Authentication and Decryption in ZynqMP u-boot

NOTE: This page is applicable only for 2017.1 and 2017.2

Table of Contents

Authentication and Decryption in ZynqMP u-boot

The authentication and decryption functionality in u-boot is divided into two.
1. Authentication or decryption for loading authenticated or encrypted bitstreams to PL.
2. Authentication and/or decryption of images other than PL bitstream.

Loading authenticated/encrypted PL bitstream at u-boot

At u-boot, the authentication/decryption of PL bitstream images is supported using new fpga command "fpga loads" which is described below.

fpga loads [dev] [address] [size] [key/sigaddr:size] [IV/PPKaddr:size] [secureimgtype]

Loads the secure bitstreams(authenticated/encrypted)image of [size] from [address] using key/signature(key for encrypted bitstreams and signature for authenticated bitstreams) from address with size :size and IV/PPK(IV is for encrypted and PPK is for authenticated) at address with size. The secure image type specifies whether it is authenticated/encrypted (1-auth, 0- encrypted) type of bitstream. Please note that as of now u-boot supports sha256 only for hashing

Procedure to create an encrypted bitstream at host

  1. create a bif file as shown in below example.
Example bif file contents:
[encryption = aes]design_1_wrapper.bit
Here key.nky is the key file which contains AES key and IV and design_1_wrapper.bit is bit stream file to be encrypted.
  • Use bootgen as below to get an encrypted bitsream image
bootgen -image encrypt.bif -arch zynqmp -process_bitstream bin
  • The above command outputs an encrypted bitstream image with name design_1_wrapper.bit.bin

Loading of an encrypted bitstream image at u-boot

Above is an example on how to load authenticated bitstreams. Initially we load all the required files(design_1_wrapper.bit.bin, key.bin and iv.bin) at different addresses and then
use fpga loads command as shown above. '0' at the end specifies to load an encrypted bitstream

Procedure to create authenticated image and required files at host

1. Generating RSA private key, 4096 bit long modulus
openssl genrsa -out private-key.pem 4096
2. Generate the RSA public key pair using RSA private key
openssl pkey -in private-key.pem -out pubkey-key.pem -pubout
3. Generate Signature for the required Bit stream file ( design_1_wrapper.bit.bin)
openssl dgst -sha256 -sign private-key.pem -out signature.bin design_1_wrapper.bit.bin
4. Generate public-key.pem.bin from public-key.pem using below command and helper script.
command : public-key.pem
helper script:

With the above command, we will get below files.

Loading of an authenticated bitstream image at u-boot

Above is an example on how to load authenticated bitstreams. Initially we load all the required files(design_1_wrapper.bit.bin, signature.bin and pubkey-key.pem.bin) at different addresses and then
use fpga loads command as shown above. '1' at the end specifies to load an authenticated bitstream.

Loading authenticated/encrypted Images at u-boot

Preparing encrypted Linux images at host

Below is the bootgen command and bif file content(example) to be used for creating encrypted images. This split option below creates all images separately with out partition headers. By this we can get encrypted Image.bin.bin and system.dtb.bin which are just encrypted. These images have to used at u-boot for decryption.
bootgen -image encrypt.bif -split bin -arch zynqmp -w

Bif File contents:
PS: For the split option to work there should be dummy boot loader in bif file and hence placed fsbl in bif file.
Preparing Key_IV file:
1.Concatenate the key and iv together(in sequence first copy key and then concatenate iv to it in a text and save it as bin. With this, we will get key_iv.bin

Decryption of encrypted Linux Images at u-boot:

  1. Copy the created Image.bin.bin and sytem.dtb.bin and key_iv.bin to DDR by any means(used SD commands in below example).
  2. Enter u-boot commands in below log sequence for decryption and boot Linux.
The command for decryption is as follows
aes dec <key_iv addess> <enrypted image addr> <dst adrr> <lenght of encrypted image> hw

Example u-boot log:
As of now, we are ignoring destination address and loading back the decrypted image to address of encrypted image mentioned.

Procedure to create authenticated Linux images and required files at host

As an example here are steps on how to create keys and signatures for linux images(image and system.dtb)
Keys and Signature generation at host:
  • Generate private key at host using openssl with below command
openssl genrsa -out private-key.pem 4096
  • Generate public key using private key generated with above command
openssl pkey -in private-key.pem -out pubkey-key.pem -pubout
  • Generate signature for Linux image using private key
openssl dgst -sha256 -sign private-key.pem -out signature_image.bin Image
  • Generate signature for dtb using private key
openssl dgst -sha256 -sign private-key.pem -out signature_dtb.bin system.dtb
  • The keys generated using above openssl command are in pem format. To convert the key to .bin format, use the attached script() and run as shown below.
./ pubkey-key.pem
This will output public key in bin format as pubkey-key.pem.bin

Authentication of Linux Images at u-boot:

Below is the u-boot command to authenticate images at u-boot.
Command: rsa key src len [hw]

Authenticate a block of data $len bytes long at address $src using a key at address $key address $dst. The Key is a combination of signature of image to authenticate followed by public key to
be used for authentication. The optional hw flag specifies to used hardware engine if supports.

As mentioned in command help above, here are full details on how each argument should be.
key: Key is combination of signature followed by public key immediately. The signature should be of length 512 bytes and public key should be of length 516 bytes.
src: Src is address of authenticated image to where it was downloaded.
len: Len is the length of authenticated image in hex.
hw: Specifies it to use hardware engine for authentication if hardware supports. We support only hw.