When you select Program eFUSE Registers..., a wizard appears and guides you through the process of selecting the NKY file and the various eFUSE registers you want to program. After you add the NKY or PEM file you also have the ability to double check the key values and verify that these are the AES and RSA keys that you intend to program into the device. (See the following figure.)
The User Register setup screen is shown in the following figure. This allows you to specify a unique 32-bit and/or a 128-bit value to program into the FUSE_USER register bits. These registers are readable from the FPGA logic using the eFUSE_USR primitive.
The Control Register setup screen is shown in the following figure. This allows you to select which FUSE_CNTL register bits to program. These bits provide security by disabling read and write operations on different eFUSE Control registers.
The Security Register setup screen is shown in the following figure. This allows you to select which FUSE_SEC register bits to program. These bits provide additional security by only allowing encrypted bitstreams or enabling RSA authentication.
KeyObfuscate field because the BITSTREAM.ENCRYPTION.OBFUSCATEKEY property
was enabled prior to write_bitstream, then the obfuscated key flag in the eFUSE or BBRAM
is automatically set by Vivado software during
programming of the AES-256 key.