HSM Mode - 2021.2 English

Bootgen User Guide (UG1283)

Document ID
UG1283
Release Date
2021-10-22
Version
2021.2 English

For production, FPGAs use the HSM mode, and can also be used in Standard mode.

Standard Mode

Standard mode generates a bitstream which has the authentication signature embedded. In this mode, the secret keys are supposed to be available to the user for generating the authenticated bitstream. Run Bootgen as follows:

bootgen -arch fpga -image all.bif -o rsa_ref.bit -w on -log error

The following steps listed below describe how to generate an authenticated bitstream in HSM mode, where the secret keys are maintained by secure team and not available with the user. The following figure shows the HSM mode flow:

Figure 1. HSM Mode Flow

Stage 0: Authenticate with dummy key

This is a one time task for a given bit stream. For stage 0, Bootgen generates the stage0.bif file.

bootgen -arch fpga -image stage0.bif -w -o dummy.bit -log error

The content of stage0.bif is as follows. Refer to the next stages for format.

the_ROM_image:
{
	[sskfile] dummykey.pem
	[authentication=rsa] plain.bit
}
Note: The authenticated bitstream has a header, an actual bitstream, a signature and a footer. This dummy.bit is created to get a bitstream in the format of authenticated bitstream, with a dummy signature. Now, when the dummy bit file is given to Bootgen, it calculates the signature and inserts at the offset to give an authenticated bitstream.

Stage 1: Generate hashes

bootgen -arch fpga
          -image stage1.bif -generate_hashes -log error

Stage1.bif is as follows:

the_ROM_image:
{
	[authentication=rsa] dummy.bit
}

Stage 2: Sign the hash HSM

Here, OpenSSL is used for demonstration.

openssl rsautl -sign
  -inkey rsaPrivKeyInfo.pem -in dummy.sha384 > dummy.sha384.sig

Stage 3: Update the RSA certificate with Actual Signature

The Stage3.bif is as follows:

bootgen -arch fpga -image stage3.bif -w -o rsa_rel.bit -log error
the_ROM_image:
{
	 [spkfile] rsaPubKeyInfo.pem
	 [authentication=rsa, presign=dummy.sha384.sig]dummy.bit
}
Note: The public key digest, which must be burnt into eFUSEs, can be found in the generated rsaPubKeyInfo.pem.nky file in Stage3 of HSM mode.