I'm working on a custom bootloader that may include some sort of cryptographic control to prevent unauthorized code from being loaded. I've found the flash security bit can prevent reading/programming/erasing other than a full chip erase, which sounds like what I'd want to prevent easy access to any locally stored keys. However, it sounds like setting the flash security bit would also prevent my bootloader from functioning, because in order to update the flash, it would need to erase itself (...problematic...) during the chip erase command.
I do have external memory (SD card) and the 64k of on chip RAM, but it sounds like those aren't of any use because the only way to clear the security bit is via JTAG.
Has anyone done something like this and managed to prevent someone from easily reading the flash, without performing a full security lockdown?