Skip to end of banner
Go to start of banner

HSM preparation process

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 5 Next »

HSM (hardware secure modules) is used as a license generation tool necessering during SFI programming procedure.

1. Preparing necessary files:

  1. Preparation of the keys (AES128Key.bin and Nonce.bin) ,this files can by generated by STM32 Trusted Package Creator tool, they must be the same as when they were used during SFI binary file generation.

  2. Correct personalization data file from STM32CubeProgrammer install folder

2. How pick correct personalization data file:

To choose the right one personalization data file need know first signs of chip certificate MCU family which one You want programming. You can read chip certificate via GangFlasher-ST

  1. Open window “STM32 Trusted Programming setup”(Setup ->SSP/SFI)

  2. Check “SFI Enable” box

  3. Select the target from which you want to read the certificate

  4. Click Read button and select folder where want to save certificate

  5. Open file in notepad - first eight sings in file are same like name correct personalization data file.

    Example certificate from STM32U5 mcu.

     4820200B	¶‚ĹŽî"C,ˆ×Vš\ˆżĽĚ*ű2ÎłčÇÔC#PFW˜QŇłÁ–P׈ŁśH

3. HSM generation

To validate the HSM programming request, the user has to

  • set firmware identifier, used to identifies the correct HSM

  • indicate files prepared in first step

  • select personalization data this file can be found in STM32CubeProgrammer tool install folder.

STMicroelectronics application notes and user manuals:

[1] UM2238 - STM32 Trusted Package Creator tool software description

  • No labels