How to activate code protection on CH554,

Its not active in WCHISP "Enable code and data protection mode"

Could you please explain how to do it?

Code protection of CH554 always acivated, and there's  noway to closed it.

 WCHISPTool   "Enable code and data protection mode" is  unchangeable,default is acivated.

Thanks a lot for your answer,

If so, there is a button in WCHISP, verify code flash, 

When I select updated hex file and push the verify code flash button;

it says;

Total verified : 1 , 1 succeed, 0 failed,

When I choose another hex file and press verify;

It says failed,

So, If the code protection is enabled, how WCHISP verify the code?

Check the datasheet. Code Protection is one of that programmable bits at the end of the bootloader,

As i understand that its only used for protecting downloads via SPI although i have no idea how this might work,?

Since that SPI protocol is not available to the public its unknown how it really works. As a mather of fact for very old bootloader versions its possible to change that bit. The verify itself has nothing todo with that bit. The bootloader itself has a verify cmd build in to check if the download was correct.?

BTW;

i have seen similar verify failures in the past on my CH552 with loader 2.31. My guess is some flash cells are worn out. The chip just has 200 cycles and since every download erases the flash for security reasons this might happen earlier than expected. As a result every download may count as 2 writes on some flash cells this is especially the case for the irq vectors.

verify bug in WCHISPtool - 沁恒微电子社区

The "code protection option" is for SPI interface(as picture below), which is absolutely confidential vendor information.

WCHISPTool can use bootloader to verify chip's flash,This is to ensure that the code download correctly.Once data errors occur during the verification process, the chip will be unable to respond to all subsequent cmd unless the chip is powered on again.

To "read" 8 bytes by "Verify CodeFlash", its requires about 2 ^ 34years.To "read" the entire flash, which takes infinite time.

How can I sure that WCH didnt put any back door in the chip?

Who needs to verify code protected chip?

The built-in BOOTLOADER of the chip is safe, and the code cannot be read.

The bootloader is save since V2.4. I guess you need to trust WCH on this. But thats the same with every chip vendor isn't it?

"Bootloader is safe" sentence is not true,

Right one; 

WCH Tech guys says that bootloader is safe, 

I cant even check from "official" datasheet because its in chienese,

I think WCH dont want to sell their mcu's to people that they don't know Chinese lang,

lol

well i am not from WCH and I am saying this:

Since version 2.4 the loader is save, I can say this because v1,1 and v2.31 were not save

You always can translate the datasheet by google translate that works pretty well these days.

Its true that these chips are for chinese markets, anyway they already found their way to Europe.

You can switch web to English.

The chip datasheet downloaded from the English web is in English.

English version CH554 datasheet: http://www.wch-ic.com/downloads/CH554DS1_PDF.html