2025-09-17 7:05 AM
Hello!
I a new in this.
I have two sets of DA files: for password access and for access via certificate.
I've tried to flash a NS-firmware, provision a password.obk, then change Product state to Provisioned/closed.
Thas was successful. I can perform a regression from this state.
But i also tried to open a debug session. Without success. CubeProgrammer says, that I am able to make full regression only, while Cube IDE asks for certificate DA.
I know, that certificate auth method is valid with TZEN=1 only, but I tried to provision that obk with TZEN=0.
As a result, I Have this:
The default ST password from CubeProgrammer's folder is not working,
I tried to provide all-zeros and all-FF password without success.
But maybe I need to change something in the header. Or change a password length.
So, 3 questions:
1. Is this device totally bricked, or I can some-how calculate a password.bin
2. How to perform debug in closed product state on STM32H563 if TZEN=0 ?
3. How to perform debug of the the secured firmware when TZEN=1
Can somebody clarify the boot/DA process when TZ=1.
As I can understand, If the TZEN=1, MCU boots from 0x0C000000. And If I want to have ability to perform a regression or debug, I need a code on this address, that can receive user credentials and open debug. Right?
Or this auth functionality is done with RSS from system memory, without touching flash?
Thanks!
Solved! Go to Solution.
2025-09-18 6:23 AM - edited 2025-09-18 6:25 AM
Solution for the case where you provisioned ConfigWithCertificate.obk, with TZEN=0 and push ProductState to Closed :
2025-09-17 11:05 AM
You used password-based OBK with TZEN=0 and you have to set the device to Closed — now debug is blocked.
Certificate DA doesn't work with TZEN=0, so trying it caused issues.
If you still have the correct password.bin, full regression is possible; otherwise, you're locked out.
With TZEN=1, debug requires certificate-based DA (cert hash, key, SOC ID, permissions).
DA is handled by internal secure boot logic — no custom code needed at boot.
2025-09-17 10:56 PM
Thanks.
The problim is:
I have to use Config-password.obk, but used Config-cerificate.obk with TZEN=0;
I have password.bin I used previously, but it is not working.
2025-09-18 6:23 AM - edited 2025-09-18 6:25 AM
Solution for the case where you provisioned ConfigWithCertificate.obk, with TZEN=0 and push ProductState to Closed :
2025-09-18 2:47 PM
Hi @Konstantin_Z ,
very smart solution !
If debug authentication firmware in STM32H5 support 32 bytes password it should work indeed
Best regards
Jocelyn