Debug Certificate Loading Process And Constraints
In both the EH_STATE and ROT_STATE there are concepts of application configuration and debug certificates.
These are blocks of data in fixed locations which are reserved for use by the ROM. The actual usage and layout of these data blocks are different in the two states.
- EH_STATE
- In EH_STATE the application configuration is optional allowing the image to be located away from the base of flash.
- If the application configuration block is not available or not valid, the ROM boots by default from the base of flash memory if a suitable application exists there.
- The debug certificate in EH_STATE consists of a single reserved area of memory held in a single 256-byte sector of Data Flash.
- ROT_STATE
- The application configuration data is mandatory in ROT_STATE as it defines the memory locations of the various Root of Trust certificates and hence allows the RoT to be established.
- The debug certificates, if present, are stored in a reserved block of memory held in contiguous sectors of data flash.
For more information about this topic, see: