FAQs
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Writing .obk file into OBK flash area using C source code

CSmallwood
Associate

‎2025-11-21 3:28 AM

I have a password obk file:
$ xxd PasswordObkFile.obk
00000000: 0001 fd0f 6000 0000 0000 0000 5e9b d65f ....`.......^.._
00000010: e48e a17e 40ae 126f 76e7 c101 3a73 bf35 ...~@..ov...:s.5
00000020: c95d 4897 5c5d 1575 a719 8442 184a a46d .]H.\].u...B.J.m
00000030: 8134 1172 7da0 dc9e 6418 6bb9 9072 89b5 .4.r}...d.k..r..
00000040: aab4 b320 d26f ff5e a45d 8e3d 7750 0000 ... .o.^.].=wP..
00000050: 0000 0000 0000 0000 0000 0000 0000 0000 ................
00000060: 0000 0000 0000 0000 0000 0000 ............

I am running my application with Trustzone disabled (TZEN=C3).

I have a C array:

static uint32_t obk_data[] = {
    0x60000000, 0x00000000, 0x5e9bd65f, 0xe48ea17e,
    0x40ae126f, 0x76e7c101, 0x3a73bf35, 0xc95d4897,
    0x5c5d1575, 0xa7198442, 0x184aa46d, 0x81341172,
    0x7da0dc9e, 0x64186bb9, 0x907289b5, 0xaab4b320,
    0xd26fff5e, 0xa45d8e3d, 0x77500000, 0x00000000,
    0x00000000, 0x00000000, 0x00000000, 0x00000000
};


Using a function like this I am writing the contents to the OBK area using functions like this (it happens within a loop to get all the obk_data into the FLASH starting at the HDPL1 base address).

HAL_FLASH_Program(FLASH_TYPEPROGRAM_QUADWORD_OBK_ALT, FLASH_OBK_HDPL1_BASE_NS, Data); // FLASH_OBK_HDPL1_BASE_NS is 0x0BFD0000UL.
HAL_FLASHEx_OBK_Swap(FLASH_OBK_SWAP_OFFSET_HDPL1);

I am then transition the product lifecycle state to PROVISIONING in the code but my debug authentication fails. I always have to use the STM32_Programmer_CLI tool to download the .obk file manually before I am able to successfully perform a regression.

What am I doing wrong?

I have tried:

  • Little and big endian byte ordering for the obk_data variable
  • Using a wireshark to look at the bytes that the STM32_Programmer_CLI tool sends across, they seem to be the same bytes but I can't know exactly where the ST-Link firmware is placing them. 
Labels:
0 Kudos
1 REPLY 1
Jocelyn RICARD
ST Employee

‎2025-12-09 1:39 AM

Hello @CSmallwood ,

First you don't mention the STM32 target you are using. I would suppose this is a STM2H563 because I don't see the encryption enable bit in the OBK.

The Debug Authentication OBK file contains a header of 3 words (Address, Size, Encryption flag)

Address in OBK is 0001 fd0f 0x0FFD0100, size is 0x60 and no encryption flag.

These 3 parameter shouldn't be written in OBK, they are only used by the provisioning process to know what to do.

So, your obk array should not contain the 2 first words and its size should be 0x60.

You can see an example of OBK update through embedded firmware in the hotspot example here.

This example is for more complexe case where you need to encrypt the OBK for crypto enabled devices but you will get the idea.

Best regards

Jocelyn

0 Kudos
Top