AN 759: Using Secure Boot in Intel® Arria® 10 SoC Devices

Download
ID 683060
Date 3/29/2021
Public
Document Table of Contents

Secure Boot Image Tool

The Intel® Arria® 10 SoC FPGA Authentication Signing Utility, alt_authtool.py, applies the security settings to the second-stage boot loader image.

If the boot loader is to be authenticated, the secure boot image tool signs the boot loader image with the private key from the previously-generated key pair file. The boot loader generator invokes the tool with the sign option and associated parameters from the security settings, as follows:

$  python -B -E alt_authtool.py sign [<param1> <param2> ...]
$ python -B -E alt_authtool.py encrypt -k key_file.key:key1 -i u-boot-mkimage.bin -o uboot-encrypted.abin

If the boot loader is to be encrypted, the secure boot image tool encrypts the boot loader image with the key from the previously-generated AES key file. The boot loader generator invokes the tool with the encrypt option and associated parameters from the security settings, as follows:

$ python -B -E alt_authtool.py encrypt [<param1> <param2> ...]
$ python -B -E alt_authtool.py encrypt -k key_file.key:key1 -i u-boot-mkimage.bin -o uboot-encrypted.abin

Did you find the information on this page useful?

Characters remaining:

Feedback Message