Replies: 1 comment
-
|
I am interested in this too. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Hello Zephyr Community,
I’ve successfully built a Zephyr RTOS blinky application for the NUCLEO-H533RE board. Flashing the zephyr.hex using west flash or STM32CubeProgrammer works perfectly — the LED blinks and the serial terminal prints the expected status messages.
To enhance security, I’m now trying to encrypt and sign the firmware using STM32TrustedPackageCreator and provision the board using STiROT. I followed the STM32CubeH5 GitHub examples and used the STiROT_Code_Init_Image.xml file, modifying it to point to my zephyr.bin. Provisioning was successful, and the board state was set to PROVISIONED.
However, after flashing the generated zephyr_enc_sign.hex, the board does not blink, and the serial terminal remains silent — indicating the firmware is not executing.
Here’s what I’ve done:
Used STiROT/Image/STiROT_Code_Init_Image.xml and modified paths to point to zephyr.bin.
Generated the encrypted and signed image using STM32TrustedPackageCreator.
Successfully provisioned the board and set its final state to PROVISIONED.
During the process, I noticed this message:
And finally the following message:
Questions:
In short, I am working on Secure Boot and I know zephyr supports TF-M. I haven't explored TF-M yet and that would be my next step to play around with. However, I am wondering if anyone here have tried to achieve secure boot with STiROT.
Beta Was this translation helpful? Give feedback.
All reactions