What Secure Boot Modes are supported in ADSP-BF707
Three formats of Secure Booting are supported:
- BLp – This is when the boot stream is not encrypted but is digitally signed.
- BLw – This is when the boot stream is encrypted and digitally signed. The key to decrypt the stream is “wrapped” and provided in the Security header.
- BLx – This is also when the boot stream is encrypted and digitally signed. The key to decrypt the stream is stored in OTP memory a priori by the customer.
- The PRIVATE key is used to generate the signature and is held secret on the host computer.
- The PUBLIC key is pre-programmed into the OTP by the customer and is used by the boot kernel to verify the signature thereby authenticating the boot stream