Encryption - 2020.2 English

Zynq UltraScale+ MPSoC Software Developer Guide (UG1137)

Document ID
UG1137
Release Date
2021-01-05
Version
2020.2 English

Zynq UltraScale+ MPSoCs has a 256-bit AES-GCM hardware engine that supports confidentiality of your boot images, and can also be used by you post-boot to encrypt and decrypt your data.

The AES cryptographic engine has access to a diverse set of key sources. For more information on the key sources, see Zynq UltraScale+ Device Technical Reference Manual (UG1085).

The red key is used to encrypt the image. During the generation of the boot file (BOOT.bin), the red key, and the initialization vector (IV) must be provided to the Bootgen tool in .nky file format.

PMU firmware can be loaded by CSU bootROM or FSBL. The CSUROM treats the FSBL and PMU firmware as separate partitions and hence, decrypts each of them individually. If both the FSBL and PMU firmware are encrypted, the AES Key/IV will be reused, which is a violation of the standard.

Important: If both the FSBL and PMU firmware are encrypted, the PMU firmware must be loaded by the FSBL (and not the CSU bootROM) to avoid reusing the AES Key/IV pair. For more information, see Xilinx Answer 70622.

The following BIF file is for encrypted image, where PMU firmware is loaded by FSBL:

the_ROM_image:
{
[aeskeyfile] bbram.nky [keysrc_encryption] bbram_red_key
[bootloader, encryption=aes, destination_cpu=a53-0] ZynqMP_Fsbl.elf [destination_cpu = pmu, encryption=aes] pmufw.elf
}