When Program eFUSE Registers... is selected a wizard appears and guides you through the process of selecting the NKY file and the various eFUSE registers you want to program. After you add the NKY or PEM file you also have the ability to double check the key values and verify that these are the AES and RSA keys that you intend to program into the device. (See This Figure .)
The User Register setup screen is shown in This Figure . This allows you to specify a unique 32-bit and/or a 128-bit value to program into the FUSE_USER register bits. These registers are readable from the FPGA logic using the eFUSE_USR primitive.
The Control Register setup screen is shown in This Figure . This allows you to select which FUSE_CNTL register bits to program. These bits provide security by disabling read and write operations on different eFUSE Control registers.
Note: See Table: eFUSE Control Register Bit (FUSE_CNTL) Description for Control register bit descriptions and recommended settings.
The Security Register setup screen is shown in This Figure . This allows you to select which FUSE_SEC register bits to program. These bits provide additional security by only allowing encrypted bitstreams or enabling RSA authentication.
Note: See Table: eFUSE Control Register Bit (FUSE_SEC) Description for Security register bit descriptions and recommended settings.
Note: If the NKY file contains an KeyObfuscate field because the BITSTREAM.ENCRYPTION.OBFUSCATEKEY property was enabled prior to write_bitstream, then the obfuscated key flag in the eFUSE or BBRAM is automatically set by Vivado software during programming of the AES-256 key.
The last screen ( This Figure ) is the Summary screen that you can use to verify that the options you have selected are the options that you intend to implement. Remember that eFUSE registers are one-time programmable and can NOT be changed at a later time.
