I am trying to create a secure boot file. I was not succesful so far, but just found here in EZ that for the BF707 I have to set the elfloader's -NoFillBlock switch. Thgis is something I have to try today. But my question now is how can I load the userkey to open a locked device. I have programmed the OTP via the example provided by AD. That seems to go fine, I did not yet lock the device!
Now I tried to load the userkey's as explanied in EE366 page 20-22, and also used the xml example CCES-ReleaseNote-1-1-0 page 9: unlocking a secure part.
The loading of the xml file goes fine, but I do not see any changes in the TAPC0_SDBGKEY registers, they stay on 0x00000. To be sure the xml is loaded I added a line to set the EPPIO_CTRL register with a dummy value and that works fine.
I also chanded the name of userkey0-3 in the xml file to TAPC0_SDBGKEY0-3, but that does not make any difference.
Does anyone knows how I can open the device for debugging once it it locked.
I did not lock the device yet (I tried it ones and ennded op replacing the BF707, since I could not open the device anymore).
Please note that once the part is locked, the access to the JTAG is only possible once the correct secure emulation emulation key is passed through the JTAG. One this passes, then only JTAG access will be allowed to modify the flash content. But OTP can never be changed.