Programmable Devices
CPLDs, FPGAs, SoC FPGAs, Configuration, and Transceivers
20713 Discussions

How to test Secure Boot in Arria10 without programming any FUSE

AbhishekH
Beginner
563 Views

The documents mention "unsecured root key" that doesn't need to be stored in the device and is supposed to be present in the boot header.

But I can't find any procedure to achieve this.

0 Kudos
8 Replies
EBERLAZARE_I_Intel
543 Views
0 Kudos
EBERLAZARE_I_Intel
518 Views

Hi,


Please read the SoC Security Section of the Arria 10 SoC HPS TRM:

https://www.intel.com/content/www/us/en/docs/programmable/683711/21-2/soc-security.html


0 Kudos
EBERLAZARE_I_Intel
508 Views

Hi,


Do you have any follow-up questions?


0 Kudos
EBERLAZARE_I_Intel
490 Views

Hi,


Did you try to reply? I see some changes made from you on this case but no latest reply is visible in the forum.


0 Kudos
AbhishekH
Beginner
483 Views

Hi,

Sorry for the delay. But I couldn't find the procedure to place KAK in boot header in that document. I also noticed that It's mentioned we need to get NDA to get complete document. By any chance that document has the procedure I need or are you referring to the publicly available document ?

0 Kudos
EBERLAZARE_I_Intel
460 Views

In the AN759. You need python and the secure boot tools (https://github.com/altera-opensource/alt-secure-boot)



python -B -E secure_boot_tools/alt-secure-boot/bin/\

alt_authtool.py sign -t user -k root_key.pem -i\

u-boot_w_dtb-single-mkimage.bin -o u-boot_w_dtb-signed.abin


The User is the Unsecure key.



0 Kudos
EBERLAZARE_I_Intel
455 Views

Hi,


Do you have any further questions?


0 Kudos
Reply