Intel(R) Arria(R) 10 SoC FPGA Authentication Signing Utility

Intel(R) Arria(R) 10 SoC FPGA Authentication Signing Utility, formerly known as Altera secure boot tool (alt-secure-boot), is a tool that help to apply the security settings to the image to be loaded by BootROM. The security settings are authentication and encryption. This tool is only available for Intel SoC FPGA Arria10 Family Device.

How to use

Prerequisites

Python Requirements:

• Python 3.6 or higher (tested up to Python 3.14)
• Required Python packages:
  • pyasn1==0.4.8 - ASN.1 types and codecs
  • pyasn1-modules==0.2.8 - ASN.1 protocol modules
  • cryptography - Required for verify_image.py tool (cryptographic operations)

Install Python Dependencies:

# Install all required packages
pip install -r requirements.txt

# Or install individually
pip install pyasn1==0.4.8 pyasn1-modules==0.2.8 cryptography

OpenSSL Requirements:

• OpenSSL 1.1.1g or higher (for key generation and signing operations)
• Must be accessible in system PATH

Altera Quartus Prime:

• Required for programming device fuses and enabling secure boot on hardware
• Required for encryption operations via quartus_cpf and ensure it is available in your PATH

Installation Steps

1. Install Python 3.6+

   • Download from https://www.python.org/downloads/
   • Add Python to system PATH during installation

2. Install Required Python Modules

   pip install --upgrade -r requirements.txt

3. Install OpenSSL (For Windows users)

   • Install GIT for Windows from https://gitforwindows.org/
   • Add GIT MinGW binary path to PATH: C:\Program Files\Git\mingw64\bin
   • This provides OpenSSL and other Unix-like utilities

4. Install Altera Quartus Prime

   • Required for fuse programming and device provisioning
   • https://www.altera.com/products/development-tools/quartus

5. Clone Repository

   git clone <repository-url>
   cd alt-secure-boot

Generate Key pair

Create a trusted key pair using openssl (Example below will generate keypair into output file root_key.pem)

$ openssl ecparam -genkey -name prime256v1 -out root_key.pem

Authentication

The authentication feature ensures that only trusted bootloader images can execute on the device. The tool signs the bootloader image with a private key, and the BootROM verifies the signature using the corresponding public key hash stored in device fuses.

Key Concepts:

• Root Key: The primary key whose public key hash is burned into device fuses. This forms the root of trust.
• Subroot Keys: Optional intermediate keys in a signature chain, allowing key rotation without reprogramming fuses.
• Signature Chain: A hierarchical signing structure where the root key signs subroot keys, and the final subroot key signs the bootloader.

Basic Command Syntax:

$ python alt_authtool.py sign [<param1> <param2> ...]

Common Parameters:

• -t <type>: Key type (user/fuse/boot/le)
• -k <file>: Root key file (PEM format)
• -s <file>: Subroot key file (can be used multiple times for chain)
• -i <file>: Input bootloader image
• -o <file>: Output signed image

Encryption

The encryption feature protects the confidentiality of the bootloader image by encrypting it with AES keys. This prevents unauthorized viewing or tampering of the bootloader code and data.

Key Concepts:

• AES Key File: Contains one or more AES encryption keys
• Key Selection: Specify which key from the file to use for encryption
• Hardware Decryption: The device BootROM decrypts the image during secure boot

Basic Command Syntax:

$ python alt_authtool.py encrypt [<param1> <param2> ...]

Common Parameters:

• -k <file:key_name>: Key file and key name (e.g., key_file.key:key1)
• -i <file>: Input bootloader image
• -o <file>: Output encrypted image

Authentication and Encryption Combined

For maximum security, both authentication and encryption can be applied to the bootloader image. This ensures both integrity verification and confidentiality protection.

CRITICAL: Correct Operation Order

The operations MUST be performed in this specific order:

1. First: Encrypt the bootloader image
2. Second: Sign the encrypted image

Why this order matters: If you sign first and then encrypt, the signature field will be encrypted, making it unreadable by the BootROM. This will cause authentication to fail. Always encrypt the data first, then sign the encrypted output so the signature remains accessible for verification.

Usage Examples with Sample Outputs

Example 1: Single-Key Authentication (Root Key Only)

This example demonstrates signing a bootloader with a single root key (no signature chain).

