This example shows the usage of different key sources for different partitions.
all:
{
bh_keyfile = ./PUF4K_KEY.txt
puf_file = ./PUFHD_4K.txt
bh_kek_iv = ./blk_iv.txt
bbram_kek_iv = ./bbram_blkIv.txt
efuse_kek_iv = ./efuse_blkIv.txt
boot_config {puf4kmode , shutter=0x0100005E}
id_code = 0x04CA8093
extended_id_code = 0x01
image
{
name = pmc_subsys, id = 0x1c000001
{type = bootloader,
encryption = aes, keysrc=bbram_blk_key, dpacm_enable,revoke_id = 0x5, aeskeyfile = ./plm.nky,
file = ./plm.elf}
{type = pmcdata,
aeskeyfile = pmcCdo.nky,
file = ./pmc_data.cdo}
}
metaheader
{
encryption = aes, keysrc=bbram_blk_key,dpacm_enable, revoke_id = 0x6,
aeskeyfile = metaheader.nky
}
image
{
id = 0x1c000002, name = ss_psm
{type = cdo,
encryption = aes, keysrc = bh_blk_key, pufhd_bh, revoke_id = 0x8, aeskeyfile = ./psmfw.nky,
file = ./lpd_data.cdo}
{ core = psm, file = ./psm_fw.elf}
}
image
{
id = 0x1c000000, name = fpd
{type = cdo,
encryption = aes, keysrc = efuse_blk_key, dpacm_enable, revoke_id = 0x10,aeskeyfile = ./fpdcdo.nky,/*Here PUF helper data is also on efuse */
file = ./fpd_data.cdo}
}
image
{
id = 0x1c000000, name = subsystem
{type = cdo,file = ./subsystem.cdo}
}
}