Intel® Quartus® Prime Software
Intel® Quartus® Prime Design Software, Design Entry, Synthesis, Simulation, Verification, Timing Analysis, System Design (Platform Designer, formerly Qsys)
16949 Discussions

Unexpected error message while using quartus_sign

LVEZI
Beginner
‎07-01-2019 03:02 PM
1,600 Views

Hi,

I am trying to follow this user guide : https://www.intel.com/content/dam/altera-www/global/en_US/pdfs/literature/hb/stratix-10/ug-s10-security.pdf

On page 16, chapter 3.3, following command has to be executed :

quartus_sign --family=stratix10 --operation=append_key --previous_pem=design1_sign_private.pem --previous_qky=design0_sign_chain.qky --permission=4  --cancel=1 design1_sign_public.pem design1_sign_chain.qky

 

When I run it, I get following error message :

Error (20354): Fail to execute file /tools/appli/altera/quartus_19.2_Linux/quartus/common/devinfo/programmer//python/stratix10_sign.py Error (20353): Module: family_var1_sign.py, Function: append_key, Line: 102 Error (20353): The specified permission results chain permission value of 0. This is invalid to sign any data Error: Quartus Prime Signing_Tool was unsuccessful. 3 errors, 0 warnings

Why this tool is talking about permission=0 whereas I provided permission=4?

 

I tried to get some help using quartus_sign --help=permission:

bash-4.2$ quartus_sign --help=permission   Option: -p <device family name> | --permission=<device family name>   Option to specify sign permission.

As you can see, it is not very helpful (moreover it is wrong, this is not the device family which has to be given).

 

Same behavior between Quartus Linux 19.1 and 19.2

 

Any help would be appreciated.

Regards

Loic

0 Kudos

Link Copied

5 Replies
YuanLi_S_Intel
Employee
‎07-03-2019 08:51 AM
1,339 Views

Hi Loic,

 

May i know have you execute the command with permission = 2?

 

Seems like the permission is ranged from 0-2.

https://www.intel.com/content/dam/www/programmable/us/en/pdfs/literature/hb/stratix-10/ug-s10-security.pdf (Page 32)

 

Regards,

YL

0 Kudos
Copy link
LVEZI
Beginner
‎07-03-2019 09:11 AM
1,339 Views

Hi,

Thanks for your answer.

Yes I executed the command with permission = 2 and it runs fine.

Page 32 says that permission is ranged from 0-2 and page 17 says to set permission=4 ??

Is there any coherent version of this user guide ?

 

Here is the command I executed to get all keys (no_passphrase used to make flow setup easier for the moment):

quartus_encrypt --family=stratix10 --operation=make_aes_key output.qek   quartus_sign --no_passphrase --family=stratix10 --operation=make_private_pem --curve=secp384r1 root_private.pem quartus_sign --no_passphrase --family=stratix10 --operation=make_public_pem root_private.pem root_public.pem quartus_sign --no_passphrase --family=stratix10 --operation=make_root root_public.pem root_public.qky quartus_sign --no_passphrase --family=stratix10 --operation=make_private_pem --curve=secp384r1 design0_sign_private.pem quartus_sign --no_passphrase --family=stratix10 --operation=make_public_pem design0_sign_private.pem design0_sign_public.pem quartus_sign --no_passphrase --family=stratix10 --operation=append_key --previous_pem=root_private.pem --previous_qky=root_public.qky --permission=1 --cancel=0 design0_sign_public.pem design0_sign_chain.qky quartus_sign --no_passphrase --family=stratix10 --operation=make_private_pem --curve=secp384r1 design1_sign_private.pem quartus_sign --no_passphrase --family=stratix10 --operation=make_public_pem design1_sign_private.pem design1_sign_public.pem quartus_sign --no_passphrase --family=stratix10 --operation=append_key --previous_pem=design0_sign_private.pem --previous_qky=design0_sign_chain.qky --permission=2 --cancel=1 design1_sign_public.pem design1_sign_chain.qky

Everything runs fine except last command which returns :

Info: ******************************************************************* Info: Running Quartus Prime Signing_Tool Info: Version 19.2.0 Build 57 06/24/2019 SJ Pro Edition Info: Copyright (C) 2019 Intel Corporation. All rights reserved. Info: Your use of Intel Corporation's design tools, logic functions Info: and other software and tools, and any partner logic Info: functions, and any output files from any of the foregoing Info: (including device programming or simulation files), and any Info: associated documentation or information are expressly subject Info: to the terms and conditions of the Intel Program License Info: Subscription Agreement, the Intel Quartus Prime License Agreement, Info: the Intel FPGA IP License Agreement, or other applicable license Info: agreement, including, without limitation, that your use is for Info: the sole purpose of programming logic devices manufactured by Info: Intel and sold by Intel or its authorized distributors. Please Info: refer to the applicable agreement for further details, at Info: https://fpgasoftware.intel.com/eula. Info: Processing started: Wed Jul 3 11:09:10 2019 Info: Command: quartus_sign --no_passphrase --family=stratix10 --operation=append_key --previous_pem=design0_sign_private.pem --previous_qky=design0_sign_chain.qky --permission=2 --cancel=1 design1_sign_public.pem design1_sign_chain.qky Error (20354): Fail to execute file /tools/appli/altera/quartus_19.2_Linux/quartus/common/devinfo/programmer//python/stratix10_sign.py Error (20353): Module: family_var1_sign.py, Function: append_key, Line: 102 Error (20353): The specified permission results chain permission value of 0. This is invalid to sign any data Error: Quartus Prime Signing_Tool was unsuccessful. 3 errors, 0 warnings Error: Peak virtual memory: 352 megabytes Error: Processing ended: Wed Jul 3 11:09:10 2019 Error: Elapsed time: 00:00:00

Thanks in advance for your help

Regards

Loic.

0 Kudos
Copy link
YuanLi_S_Intel
Employee
‎08-30-2019 08:34 AM
1,339 Views

Hi Loic,

 

Based on the error message "Error (20354): Fail to execute file /tools/appli/altera/quartus_19.2_Linux/quartus/common/devinfo/programmer//python/stratix10_sign.py", seems like the file is not available in the directory.

 

Can you please check?

 

Regards,

YL

 

0 Kudos
Copy link
LVEZI
Beginner
‎08-30-2019 09:09 AM
1,339 Views

Hi,

The file exists.

If you read more attentively the error messages, you will see that the error appeared during the execution of this Python script:

Error (20353): Module: family_var1_sign.py, Function: append_key, Line: 102

Error (20353): The specified permission results chain permission value of 0. This is invalid to sign any data

Why does it returns that whereas permission has been set to 2 at command call?

 

Best regards

Loic

0 Kudos
Copy link
YuanLi_S_Intel
Employee
‎11-04-2019 06:49 AM
1,339 Views

HI Loic Vezier,

 

I have tested the command myself. However, i am not able to duplicate the issue. Is it possible for you to share me your bitstream or design file?

 

Also, i am testing it on v19.1 and it works prefectly fine.

 

Thank You.

0 Kudos
Copy link
Reply

Community support is provided Monday to Friday. Other contact methods are available here.

Intel does not verify all solutions, including but not limited to any file transfers that may appear in this community. Accordingly, Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.

For more complete information about compiler optimizations, see our Optimization Notice.