Advertisement
Quick Links
Getting started with debug authentication (DA) for STM32 MCUs
Introduction
This document describes the debug authentication (DA) security service. When not specified, STM32 refers to all applicable
products present in
Table 1. Applicable
The STM32 debug authentication controls the product life cycle, such as regressions (for more details about the life cycle, refer
to the reference manual), and debug reopening:
•
Regression
The user leverages the regression service to erase the user firmware and data within the user flash memory, SRAM, and
option-byte keys (OBK) when OBK are supported by STM32. After a regression, STM32 falls back in product state open.
Depending on STM32 products, there can be several kinds of regression: full regression and partial regression Refer to
Section 3: STM32 debug authentication services description
•
Debug reopening
The user leverages the debug reopening to safely reopen the debug on STM32 when it is in a product state different than
open.
When the STM32 product state is not open, the user can trigger the debug authentication services by sending a password or a
certificate chain to the STM32 device.
These two options are named the debug authentication methods.
The debug authentication protocol uses the STM32 device debug access port 0 (DAP0) and the DBGMCU IP for
communication.
The STM32 debug authentication implements the Arm
®
The Arm
PSA ADAC protocol is based on the certificate chain and the challenge/response principle.
Type
Microcontrollers
AN6008 - Rev 2 - May 2024
For further information contact your local STMicroelectronics sales office.
products.
Figure 1.
Debug authentication interface
Debug port
Probe
/ DBGMCU
®
PSA ADAC (authenticated debug access control) specification.
Table 1.
Applicable products
STM32H5 series, STM32H7R3/7S3, STM32H7R7/7S7 lines
for more details.
STM32
Debug
Authentication
Product
AN6008
Application note
www.st.com
Advertisement
Related Manuals for ST STM32H7R3
Summary of Contents for ST STM32H7R3
- Page 1 PSA ADAC protocol is based on the certificate chain and the challenge/response principle. Table 1. Applicable products Type Product Microcontrollers STM32H5 series, STM32H7R3/7S3, STM32H7R7/7S7 lines AN6008 - Rev 2 - May 2024 www.st.com For further information contact your local STMicroelectronics sales office.
- Page 2 Option-byte keys OFTDEC On-the-fly decryption Public key accelerator Platform security architecture SAES Secure advanced encryption standard System on chip Secure debug manager STiRoT ST immutable root of trust Serial wire debug ® ® TrustZone ® ® TZEN TrustZone enabled uRoT...
- Page 3 AN6008 General information 1. This URL belongs to a third-party. It is active at document publication. However, STMicroelectronics shall not be liable for any change, move, or inactivation of the URL or the referenced material. Products compatibility Table 3. Synthesis table for SMT32H5 products STM32H573xx/H533xx STM32H563xx/H523xx STM32H503xx...
- Page 4 AN6008 Overview Overview Debug authentication provisioning overview Before using the debug authentication services, the user must provision STM32 with its credentials. The debug authentication allows two types of credential: password or certificates: • Password method, the user must provision a password hash (SHA256) within STM32. •...
- Page 5 AN6008 Overview Figure 3 shows how the user triggers the debug authentication service using the certificate method. Figure 3. Debug authentication using certificate Challenge Response Product State = OPEN Step 1 Step 2 Step 3 : Debug Authentication Certificate : Debug Authentication Private Key When the user triggers the debug authentication feature (regression or debug reopening), they first send a certificate and an action request to the STM32 device.
- Page 6 Token formats: fixed to “0x200”. • Certificate formats: fixed to “0x201”. • Cryptosystem: “Ecdsa-P256 SHA256” (certificate) or “ST password”. • ST provisioning integrity: indicates if integrity of provisioned DA data is correct (0xeaeaeaea) or wrong (0xf5f5f5f5). Table 5. Discovery service availability Part number Availability...
- Page 7 AN6008 STM32 debug authentication services description • Increments secure and nonsecure EPOCH. • Remove HDP, secure watermarks, and WRP protections. • Reset TZEN and boot lock to default value. • Erases key registers within cryptographic peripherals (AES, SAES, PKA, OTFDEC). •...
- Page 8 AN6008 STM32 debug authentication services description 3.3.2 Partial regression service and EEPROM emulation If EEPROM emulation is activated, the partial regression deactivates it before performing the erasure, and reactivates it at the end of the process. Hence, the data in the EEPROM zone is fully erased after a partial regression.
- Page 9 AN6008 STM32 debug authentication services description Product state Debug connection iRoT provisioned Yes for HDPL 3 TZ-Closed Yes for HDPL 3 Closed Locked 1. STM32 secure resources cannot be accessed even if the user establishes a debug connection to STM32. ‑...
