4.2.3 SecureBoot
Command
The SecureBoot
command provides support for secure boot of
an external MCU or MPU. The general approach is that the boot code within the system
will use the ECC608-TFLXWPC to assist in validating the
application code that is to be subsequently executed. The ECC608-TFLXWPC device is
configured to operate in the SecureBoot, Stored Digest mode.
The digest will be stored in Slot 7 and the public key
required to verify the SecureBoot is stored in Slot 15. The
device can optionally be configured to use the persistent
latch. Depending on the option selected, the SecureBoot may
or may not be tied to power-up. See Secure Boot Option.
In lieu of a return code, a MAC can optionally be generated from a nonce written to TempKey, the IO protection secret and various other data, dependent upon the mode of the command, to prevent tampering with the wire between the host and the ECC608-TFLXWPC.