Skip to main content
H
hakeila
Associate III
January 7, 2025
Solved

GTZC and PKA privileged config

  • January 7, 2025
  • 5 replies
  • 2471 views

Hi,

 

I have enabled the HASH, RNG, and PKA. I also enabled the Global Trust Zone Controller and configured the PKA as privilege access. However, the generated code from STM32CubeMX does produce an error due to undefined 

GTZC_CFGR3_PKA_Pos which is missing from stm32h523xx.h

 

Is that an error? 

 

I have to mention that when I first created the project, I haven't check Trust Zone option under the project. But I later enabled the GTZC.


Kind Regards,

Hani

Best answer by Jocelyn RICARD

Hello @hakeila ,

I could reproduce your issue. It only occurs if you want to change the PKA setting to privilege.

I will raise an internal ticket for that.

 Regarding the cryptographic library, this is a full software implementation. It does not use the hw accelerator. So, you shouldn't have any issue using it.

Best regards

Jocelyn

5 replies

S
STea
ST Employee
January 7, 2025

Hello @hakeila ,

Could you share the MX version as well as the ioc file you used to reproduce the issue.
as far as I recall there was an issue with MX missing some source files, but it was resolved.
and also, to make this statement clearer:

"I have to mention that when I first created the project, I haven't check Trust Zone option under the project. But I later enabled the GTZC."
is this meaning that you didn't select the option TrustZone enabled in CubeMX ?
Regards 

Jocelyn RICARD
Jocelyn RICARD
ST Employee
January 7, 2025

Hello @hakeila ,

The STM32H523 does not support PKA, only STM32H533.

This is reason why this is not defined

Best regards

Jocelyn

H
hakeilaAuthor
Associate III
January 8, 2025

Hi @Jocelyn RICARD 

 

So there is no PKA peripheral in STM32H523? If this is the case, this means that there is an error in CubeMX as I can see PKA module available and I can select it for my CubeMX project of STM32H523. And There are generated PKA source files generated together with HAL drivers.

Are you sure? PKA is mentioned to be available under STM32H523xx datasheet as shown in the snapshot I attached from the datasheet page.

Kind Regards,

Hani

 

 

 

H
hakeilaAuthor
Associate III
January 8, 2025

Hi @Jocelyn RICARD 

 

Thank you so much for the clarification. Then it does make sense.

 

So, Will ST updates the stm32h523.h header file or should I manually add this config myself?

 

According to reference manual, the PKA priviledge config exists in GTZC config register 3 Bit 20. However this will be annoying to update everytime I regenerate the code after updating the MCU peripherals in CubeMX

 

I also would like to mention that ST did release a cryptographic library in Github as mentioned in 

https://wiki.st.com/stm32mcu/wiki/Security:Introduction_to_the_cryptographic_library_with_STM32

 

I am wondering if there are any limitations in using it for STM32H523 especially ST mentioned that this library supports all Cortex-M from ST

 

Kind Regards,

Hani  

Jocelyn RICARD
Jocelyn RICARDBest answer
ST Employee
January 10, 2025

Hello @hakeila ,

I could reproduce your issue. It only occurs if you want to change the PKA setting to privilege.

I will raise an internal ticket for that.

 Regarding the cryptographic library, this is a full software implementation. It does not use the hw accelerator. So, you shouldn't have any issue using it.

Best regards

Jocelyn

H
hakeilaAuthor
Associate III
January 12, 2025

Hi @Jocelyn RICARD 

 

Thank you so much for the confirmation. Looking forward to ST fix.

 

Regarding the ST Cryptographic library, it does contain stm32h5xx_hal_cryp(_ex).h files. I am guessing I can't particularly use these for STM32H523 MCU since there are no hardware accelerators for AES, am I right?

 

Or Can I import the crypto HAL drivers and use the library as is on STM32H523 regardless?

 

If this is possible, then I can the AES HAL together with mbedtls AES 

 

Kind Regards,
Hani

Jocelyn RICARD
Jocelyn RICARD
ST Employee
January 22, 2025

Hello @hakeila ,

According to the internal ticket feedback :

will be published in 25W08 on ST.COM H5 CubeFW v1.5.0

Best regards

Jocelyn

H
hakeilaAuthor
Associate III
January 22, 2025

Hi @Jocelyn RICARD,

 

Thank you for the quick reply.

Is there an ETA for releasing the CubeFw 1.5.0?

 

Regards,

Hani

Jocelyn RICARD
Jocelyn RICARD
ST Employee
January 23, 2025

Yes week 8 as stated above

Best regards

Jocelyn

Terms & ConditionsAccessibility statement