SecureBoot
CommandThe SecureBoot
command provides support for secure boot of
an external MCU or MPU. The general approach is that the boot code within the system
will use the ATECC608A-TFLXTLS to assist in validating the
application code that is to be subsequently executed. The
ATECC608A-TFLXTLS device has been configured to operate in
the SecureBoot, Stored Digest mode. The digest will be
stored in Slot 7 and the public key required to verify the
SecureBoot is stored in Slot 15. The device can optionally
be configured to use the persistent latch. Depending on the
option selected SecureBoot may or may not be tied to
power-up. Please see Secure Boot Option
In lieu of a return code, a MAC can optionally be generated from a nonce written to TempKey, the IO protection secret and various other data, dependent upon the mode of the command, to prevent tampering with the wire between the host and the ATECC608A-TFLXTLS.