User eFUSE Support with Enhanced RSA Key Revocation - 2022.1 English

Vitis Unified Software Platform Documentation: Embedded Software Development (UG1400)

Document ID
UG1400
Release Date
2022-04-26
Version
2022.1 English

Enhanced RSA Key Revocation Support

The RSA key provides the ability to revoke the secondary keys of one partition without revoking the secondary keys for all partitions.

Note: The primary key should be the same across all partitions.

This is achieved by using USER_FUSE0 to USER_FUSE7 eFUSEs with the BIF parameter spk_select.

Note: You can revoke up to 256 keys, if all are not required for their usage.

The following BIF file sample shows enhanced user fuse revocation. Image header and FSBL uses different SSKs for authentication (ssk1.pem and ssk2.pem respectively) with the following BIF input.

the_ROM_image:
{
	[auth_params]ppk_select = 0
	[pskfile]psk.pem
	[sskfile]ssk1.pem
	[
	  bootloader,
	  authentication = rsa,
	  spk_select = spk-efuse,
	  spk_id = 0x8,
	  sskfile = ssk2.pem
	] zynqmp_fsbl.elf
	[
	  destination_cpu = a53-0,
	  authentication = rsa,
	  spk_select = user-efuse,
	  spk_id = 0x100,
	  sskfile = ssk3.pem
	] application.elf
	[
	  destination_cpu = a53-0,
	  authentication = rsa,
	  spk_select = spk-efuse,
	  spk_id = 0x8,
	  sskfile = ssk4.pem
	] application2.elf
} 
  • spk_select = spk-efuse indicates that spk_id eFUSE will be used for that partition.
  • spk_select = user-efuse indicates that user eFUSE will be used for that partition.

Partitions loaded by CSU ROM will always use spk_efuse.

Note: The spk_id eFUSE specifies which key is valid. Hence, the ROM checks the entire field of spk_id eFUSE against the SPK ID to make sure its a bit for bit match.

The user eFUSE specifies which key ID is NOT valid (has been revoked). Therefore, the firmware (non-ROM) checks to see if a given user eFUSE that represents the SPK ID has been programmed.