Actually it is not A questions, but a series of questions.
I have a bootloader to support user application reloading. In order to support commercial license, I am considering use UID as seed for certain authentication functions in the bootloader.
Here comes the problem, if I embed the authentication functions inside the bootloader, I have to protect my bootloader from user applications.
How to protect my bootloader? It is quite easy to read all the contents from ROM if it supports user application reloading. A simple hacker code can be reloaded and print out all ROM code to external terminal.
In my mind, some ROM region should be protected from reading. Where is the implemeation detail for KL and K?
And if so, can a user application access call ROM functions in bootloader when it is in secure situation? If not, how to call the authentication function anyway? By copying these functions to RAM?