Programmable Devices
CPLDs, FPGAs, SoC FPGAs, Configuration, and Transceivers
20810 Discussions

How to test Secure Boot in Arria10 without programming any FUSE

AbhishekH
Beginner
650 Views

The documents mention "unsecured root key" that doesn't need to be stored in the device and is supposed to be present in the boot header.

But I can't find any procedure to achieve this.

0 Kudos
8 Replies
EBERLAZARE_I_Intel
630 Views
0 Kudos
EBERLAZARE_I_Intel
605 Views

Hi,


Please read the SoC Security Section of the Arria 10 SoC HPS TRM:

https://www.intel.com/content/www/us/en/docs/programmable/683711/21-2/soc-security.html


0 Kudos
EBERLAZARE_I_Intel
595 Views

Hi,


Do you have any follow-up questions?


0 Kudos
EBERLAZARE_I_Intel
577 Views

Hi,


Did you try to reply? I see some changes made from you on this case but no latest reply is visible in the forum.


0 Kudos
AbhishekH
Beginner
570 Views

Hi,

Sorry for the delay. But I couldn't find the procedure to place KAK in boot header in that document. I also noticed that It's mentioned we need to get NDA to get complete document. By any chance that document has the procedure I need or are you referring to the publicly available document ?

0 Kudos
EBERLAZARE_I_Intel
547 Views

In the AN759. You need python and the secure boot tools (https://github.com/altera-opensource/alt-secure-boot)



python -B -E secure_boot_tools/alt-secure-boot/bin/\

alt_authtool.py sign -t user -k root_key.pem -i\

u-boot_w_dtb-single-mkimage.bin -o u-boot_w_dtb-signed.abin


The User is the Unsecure key.



0 Kudos
EBERLAZARE_I_Intel
542 Views

Hi,


Do you have any further questions?


0 Kudos
Reply