1. What is Debug Authentication ?
User leverages Debug Authentication security feature to either:
- Perform regression to product states OPEN or TZ-CLOSED in a secured way, erasing user data in user Flash, SRAM and OBKeys.
- Re-open Debug Access on the STM32 in a secured way.
Debug Authentication is only useful when STM32 is no more in product state OPEN.
Debug Authentication only grants such services to legitimate user thanks to Password or Certificate.
The STM32 life cycle management drives the STM32 Debug Authentication method, Password or Certificate. Please refer to the reference manual of your STM32 ( life-cycle management section ) to know which method to use for Debug Authentication security feature.
User sends Password or Certificicate(s) to STM32 via a limited Debug Access Port that does not grant access to STM32 HW resources ( CPU registers, memory, peripheral registers ...). In case of Debug Access re-opening, a new Debug Access Port is opened, granting access to STM32 HW resources.
Debug Authentication is tightly related to:
- STM32 Product State Life cycle
- STM32 ARM TrustZone enablement or not.
1.1. Password
In order to trigger Debug Authentication feature, Host sends Debug Authentication Password to STM32. On Password reception, STM32 verifies that Password corresponds to the one provisioned.
1.2. Certificate
When user triggers Debug Authentication feature (Regression or Debug Re-opening), he sends first a Certificate and a Debug Authentication Action Request to the STM32. On Certificate reception (Step 1), STM32 verifies that:
- Certificate fits the one provisioned.
- The Authorized Actions sent with the Certificate fit the ones provisioned.
- The Action Request fits with Authorized Action list carried by the Certificate.
STM32 starts challenge-response procedure (Step 2 and Step 3): STM32 verifies that Host owns the Debug Authentication Private Key before performing the requested action (regression or Debug re-opening).
The Certificate carries the requested action.
For details information regarding Debug Authentication Certificate structure, please refer to [1]
In the scheme below STM32 blocks Debug Authentication Action Request because Authorized Actions within Certificate do not map Provisioned Authorized Actions.
In the scheme below STM32 blocks Debug Authentication Action Request because Action Request does not fit with Certificate Authorized Actions.
In the scheme below, Certificate Authorized Actions fit Provisioned Authorized Action and Action Request fits Certificate Authorized Actions, then STM32 grants Debug Authentication Action Request.
2. Provisioning
Before configuring STM32 in a product state below PROVISIONING (i.e. PROVISONED, TZ-CLOSED or CLOSED) , user must provision either:
- The hash of the Certificate Public Key and Authorized Actions. Authorized actions are a combination of Regression, Partial Regression and Debug re-opening.
or
- The hash of the Password.
3. Regression
3.1. Full regression
Debug Authentication erases full user Flash, SRAM and OBKEys1. Full regression erases Debug Authentication Provisioned data, i.e. Certificate and Authorized Actions, hence user must provision again Debug Authentication data. After Full regression STM32 is in product state OPEN.
Note1: When STM32 supports OBKeys.
3.2. Partial regression
Debug Authentication erases non-secure user Flash, non-secure SRAM and non-secure OBKEys1. After partial regression STM32 is in product state TZ-CLOSED.
Please note that STM32 not supporting TrustZone or not enabling TrustZone do not support Partial regression.
Note1: When STM32 supports OBKeys.
4. Debug Re-opening
Only Debug Authentication by Certificate supports Debug Re-opening. After Debug Re-opening user can debug STM32. Debug Re-opening does not change STM32 product state. Debug Re-opening is temporary, power off the STM32 disables Debug Re-opening and Debug is closed again.
5. References
- Debug Authentication ANxxxx
- ↑ 1