3.10.1.2. PUBLIC_KEY.get

Security User Guide: Intel® FPGA Programmable Acceleration Card D5005

Download PDF

ID 683877

Date 8/25/2020

Version current

Public

Document Table of Contents

Document Table of Contents x

1. Overview 2. Intel® FPGA PAC Security Features 3. Intel FPGA PAC Security Flow 4. Using fpgasupdate 5. Document Revision History for Security User Guide

1. Overview x

1.1. About This Document 1.2. Prerequisites 1.3. Related Documentation 1.4. Glossary

2. Intel® FPGA PAC Security Features x

2.1. Secure Image Updates 2.2. Anti-Rollback Capability 2.3. Key Management 2.4. Authentication 2.5. Encryption

3. Intel FPGA PAC Security Flow x

3.1. Installing PACSign 3.2. PACSign Tool 3.3. Creating Unsigned Images 3.4. Using an HSM Manager 3.5. Creating Keys 3.6. Root Entry Hash Bitstream Creation 3.7. Signing Images 3.8. Creating a CSK ID Cancellation Bitstream 3.9. PACSign PKCS11 Manager *.json Reference 3.10. Creating a Custom HSM Manager 3.11. PACSign Man Page

3.5. Creating Keys x

3.5.1. OpenSSL Key Creation 3.5.2. HSM Key Creation

3.7. Signing Images x

3.7.1. Signing OpenCL* Images

3.10. Creating a Custom HSM Manager x

3.10.1. HSM_MANAGER.get_public_key(public_key) 3.10.2. HSM_MANAGER.sign(data, key) 3.10.3. Signing Operation Flow

3.10.1. HSM_MANAGER.get_public_key(public_key) x

3.10.1.1. PUBLIC_KEY.get_X_Y() 3.10.1.2. PUBLIC_KEY.get_permission() 3.10.1.3. PUBLIC_KEY.get_ID() 3.10.1.4. PUBLIC_KEY.get_content_type()

4. Using fpgasupdate x

4.1. Troubleshooting

1. Overview

1.1. About This Document

1.2. Prerequisites

1.3. Related Documentation

1.4. Glossary

2. Intel® FPGA PAC Security Features

2.1. Secure Image Updates

2.2. Anti-Rollback Capability

2.3. Key Management

2.4. Authentication

2.5. Encryption

3. Intel FPGA PAC Security Flow

3.1. Installing PACSign

3.2. PACSign Tool

3.3. Creating Unsigned Images

3.4. Using an HSM Manager

3.5. Creating Keys

3.5.1. OpenSSL Key Creation

3.5.2. HSM Key Creation

3.6. Root Entry Hash Bitstream Creation

3.7. Signing Images

3.7.1. Signing OpenCL* Images

3.8. Creating a CSK ID Cancellation Bitstream

3.9. PACSign PKCS11 Manager *.json Reference

3.10. Creating a Custom HSM Manager

3.10.1. HSM_MANAGER.get_public_key(public_key)

3.10.1.1. PUBLIC_KEY.get_X_Y()

3.10.1.2. PUBLIC_KEY.get_permission()

3.10.1.3. PUBLIC_KEY.get_ID()

3.10.1.4. PUBLIC_KEY.get_content_type()

3.10.2. HSM_MANAGER.sign(data, key)

3.10.3. Signing Operation Flow

3.11. PACSign Man Page

4. Using fpgasupdate

4.1. Troubleshooting

5. Document Revision History for Security User Guide

3.10.1.2. PUBLIC_KEY.get_permission()

Intel FPGA PAC keys have associated permissions. This function returns an integer that corresponds to the assigned key permissions. For Intel® FPGA PACs, all root key permissions must be the constant 0xFFFFFFFF. For code signing keys, the permissions are described below.

Table 5. Key Permissions
Value	Name	Permission
1	SIGN_SR	Sign the FIM or Static Region
2	SIGN_BMC	Sign the card BMC Nios® firmware and/or the Intel® MAX® 10 image
4	SIGN_PR	Sign the PR Region or AFU

Level Two Title

Select Your Language

Using Intel.com Search

Quick Links

Recent Searches

Advanced Search

Only search in

Security User Guide: Intel® FPGA Programmable Acceleration Card D5005

3.10.1.2. PUBLIC_KEY.get_permission()