BIF File for Black Key Stored in Boot Header - 2020.2 English

Zynq UltraScale+ MPSoC Software Developer Guide (UG1137)

Document ID
Release Date
2020.2 English

The following BIF file sample shows boot header black key encryption:

[aeskeyfile] redkey.nky 
[keysrc_encryption] bh_blk_key 
[bh_keyfile] blackkey.txt 
[bh_key_iv] black_key_iv.txt
[fsbl_config] pufhd_bh , puf4kmode , shutter=0x0100005E, bh_auth_enable 
[pskfile] PSK.pem
[sskfile] SSK.pem
[bootloader,authentication=rsa , encryption=aes, destination_cpu=a53-0]fsbl.elf 
Note: Authentication of boot image is compulsory for using black key encryption.

To generate or program the eFUSEs with the back key, see Zynq eFUSE PS API in the OS and Libraries Document Collection (UG643).