AES Encryption and Authentication Example - 2024.2 English

Bootgen User Guide (UG1283)

Document ID
UG1283
Release Date
2024-12-13
Version
2024.2 English

This example demonstrates the use of AES encryption and authentication.

all:
{
    bh_kek_iv = ./blkiv.txt
    bh_keyfile = ./blkkey.txt
    efuse_kek_iv = ./efuse_blkIv.txt
    boot_config {bh_auth_enable, puf4kmode , shutter=0x8100005E}
    id_code = 0x04CA8093
    extended_id_code = 0x01
    image
    {
        name = pmc_subsys, id = 0x1c000001
        {type = bootloader,
         encryption = aes, keysrc=bh_blk_key, dpacm_enable,revoke_id = 0x5, aeskeyfile = ./plm.nky, authentication = rsa, pskfile = ./PSK1.pem, sskfile = ./SSK5.pem,
         file = ./plm.elf}
        {type = pmcdata, aeskeyfile = ./pmc_data.nky, file = ./pmc_data.cdo}
    }
    metaheader
    {
         encryption = aes, keysrc=bh_blk_key, dpacm_enable, revoke_id = 0x6,
         aeskeyfile = metaheader.nky
    }
    image
    {
        name = lpd, id = 0x4210002
        {type = cdo,
        encryption = aes, keysrc = bbram_red_key, revoke_id = 0x8, aeskeyfile = lpd.nky,
        file = ./lpd_data.cdo}
        { core = psm, file = ./psm_fw.elf}
    }
    image
    {
        name = fpd, id = 0x420c003
        {type = cdo,
        encryption = aes, keysrc = efuse_blk_key, dpacm_enable, revoke_id = 0x10, aeskeyfile = fpd.nky, authentication = ecdsa-p384, pskfile = ./PSK1.pem, sskfile = ./SSK5.pem,
        file = ./fpd_data.cdo}
    }
}