FAQs
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Using RSSLib->DataProvisioning() interface without TZ

peter7
Associate II

‎2025-09-05 3:41 AM

I'm trying to get the Debug Authentication provisioning to work. I managed to write it from within the application, but then I found the errata sheet(es0565-stm32h562xx563xx573xx-device-errata-stmicroelectronics.pdf) which states otherwise:

"Chapter 2.2.35: Debug Authentication provisioning cannot be done from the application when TZEN is disabled"

 

I tried to do the provisioning with RSSLib->DataProvisioning(), as mentioned in the errata sheet, but I end up getting a hardfault.

I'm using the nucleo-h536zi-board, trustzone is disabled.

 

    RSSLIB_DataProvisioningConf_t a;
    a.pSource = sData;
    a.pDestination = (uint32_t *) (0x0FFD0100);
    a.Size = 0x60;
    a.DoEncryption = 0xCACA0AA0U;
    a.Crc = 0;
    uint32_t c = RSSLIB_PFUNC->NSC.DataProvisioning(&a);

Since the CRC is not correct, I expect to get the CRC error instead of a hard fault.

 

Is there something I need to set up before calling DataProvisioning? I tried to find an example, is there one somewhere?

 

Best regards,

Peter

Labels:
0 Kudos
3 REPLIES 3
Jocelyn RICARD
ST Employee

‎2025-09-10 2:23 AM

Hello @peter7 ,

This errata is actually very misleading.

I created an internal ticket to have it fixed.

First, it only applies to STM32H573 providing crypto accelerators.

Second there is actually no workaround as far as I can tell (for STM32H573)

So, in your case, using a STM32H563, where DA OBK is not encrypted, you just need to write OBK file in clear and that's it.

This can be done in either OPEN or CLOSED state, because it is not encrypted.

Best regards

Jocelyn

0 Kudos
peter7
Associate II
In response to Jocelyn RICARD

‎2025-09-10 3:20 AM

Thank you Jocelyn.

 

It is good to know that we are not affected by this error.

Does that mean that RSSLib->DataProvisioning() doesn't work at all without TZ?

 

Provisioning from within the application works for me, but I'm not sure how to reliable tell its success. I asked this question in another ticket:

https://community.st.com/t5/stm32-mcus-products/stm32h5-getting-the-provisioned-state-from-within-the-firmware/td-p/836233

 

Best regards,

Peter

0 Kudos
Jocelyn RICARD
ST Employee

‎2025-09-11 12:27 AM

Hi @peter7 ,

I will answer in the other thread

Best regards

Jocelyn

0 Kudos
Top