BIF File for Black Key Stored in Boot Header - 2022.2 English

Zynq UltraScale+ MPSoC Software Developer Guide (UG1137)

Document ID
UG1137
Release Date
2022-11-02
Version
2022.2 English

The following BIF file sample shows boot header black key encryption:

the_ROM_image:
{
[aeskeyfile] redkey.nky 
[keysrc_encryption] bh_blk_key 
[bh_keyfile] blackkey.txt 
[bh_key_iv] black_key_iv.txt
[fsbl_config] pufhd_bh , puf4kmode , shutter=0x0100005E, bh_auth_enable 
[pskfile] PSK.pem
[sskfile] SSK.pem
[bootloader,authentication=rsa , encryption=aes, destination_cpu=a53-0]fsbl.elf 
[puf_file]hlprdata4k.txt
}
Note: Authentication of boot image is compulsory for using black key encryption.

To generate or program the eFUSEs with the back key, see Programming BBRAM and eFUSEs (XAPP1319).