This message will disappear after all relevant tasks have been resolved.

Semantic MediaWiki

There are 1 incomplete or pending task to finish installation of Semantic MediaWiki. An administrator or user with sufficient rights can complete it. This should be done before adding new data to avoid inconsistencies.

1. What is Debug Authentication ?

User leverages Debug Authentication mechanism to either:

Re-open Debug Access on the STM32 in a secured way.
Perform regression in a secured way, erasing user data in user Flash, SRAM and OBKeys.

Debug Authentication only grants such services to legitimate user thanks to

Certificate signed by a CA.

or

Password

Debug Authentication is tightly tied to:

STM32 life cycle
STM32 ARM TrustZone enablement or not.

1.1. STM32 life cycle

Before configuring STM32 in a product state higher than "provisioning", user must provision either:

The hash of the CA Public Key + authorized action on Certificate reception.

or

The hash of the Password + authorised action on Password reception.

1.2. TrustZone

When user enables TrustZone on STM32, Debug Authentication grant authorized action on Certificate reception.

Authorized actions can be:
- Debug reopening
- Regression:
  - Full regression: Debug Authentication erases full user Flash, SRAM and OBKEys.
  - Partial regression: Debug Authentication erases non-secure user Flash, non-secure SRAM and non-secure OBKEys.

Information

After regression STM32 DHUK is changed, secure storage sections (protected by DHUK) extracted before regression can't be reused after regression

When user disables TrustZone on STM32,Debug Authentication grant authorized action on Password reception.

Authorized action is:
- Regression:
  - Full regression: Debug Authentication erases full user Flash, SRAM and OBKEys.