Command:

$ python alt_authtool.py sign -t user -k root_key.pem -i u-boot-mkimage.bin -o u-boot-signed.abin

Sample Output:

======================================================================
ROOT PUBLIC KEY HASH (for UAF fuse programming)
======================================================================
SHA256 digest of root public key:
253368e5570306b465e8875b915368fad29b593bfd2a7639d00793ed4584a28b

This is the Fuse Programming File Example:
──────────────────────────────────────────────────────────────────────
authen_en=0x1
kak_len=0x0 //Quartus Prime only supports 256bit KAK Key value.
kak_key=0x8ba28445ed9307d039762afd3b599bd2fa6853915b87e865b4060357e5683325
======================================================================

======================================================================
OUTPUT IMAGE SIGNATURE HEADER
======================================================================
Magic:              0x31305341
Version:            0x00000000
Header Length:      144 bytes
Load Length:        524288 bytes
Number of Sigs:     0
Offset to Checksum: 0x00000090
Flags:              0x00000000

Root Key Type:      USER (0x00000002)
Root Key Offset:    0x00000000
Root Key Length:    0 bytes

Auth Image Type:    ECC-256 (0x00010100)
Image Data Offset:  0x00000090
Image Data Length:  524288 bytes
Image Sig Offset:   0x00080090
Image Sig Length:   64 bytes
======================================================================


======================================================================
SIGNING OPERATION COMPLETE - SUMMARY
======================================================================
Signature Mode: SINGLE-KEY (No Chain)
Total signatures: 1
  - Signature: Root → Bootloader Image

Signature Chain: NONE
  • number_of_sigs = 0
  • Root key signs bootloader directly

Output file: u-boot-signed.abin
Total size: 524496 bytes (512.20 KB)
======================================================================

Example 2: Multi-Key Authentication (Signature Chain)

This example demonstrates signing with a signature chain using root key and subroot keys.

Command:

$ python alt_authtool.py sign -t user -k root_key.pem -s subroot1.pem -s subroot2.pem -i u-boot-mkimage.bin -o u-boot-chain-signed.abin

Sample Output:

======================================================================
ROOT PUBLIC KEY HASH (for UAF fuse programming)
======================================================================
SHA256 digest of root public key:
253368e5570306b465e8875b915368fad29b593bfd2a7639d00793ed4584a28b

This is the Fuse Programming File Example:
──────────────────────────────────────────────────────────────────────
authen_en=0x1
kak_len=0x0 //Quartus Prime only supports 256bit KAK Key value.
kak_key=0x8ba28445ed9307d039762afd3b599bd2fa6853915b87e865b4060357e5683325
======================================================================

======================================================================
OUTPUT IMAGE SIGNATURE HEADER
======================================================================
Magic:              0x31305341
Version:            0x00000000
Header Length:      272 bytes
Load Length:        524288 bytes
Number of Sigs:     2
Offset to Checksum: 0x00000110
Flags:              0x00000000

Root Key Type:      USER (0x00000002)
Root Key Offset:    0x00000000
Root Key Length:    0 bytes

Auth Image Type:    ECC-256 (0x00010100)
Image Data Offset:  0x00000110
Image Data Length:  524288 bytes
Image Sig Offset:   0x00080110
Image Sig Length:   64 bytes
======================================================================


======================================================================
SIGNING OPERATION COMPLETE - SUMMARY
======================================================================
Signature Mode: MULTI-KEY (Chain)
Total signatures created: 3
  - Intermediate signatures: 2
      Signature #1: Root → Subroot #1
      Signature #2: Subroot #1 → Subroot #2
  - Final image signature: 1
      Final: Subroot #2 → Bootloader Image

Signature Chain: Root → Subroot1 → Subroot2 → Bootloader Image
  • number_of_sigs = 2

Output file: u-boot-chain-signed.abin
Total size: 524624 bytes (512.33 KB)
======================================================================

Key Output Sections Explained

1. ROOT PUBLIC KEY HASH: Shows the SHA256 hash of your root public key in both standard and reversed byte order. The reversed format (kak_key value) is ready to paste into your UAF fuse programming file for hardware provisioning.

2. OUTPUT IMAGE SIGNATURE HEADER: Displays the complete authentication header structure written to the signed image, including magic number, key type, signature offsets, and image sizes for verification.

3. SIGNING OPERATION SUMMARY: Provides a clear visualization of the signature chain:

   • Single-key mode: Root key directly signs the bootloader (number_of_sigs = 0)
   • Multi-key mode: Shows the complete chain of trust from root through all subroot keys to the bootloader (number_of_sigs = number of subroot keys)

Example 3: Encryption

This example demonstrates encrypting a bootloader image without authentication.

Command:

$ python alt_authtool.py encrypt -k key_file.key:key1 -i u-boot-mkimage.bin -o uboot-encrypted.abin

Example 4: Authentication and Encryption Combined

For maximum security, combine both authentication and encryption. Important: Encryption must be performed first, then sign the encrypted image.

Step 1: Encrypt the bootloader

$ python alt_authtool.py encrypt -k key_file.key:key1 -i u-boot-mkimage.bin -o uboot-encrypted.abin

Step 2: Sign the encrypted image

$ python alt_authtool.py sign -t user -k root_key.pem -i uboot-encrypted.abin -o uboot-encrypted-signed.abin

Note: If you sign first and then encrypt, the signature field will be encrypted, and authentication will fail. Always encrypt first, then sign.

