HSM Flow with Both Authentication and Encryption - 2021.2 English

Bootgen User Guide (UG1283)

Document ID
UG1283
Release Date
2021-10-22
Version
2021.2 English

Stage 0: Encrypt and authenticate the plain bitstream with dummy key. Add the keylife parameter if keyrolling is required.

You can provide the .nky file, or Bootgen can generate .nky file that contains the keys for encryption. Obfuscated AES key generation is not supported by Bootgen. The keylife parameter is necessary for the keyrolling feature.

the_ROM_image:

{

[aeskeyfile] encrypt.nky

[sskfile] dummykey.pem

[encryption=aes, authentication=rsa,keylife =32] plain-system.bit

}

bootgen -arch fpga -image stage0.bif -w -o auth-encrypt-system.bit -log info
After this step, the .nky file is generated if encryption is enabled. This file contains all the keys.

Stage 1: Generate hashes

See the following code for an example.

the_ROM_image:

{

[authentication=rsa] auth-encrypt-system.bit

}

 

bootgen -arch fpga -image stage1.bif -generate_hashes -log info

Stage 2: Sign the hash HSM

Here, OpenSSL is used for demonstration.

openssl rsautl -sign -inkey rsaPrivKeyInfo.pem -in auth-encrypt-system.sha384 > auth-encrypt-system.sha384.sig

You can use the HSM server to sign the hashes. For SSI technology devices, generate the signatures for each super logic region (SLR). The following example shows the code to generate the signatures for a device with four SLRs.

openssl rsautl -sign -inkey rsaPrivKeyInfo.pem -in auth-encrypt-system.0.sha384 > auth-encrypt-system.0.sha384.sig

openssl rsautl -sign -inkey rsaPrivKeyInfo.pem -in auth-encrypt-system.1.sha384 > auth-encrypt-system.1.sha384.sig

openssl rsautl -sign -inkey rsaPrivKeyInfo.pem -in auth-encrypt-system.2.sha384 > auth-encrypt-system.2.sha384.sig

openssl rsautl -sign -inkey rsaPrivKeyInfo.pem -in auth-encrypt-system.3.sha384 > auth-encrypt-system.3.sha384.sig

Stage 3: Update the RSA certificate with the actual signature

See the following code for an example.

the_ROM_image:

{

[spkfile] rsaPubKeyInfo.pem

[authentication=rsa, presign=auth-encrypt-system.sha384.sig] auth-encrypt-system.bit

}

Command:bootgen -arch fpga -image stage3.bif -w -o rsa_encrypt.bit -log info
Note: For SSI technology devices, use presign=<first presign filename>:<number of total presigns>. For example, a device with four SLRs should have <first presign filename:4>.