FAQs
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

STM32H573 Debug Authentication FAILED in CLOSE state

TetrasLyre
Visitor

‎2024-11-27 03:33 AM

Hi,

I am working on the wiki "How to start STiRoT".
Actually, my board in in CLOSE state and the DA returns the error "Debug Authentication failed" after Discovery (see below). The key and certificate used is the deafult ones.

The connection through STLink returns the error "No STM32 target found" (BOOT0 on System "1").

The connection through UART returns the error : " Activating device KO. Please verify the boot mode configuration and check the serial port configuration. Reset your device and try again..." (BOOT0 on Flash "0").

How can I recover the connection to the board and the state OPEN ?

Discovery:

12:15:09:766 : Start Debug Authentication Sequence
12:15:09:766 : SDMOpen : 609 : open : SDM API v1.0
12:15:09:766 : SDMOpen : 610 : open : SDM Library version v1.1.0
12:15:09:766 : open_comms : 501 : open : Asserting target reset
12:15:09:766 : open_comms : 505 : open : Writing magic number
12:15:09:766 : open_comms : 515 : open : De-asserting target reset
12:15:09:766 : open_comms : 567 : open : Communication with the target established successfully
12:15:09:766 : discovery: target ID.......................:0x484
12:15:09:766 : discovery: SoC ID..........................:0x00000000_35353537_3332510A_00350047
12:15:09:767 : discovery: SDA version.....................:2.4.0
12:15:09:767 : discovery: Vendor ID.......................:STMicroelectronics
12:15:09:767 : discovery: PSA lifecycle...................:ST_LIFECYCLE_CLOSED
12:15:09:767 : discovery: PSA auth version................:1.0
12:15:09:767 : discovery: ST HDPL1 status.................:0x1
12:15:09:767 : discovery: ST HDPL2 status.................:0xffffffff
12:15:09:767 : discovery: ST HDPL3 status.................:0xffffffff
12:15:09:767 : discovery: Token Formats...................:0x200
12:15:09:767 : discovery: Certificate Formats.............:0x201
12:15:09:767 : discovery: cryptosystems...................:Ecdsa-P256 SHA256
12:15:09:767 : discovery: ST provisioning integrity status:0xf5f5f5f5
12:15:09:768 : discovery: permission if authorized...........:Full Regression
12:15:09:768 : discovery: permission if authorized...........:To TZ Regression
12:15:09:768 : discovery: permission if authorized...........:Level 3 Intrusive Debug
12:15:09:768 : discovery: permission if authorized...........:Level 2 Intrusive Debug
12:15:09:768 : discovery: permission if authorized...........:Level 1 Intrusive Debug
12:15:09:768 : discovery: permission if authorized...........:Level 3 Intrusive Non Secure Debug
12:15:09:768 : discovery: permission if authorized...........:Level 2 Intrusive Non Secure Debug
12:15:09:768 : discovery: permission if authorized...........:Level 1 Intrusive Non Secure Debug

Labels:
0 Kudos
1 REPLY 1
Jocelyn RICARD
ST Employee

‎2024-11-27 05:14 AM

Hello @TetrasLyre ,

you can see in the trace:

12:15:09:767 : discovery: cryptosystems...................:Ecdsa-P256 SHA256
12:15:09:767 : discovery: ST provisioning integrity status:0xf5f5f5f5

First line says that you have enabled TrustZone, so ECDSA Crypto is involved

Second line says that Debug Authentication key was either wrongly provisioned or not provisioned at all.

This is just an integrity check of the Debug Authentication credentials stored in OBK.

So, in this state, if you have code in the device that is able to download an application (typically a kind of bootloader) you can download a firmware that performs a regression (Change product state to regression).

If you don't have this capability, you cannot reopen the device.

How did you provision the device before switching to CLOSED state ?

Best regards

Jocelyn

0 Kudos
Top