19.2.5 Secure Valid Code Detection

The valid code detection in Secure mode is similar to the one in Standard Boot mode. However, additional checks and operations are done.

If the initialization of NVM is successful, the ROM code reads and deciphers the first 32 bytes of the potential secure boot file to find a valid Arm exception vector table (see Arm Exception Vector Check). From the sixth vector, the ROM code extracts the size of the boot file including its signature. When the AUTH_MODE field is set to 1 in the Secure Boot Configuration Packet, the size of the X.509 certificate chain is also extracted. The boot file size must be 16 bytes aligned (AES block size). The sum of the boot file and certificate sizes must be lower than 64 Kbytes. If these first validations fail, the ROM code restores the memory interface PIO and settings to their reset values and then tries to boot on the next NVM.

Otherwise, the total size is used to copy the boot file, its signature and the X.509 certificate chain from the NVM into the internal SRAM.

Next, depending on the AUTH_MODE field in the Secure Boot Configuration Packet, either the AES-CMAC digest or the RSA signature of the boot file is checked. As usual, if this final validation fails, the peripheral is reset and the ROM code jumps to the next NVM.

If the boot file verification passes, the ROM code deciphers the boot file stored in the internal SRAM.

Since the NVM interface is no longer needed, the ROM code restores the interface registers and IO reset values.

Finally, the ROM code locks access to ROM area, enables JTAG and then branches to 0x00100000 to execute the boot file.