Bootgen offers support for HSS-SHAKE256 authentication algorithm for SU10P, SU25P, and SU35P models of Spartan UltraScale+, while for the SU50P, SU55P, SU65P, SU100P, SU150P, and SU200P models it supports ECDSA-p384, HSS-SHAKE256, and LMS-SHAKE256 authentication algorithm. To calculate the hash on the PLM partition, NIST SHA3-256 is used for SU10P, SU25P, and SU35P, and SHA3-384 is used for SU50P, SU55P, SU65P, SU100P, SU150P, and SU200P.
Compared to previous devices in Spartan UltraScale+, HashBlock0 is placed next to authenticate certificate by default in PDI. HashBlock0 is composed with BH hash, PLM hash, PL data hash, and padding. The signature calculated on the HashBlock0 is placed next to it in the PDI. For more information, see Spartan UltraScale+ Boot Image Format.
- For non secure PDI generation HashBlock0 is calculated by default for data integrity check unlike previous devices.
- Spartan UltraScale+ SU10P, SU25P, and SU35P support SHA3-256 hashing, whereas Spartan UltraScale+ SU50P, SU55P, SU65P, SU100P, SU150P, and SU200P support SHA3-384.
- The digest size for SU10P, SU25P, and SU35P models is 32 bytes (SHA3-256), so the total size of HASHblock0 is 144 (padding is needed as the block length is 16 bytes aligned)
- The digest size for SU50P, SU55P, SU65P, SU100P, SU150P, and SU200P models is 48 bytes (SHA3-384), so the total size of the HASH block is 208 bytes (padding is necessary because the block length is 16 bytes aligned)
| Data | Field | Length (Bytes) |
|---|---|---|
| BH Hash | Hash Index | 4 |
| Hash Value | Digest Size | |
| PLM | Hash Index | 4 |
| Hash Value | Digest Size | |
| PL | Hash Index | 4 |
| Hash Value | Digest Size | |
| User Slot 1 | Hash Index | 4 |
| Hash Value | Digest Size |