug Authentication)
2024-03-13 07:26 AM
Hello @Hitesh ,
Debug authentication requires usage of JTAG/SWD. No possibility to do this through USB.
So, you just need to use the regression.bat located in
STM32Cube_FW_H5_V1.1.1\Projects\STM32H573I-DK\ROT_Provisioning\DA\Certificates\
Best regards
Jocelyn
2024-03-13 10:03 PM
Thanks @Jocelyn RICARD , for your support.