Skip to main content
M
MichaelWaites
Associate II
February 18, 2026
Solved

DIY Generation of Password Debug Authentication OB Keys Data

  • February 18, 2026
  • 1 reply
  • 184 views

Our current product uses the STM32H533 microcontroller and password based Debug Authentication.

 

We have a need to generate a large number of different DA passwords and corresponding OB Keys provisioning data.

 

This is possible by creating our own tool to generate OB Keys .xml files and passing those into the STM32TrustedPackageCreator_CLI.exe tool, but it would be nice to cut out the .xml files and need to use the Trusted Package Creator tool.

 

Given that the input .xml file contains a 'hash' tag and that output .obk file contains 512 bits of seemingly random data, I suspect this is a SHA-512 of the password, however I cannot manually re-create the same hash.  I've attempted padding the password to various different lengths, with various different values, additionally including the additional bytes that are included in the created 'password.bin' file that accompanies the .obk file.

 

What process/data goes into creating the contents of the .obk file?  Is this secret, or can I have the info so that I can just create that data with my own custom tool?

 

Thanks

Best answer by Jocelyn RICARD

Hello @MichaelWaites ,

Nothing is secret here. You can find the description of OBK file in AN6008 (Getting started with debug authentication) Rev4 Table 13.

You can use the description provided to feed a LLM to generate the python script you need.

By the way, you could find same details using SideKick, the chatbot provided when you click on icon on bottom right of your screen. This chatbot is very useful to find right documentation!

Best regards

Jocelyn

1 reply

Jocelyn RICARD
Jocelyn RICARDBest answer
ST Employee
February 24, 2026

Hello @MichaelWaites ,

Nothing is secret here. You can find the description of OBK file in AN6008 (Getting started with debug authentication) Rev4 Table 13.

You can use the description provided to feed a LLM to generate the python script you need.

By the way, you could find same details using SideKick, the chatbot provided when you click on icon on bottom right of your screen. This chatbot is very useful to find right documentation!

Best regards

Jocelyn

M
MichaelWaitesAuthor
Associate II
February 24, 2026

Hi Jocelyn,

 

Thanks for your response, I'm now able to generate the appropriate hashes in a hex editor (I hadn't considered that the 512bit data would be two 256bit hashes).  I'll get on and modify my custom tool.

 

I'll try remember to try SideKick next time I have a question.  I'm usually AI averse, since it will be putting me out of a job :D  Hopefully I can build my retirement fund before it gets to that.

 

Thanks again,

Michael

Terms & ConditionsAccessibility statement