- Page 10 AN6008 STM32 debug authentication services description Part number Debug reopening supported STM32H523xx STM32H503xx STM32H7Rx/7Sx 3.4.4 CLI commands to reopen debug on STM32H5 In order to reopen debug from HDPL1 secure, use the following command: .\STM32_Programmer_CLI.exe -c port=SWD speed=fast per=e key=.\key.pem cert=.\certificate_chai n debugauth=1 In order to reopen debug from HDPL2 secure, use the following command: .\STM32_Programmer_CLI.exe -c port=SWD speed=fast per=f key=.\key.pem cert=.\certificate_chai...
- Page 11 .\STM32_Programmer_CLI.exe -c port=SWD debugauth=3 Forced download service 3.6.1 Forced download details The forced download service allows the connection to ST bootloader, for example, to be able to download an image when using an iRoT. 3.6.2 STM32H7Rx/7Sx series forced download support Table 11.
- Page 12 AN6008 Debug authentication activation Debug authentication activation Provisioning 4.1.1 Introduction The debug authentication use two kinds of methods: • A password (maximum length of password is 128 bits/16 bytes). • A certificate chain. Before using the debug authentication service, the user must provision STM32 with data for debug authentication configuration.
- Page 13 AN6008 Debug authentication activation Bit 7 Bit 6 Bit 5 Bit 4 Bit 3 Bit 2 Bit 1 Bit 0 Open debug Open debug Open debug Open debug Open debug Open debug Reserved from HDPL3 from HDPL2 from HDPL1 Reserved from HDPL3 from HDPL2 from HDPL1...
- Page 14 AN6008 STM32 debug authentication protocol description STM32 debug authentication protocol description Physical link Host and the STM32 device use JTAG or SWD physical connection over access point 0. Using access point 0, debug transactions only access a very limited part of the STM32 device, for example, the DBGMCU IP.
- Page 15 AN6008 STM32 debug authentication protocol description Command constant Command name Description The host sends this command to start the authentication sequence. Its primary 0x0002 ADAC_AUTH_START_CMD purpose is for the target to provide a random 256-bit challenge vector used to prevent replay attacks. This command is used to provide the debug token and additional credentials 0x0003...
- Page 16 AN6008 STM32 debug authentication protocol description Figure 6. Debug authentication using a root certificate 5.4.2 Certificates and certificate chains There are three types of certificates: • Root certificate • Intermediate certificate • Leaf certificate A certificate chain can be composed of: •...
- Page 17 AN6008 STM32 debug authentication protocol description So finally, the requested action is rejected. In the example described in Figure 7, the certificate chain contains a root certificate and a leaf certificate. Figure 7. Example of a forbidden action Example of an authorized action In this example, the token mask is used to request a debug opening from HDPL3 NS.
- Page 18 AN6008 Debug authentication ecosystem overview Debug authentication ecosystem overview Debug authentication provisioning Figure 9. Debug authentication ecosystem during provisioning phase STM32 Host STM32CubeProgrammer Probe Any interfaces accessible by CubeProgrammer: bootloader peripherals + JTAG/SWD. DA_Config.obk STM32 Trusted Package Creator DA_Config.xml Step 1 The STM32 Trusted Package Creator is used to create the debug authentication configuration .obk file from the debug authentication configuration .xml file.
- Page 19 AN6008 Debug authentication ecosystem overview Step 2 The DA configuration obk file is programmed in STM32 OBK by using the STM32CubeProgrammer. Launch debug authentication service (certificate method) Figure 10. Debug authentication ecosystem for service launch STM32 Host STM32CubeProgrammer Debug port Debug Probe or IDE...
- Page 20 AN6008 STM32 debug authentication restrictions STM32 debug authentication restrictions Debug authentication and WWDG The debug authentication does not manage Window WatchDog (WWDG). It is recommended not to activate Window WatchDog when using debug authentication. AN6008 - Rev 2 page 20/26...
- Page 21 AN6008 Revision history Table 15. Document revision history Date Version Changes 22-Dec-2023 Initial release. Added mention of STM32H7Rx/7Sx throughout the document. 13-May-2024 Topics added: Section 3.6: Forced download service AN6008 - Rev 2 page 21/26...
- Page 22 AN6008 Contents Contents General information ............. . . 2 Overview .
- Page 23 AN6008 Contents Provisioning ..............12 4.1.1 Introduction .
- Page 24 AN6008 List of tables List of tables Table 1. Applicable products ..............1 Table 2.
- Page 25 AN6008 List of figures List of figures Figure 1. Debug authentication interface ............1 Figure 2.
- Page 26 ST’s terms and conditions of sale in place at the time of order acknowledgment. Purchasers are solely responsible for the choice, selection, and use of ST products and ST assumes no liability for application assistance or the design of purchasers’...
Need help?
Do you have a question about the STM32H7R3 and is the answer not in the manual?
Questions and answers