6.2.3 SecureBoot Command

The SecureBoot command provides support for the secure boot of an external MCU or MPU. The general approach is that the boot code within the system will use the ECC608-TMNGTLS to assist in validating the application code that is to be subsequently executed. The ECC608-TMNGTLS device is configured to operate in the SecureBoot, Stored Digest mode. The digest will be stored in Slot 13 and the public key required to verify the SecureBoot is stored in Slot 15.

In lieu of a return code, a MAC can optionally be generated from a nonce written to TempKey, the I/O protection secret and various other data, dependent upon the mode of the command, to prevent tampering with the wire between the host and the ECC608-TMNGTLS.