AN 759: Using Secure Boot in Intel® Arria® 10 SoC Devices

ID 683060
Date 3/29/2021
Document Table of Contents

How do I configure the second-stage boot loader image for encryption using the pre-generated AES key?

If you require a signed and encrypted second-stage boot loader image for authentication and decryption, then the image is encrypted prior to signing. Otherwise the image is encrypted after the source is generated and the image is built. You encrypt the final image using the Intel® Arria® 10 SoC FPGA Authentication Signing Utility, You must select the appropriate security settings for encryption before generating the second-stage boot loader in the After the settings are applied, you must build the boot loader image to include the configuration.