14.2.4 User Signature Block 0 of SEFC0

The User Signature Block 0 of SEFC0 is reserved for ROM code usage. This is a 4096-byte special area, split into eight 512-byte pages.

In “non-secure” boot modes (SAM-BA Monitor, Standard boot or FFPI Monitor), the ROM code scans the User Signature Block 0, erases it if not already erased, and keeps the block unlocked to allow read, write and erase permissions from the EEFC_USR register of SEFC0. This is a safety mechanism, erasing the customer keys when the selected boot mode in GPNVM[8:5] is altered from a “secure” boot mode to a “non-secure” boot mode.

If the selected boot mode in GPNVM[8:5] is SAM-BA Monitor, the user is allowed to program the secure boot data expected in Secure boot mode, without executing the Secure SAM-BA Monitor.

In “secure” boot modes (Secure boot, Secure SAM-BA Monitor), the ROM code stores its secure boot configuration (authentication algorithm and customer keys) in the User Signature Block 0. Before executing an authenticated user application, the ROM code locks the access to the User Signature Block 0 and removes read, write and erase permissions through the EEFC_USR register of SEFC0. This way the customer keys are protected against any further access from the software.

Finally, the secret customer key, used during AES-256-CMAC computation for user application authentication, is sent from the Flash controller (SEFC0) to the AES hardware through the key bus. This key never goes through the system bus, the CPU or the internal SRAM.