AES Encryption with Multiple Key Sources - 2020.2 English

Bootgen User Guide (UG1283)

Document ID
UG1283
Release Date
2020-12-15
Version
2020.2 English

This example shows the usage of different key sources for different partitions.


all:
{
    bh_keyfile = ./PUF4K_KEY.txt
    puf_file = ./PUFHD_4K.txt
    bh_kek_iv = ./blk_iv.txt
    bbram_kek_iv = ./bbram_blkIv.txt
    efuse_kek_iv = ./efuse_blkIv.txt
    boot_config {puf4kmode , shutter=0x0100005E}
    id_code = 0x04CA8093
    extended_id_code = 0x01
    image
    {
        name = pmc_subsys, id = 0x1c000001
        {type = bootloader,
         encryption = aes, keysrc=bbram_blk_key, dpacm_enable,revoke_id = 0x5, aeskeyfile = ./plm.nky,
         file = ./plm.elf}
        {type = pmcdata,
         aeskeyfile = pmcCdo.nky,
         file = ./pmc_data.cdo}
    }
    metaheader
    {
         encryption = aes, keysrc=bbram_blk_key,dpacm_enable, revoke_id = 0x6,
         aeskeyfile = metaheader.nky
    }
    image
    {
        id = 0x1c000002, name = ss_psm
        {type = cdo,
        encryption = aes, keysrc = bh_blk_key, pufhd_bh, revoke_id = 0x8, aeskeyfile = ./psmfw.nky,
        file = ./lpd_data.cdo}
        { core = psm, file = ./psm_fw.elf}
    }
    image
    {
        id = 0x1c000000, name = fpd
        {type = cdo,
        encryption = aes, keysrc = efuse_blk_key, dpacm_enable, revoke_id = 0x10,aeskeyfile = ./fpdcdo.nky,/*Here PUF helper data is also on efuse */
        file = ./fpd_data.cdo}
    }
    image
    {
        id = 0x1c000000, name = subsystem
        {type = cdo,file = ./subsystem.cdo}
    }
}