Debug Authentication

1 What is debug authentication ?

Debug authentication is a process used to properly disable the security features on the STM32. The user leverages on the debug authentication security feature to either:

  • Perform secure regression testing on the OPEN or TZ-CLOSED product states, erasing user data in user flash memory, SRAM and OBKeys.
  • Safely re-open debug access on the STM32.

Debug authentication is only used when the STM32 is CLOSED product state.
Debug authentication only grants its services when user enters a legitimate user password or a certificate authentication.
The STM32 life cycle management drives the STM32 debug authentication method, password or certificate. Refer to the life-cycle management section of the appropriate STM32 reference manual on how to implement the debug authentication security feature.
The user sends a password or certificicate to the STM32 via a limited debug access port that does not grant access to STM32 hardware resources such as the CPU registers, memory, peripheral registers, and so on. When a debug access on a closed device is opened, a new debug access port is also opened, granting access to the STM32 hardware resources.

Refer to the following items for more information:

1.1 Password

Regression by Password

In order to access the debug authentication feature, the host sends the debug authentication password to the STM32. When the STM32 receives the password, it verifies that it corresponds to the one that is provisioned.

1.2 Certificate

Full Regression by Certificate

When the user access the debug authentication feature (regression or debug re-opening), he sends first a certificate and a debug authentication action request to the STM32. When the STM32 receives the certificate, it verifies that:

  • Certificate fits the one that is provisioned.
  • The authorized actions sent with the certificate match the ones provisioned.
  • The action request matches the authorized action list carried by the certificate.

The STM32 starts the challenge-response procedure (Step 2 and Step 3): the STM32 verifies that the host owns the debug authentication private key before performing the requested action (regression or debug re-opening). The certificate carries the requested action.

The next figure illustrates how the STM32 blocks the debug authentication action request when authorized actions in certificate do not match the provisioned authorized actions.

Picture 1: Security Debug Authentication Request Blocked

The figure below illustrates how the STM32 blocks the debug authentication action request because the action request does not fit with certificate authorized actions.

Picture 2: Security Debug Authentication Request Blocked

The figure below illustrates that the certificate authorized actions fits the provisioned authorized action and the action request fits the certificate authorized actions, then STM32 grants debug authentication action request.

Picture 3: Security Debug Authentication Request Granted

2 Provisioning

Product Lifecycle (Simplified +Trust Zone)

Before configuring the STM32 in a product in a more secured state below PROVISIONING (this is PROVISONED, TZ-CLOSED or CLOSED) , user must provision either:

  • The hash of the certificate public key and authorized actions. The authorized actions are a combination of regression, partial regression and debug re-opening.


  • The hash of the password.
Info white.png Information
Product state TZ-CLOSED does not exist when the STM32 is not enabled or supports TrustZone.

3 Regression

3.1 Full regression

Debug authentication erases the whole of the user flash memory, SRAM and OBKEys1. Full regression erases the debug authentication provisioned data, which is the certificate and authorized actions, hence the user must provision debug authentication data once again. After full regression, the STM32 is in the OPEN product state.

Full Regression by Certificate

Info white.png Information
After regression, the STM32 DHUK is changed, secure storage sections (protected by DHUK) extracted before regression cannot be reused after regression

Note1: When the STM32 supports OBKeys.

3.2 Partial regression

Debug authentication erases non-secure user flash memory, non-secure SRAM and non-secure OBKEys1. After partial regression, the STM32 is in the TZ-CLOSED product state.

Partial Regression

Note that the STM32 that does not support TrustZone or when TrustZone is not enabled does not support partial regression.
Note1: When the STM32 supports OBKeys.

4 Debug Re-opening

Only debug authentication by certificate supports debug re-opening. After debug re-opening, the user can debug the STM32. Debug re-opening does not change the STM32 product state. Debug re-opening is temporary, power off the STM32 disables debug re-opening and debug is closed again.

Debug Reopening