BIF File with Multiple AESKEY Files - 2021.1 English

Zynq UltraScale+ MPSoC Software Developer Guide (UG1137)

Document ID
UG1137
Release Date
2021-07-13
Version
2021.1 English

The following BIF file samples show the encryptions using aeskey files:

One AES Key / Partition

You may specify multiple .nky files, one for each partition in the image. The partitions are encrypted using the key that is specified before the partition.

sample_bif:
{
[aeskeyfile] test1.nky
[bootloader, encryption=aes] fsbl.elf 
[aeskeyfile] test2.nky 
[encryption=aes] hello.elf 
[aeskeyfile] test3.nky 
[encryption=aes] app.elf
}

The fsbl.elf partition is encrypted using the keys from test1.nky file. If we assume that the hello.elf file has two partitions since it has two loadable sections, then both the partitions are encrypted using keys from test2.nky file. The app.elf partition is encrypted using keys from test3.nky file.

One AES Key / Each Partition (Multiple Loadable Sections Scenario)

You may specify multiple .nky files, one for each partition in the image. The partitions are encrypted using the key that is specified before the partition. You are allowed to have unique key files for each of the partition created due to multiple loadable sections by having key file names appended with ‘.1’, ‘.2’...’.n’ in the same directory of the key file meant for that partition.

sample_bif:
{
[aeskeyfile] test1.nky
[bootloader, encryption=aes] fsbl.elf 
[aeskeyfile] test2.nky 
[encryption=aes] hello.elf 
[aeskeyfile] test3.nky 
[encryption=aes] app.elf
}

The fsbl.elf partition is encrypted using the keys from test1.nky file. Assume that the hello.elf file has three partitions since it has three loadable sections, and hello.elf.0 is encrypted using the keys from test2.nky file, hello.elf.1 is encrypted using the keys from test2.1.nky, and hello.elf.2 is encrypted using the keys from test2.2.nky file. The app.elf partition is encrypted using keys from test3.nky file.

Using the same .nky file across multiple partitions, reuses the AES Key and AES Key/IV Pair in each partition. Using the AES key across multiple partitions increases the exposure of the key and violates NIST. 800-38D. To avoid the re-use of AES Key/IV pair, Bootgen increments the IV with the partition number. To avoid the re-use of both AES Key and AES Key/IV pair, Bootgen allows you to provide multiple .nky files, one for each partition.

Important: To avoid key re-use, support for single nky file across multiple partitions will be deprecated.
CAUTION:
Using a single .nky file with multiple partitions means that the same key is being used in each partition, which violates NIST. 800-38D. A warning is issued in the current release with the plan to generate an error in future releases.
Note: Key0/IV0 - should be the same in all the nky files.

If you specify multiple keys and if the number of keys are less than the number of blocks to be encrypted, the Bootgen is ERRORED OUT.

If you need to specify multiple Key/IV pairs, you must specify (number-of-blocks+1) pairs. The extra Key/IV pair is for SH. Ex: If blocks=4;8;16 - you have to specify 4+1=5 Key/IV pairs.