I want you to tell about the structure of Secure JTAG.
By reading the document about i.MX6, I learned about Secure JTAG.
- In Secure JTAG mode, the JTAG controller output from TDO the Challenge value including unique ID which the Device has. Concurrently, an Internal Response value is generated using the Challenge value and Response key beforehand burned in eFUSE. A specific algorithm is used in order to generate an Internal Response value.
- In ICE/debugger side, The Challenge value got from TDO and Response key set up beforehand are processed using the same algorithm as the Device side.
- And it's Response value is returned to Device TDI.
- Device compares the Internal Response value generated itself with the Response value got from TDI, and judges allow/not-allow to JTAG access.
- Therefore, Response key in eFUSE and Responce key given to ICE/Debugger are symmetric key.
- In common with all products, it can be used by setting free hexadecimals to Response key.
Is my understanding described in the above correct?