Common OTP Fields

1. Common OTP Fields

The following table describes OTP fields of particular interest for customization on platforms supporting OTP memory, including LAN966x and LAN969x. For a complete list of all OTP fields, use otp field list on the target device or refer to the platform SecureBoot documentation.

Field Name Size (bytes) Description

Field Name	Size (bytes)	Description
`SECURE_JTAG`	4	Secure JTAG mode. Controls the operating mode of the JTAG port at reset. The field is stored as a little-endian 32-bit value; bytes 1-3 are always zero and only byte 0 is significant. Once programmed, the JTAG port will start up in one of the following modes: `0` — Open: JTAG port operates normally. `1` — Secure mode 1: JTAG responds to boundary scan only. Can be unlocked via a challenge-response mechanism using `OTP_SJTAG_SSK`. `2` — Secure mode 2: JTAG is completely unresponsive. Can be unlocked via a challenge-response mechanism using `OTP_SJTAG_SSK`. `3` — Closed: JTAG port is permanently disabled. Read by hardware at reset.
`JTAG_UUID`	10	JTAG unique identifier. A 10-byte identifier that uniquely identifies the device’s JTAG interface. Can be used to associate a device with its challenge-response key (`OTP_SJTAG_SSK`) when managing multiple devices. Read by hardware at reset.
`OTP_SJTAG_SSK`	32	Secure JTAG Shared Secret Key. The secret used in the challenge-response mechanism for unlocking a JTAG port configured in secure mode 1 or 2. The response to a challenge is computed as `sha256(challenge + OTP_SJTAG_SSK)`.
`OTP_TBBR_ROTPK`	32	Root of Trust Public Key hash (SHA-256). The hash of the public key used by the secure boot ROM to authenticate BL2. Must be programmed to enable secure boot.
`OTP_TBBR_HUK`	32	Hardware Unique Key. A device-specific secret used to bind encrypted firmware images to a particular device. Should be programmed with random data that is not stored anywhere. The BL2U provisioning protocol supports on-device random key generation for this field, avoiding exposure of the key during provisioning.

SECURE_JTAG

Secure JTAG mode. Controls the operating mode of the JTAG port at reset. The field is stored as a little-endian 32-bit value; bytes 1-3 are always zero and only byte 0 is significant. Once programmed, the JTAG port will start up in one of the following modes:

0 — Open: JTAG port operates normally.
1 — Secure mode 1: JTAG responds to boundary scan only. Can be unlocked via a challenge-response mechanism using OTP_SJTAG_SSK.
2 — Secure mode 2: JTAG is completely unresponsive. Can be unlocked via a challenge-response mechanism using OTP_SJTAG_SSK.
3 — Closed: JTAG port is permanently disabled.

Read by hardware at reset.

JTAG_UUID

JTAG unique identifier. A 10-byte identifier that uniquely identifies the device’s JTAG interface. Can be used to associate a device with its challenge-response key (OTP_SJTAG_SSK) when managing multiple devices. Read by hardware at reset.

OTP_SJTAG_SSK

Secure JTAG Shared Secret Key. The secret used in the challenge-response mechanism for unlocking a JTAG port configured in secure mode 1 or 2. The response to a challenge is computed as sha256(challenge + OTP_SJTAG_SSK).

OTP_TBBR_ROTPK

Root of Trust Public Key hash (SHA-256). The hash of the public key used by the secure boot ROM to authenticate BL2. Must be programmed to enable secure boot.

OTP_TBBR_HUK

Hardware Unique Key. A device-specific secret used to bind encrypted firmware images to a particular device. Should be programmed with random data that is not stored anywhere. The BL2U provisioning protocol supports on-device random key generation for this field, avoiding exposure of the key during provisioning.

Common OTP Fields

1. Common OTP Fields

2. See Also