Verifying Signed Images

The verify_image.py tool is used to verify the image signature before programming it to the hardware.

Purpose:

• Verify that a signed image will authenticate correctly on hardware
• Check the signature chain integrity (root → subroot → image)
• Confirm the correct root key was used for signing
• Display the UAF fuse values needed for hardware programming
• Support both encrypted and unencrypted images (decryption requires Altera Quartus Prime)

Command Syntax:

python bin/verify_image.py <signed_image.abin> <root_key.pem>

Examples:

# Verify unencrypted signed image
python bin/verify_image.py u-boot-signed.abin root_key.pem

# Verify encrypted signed image (verification continues on encrypted payload)
python bin/verify_image.py u-boot-encrypted-signed.abin root_key.pem

Verification Process Explained:

1. Encryption Detection - Checks if the image is encrypted and reports the status
2. Header Parsing - Validates the authentication header magic number and extracts signature information
3. Root Key Extraction - Extracts the public key embedded in the signed image
4. Key Matching - Compares the extracted key with the provided PEM file to ensure they match
5. Signature Chain Verification - For multi-key mode, verifies each subroot key signature in sequence
6. Image Signature Verification - Verifies the final signature covering the entire image using ECDSA with SHA256

Sample Output:

================================================================================
ARRIA 10 BOOT IMAGE SIGNATURE VERIFICATION
================================================================================

Image file:     u-boot-signed.abin
Root key file:  root_key.pem
Image size:     1025.2 KB

Encryption Status: NOT ENCRYPTED

================================================================================
PARSING AUTHENTICATION HEADER
================================================================================
SUCCESS: Magic number 0x74944592 validated (SECURE IMAGE)

Security Header:
  Version:           0
  Number of sigs:    0
  Flags:             0x00000002
    - Must decrypt:  NO
    - Must auth:     YES

Root Key Info:
  Type:              USER (0x00000002)
  Offset:            0x00000400
  Length:            65 bytes

================================================================================
STEP 1: EXTRACT ROOT PUBLIC KEY FROM IMAGE
================================================================================
SUCCESS: Extracted root public key (65 bytes)

SHA256 hash (standard): 253368e5570306b465e8875b915368fad29b593bfd2a7639d00793ed4584a28b

UAF Fuse Programming Format:
  authen_en=0x1
  kak_len=0x0
  kak_key=0x8ba28445ed9307d039762afd3b599bd2fa6853915b87e865b4060357e5683325

================================================================================
STEP 2: LOAD EXPECTED ROOT KEY FROM PEM FILE
================================================================================
SUCCESS: Loaded root public key from PEM (65 bytes)
SHA256 hash (standard): 253368e5570306b465e8875b915368fad29b593bfd2a7639d00793ed4584a28b

================================================================================
STEP 3: VERIFY ROOT KEY MATCHES
================================================================================
SUCCESS: Root key matches!
  The image was signed with the provided root key.

================================================================================
STEP 4: VERIFY FINAL IMAGE SIGNATURE
================================================================================
Signed data range: 0x00000000 - 0x00100479
Signed data includes:
  - Authentication header
  - All public keys
  - All subroot signatures
  - Boot image data

SUCCESS: Extracted final signature (71 bytes)

────────────────────────────────────────────────────────────────────────────────
VERIFYING: Root key signing entire image
────────────────────────────────────────────────────────────────────────────────
Data size:       1049721 bytes
Signature size:  71 bytes
SUCCESS: Signature verification passed

================================================================================
VERIFICATION COMPLETE - ALL SIGNATURES VALID!
================================================================================

VERIFICATION SUMMARY:
- Root key matches provided PEM file
- Verified 0 subroot key signature(s)
- Verified final image signature
- Total signatures verified: 1

================================================================================
SIGNATURE CHAIN SUMMARY
================================================================================
  Root → signs → ENTIRE IMAGE

================================================================================
This image will boot successfully on hardware with:
  1. UAF fuses programmed with kak_key=0x8ba28445ed9307d039762afd3b599bd2fa6853915b87e865b4060357e5683325
  2. Secure boot enabled (authen_en_f=1)
================================================================================

Use Cases:

• Pre-Production Testing: Verify images before flashing to hardware
• Key Validation: Confirm the correct signing key was used
• Chain Debugging: Identify which signature in a multi-key chain is invalid
• Fuse Value Extraction: Get the exact hash value needed for UAF fuse programming

Exit Codes:

• 0 - All signatures valid, image will authenticate successfully
• 1 - Verification failed (invalid signature, wrong key, or corrupted image)

Understanding the Fuse Programming File Output

When you run the signing tool, it generates a fuse programming file format that can be directly used with Altera Quartus Prime for provisioning the device fuses. Here's what each field means:

This is the Fuse Programming File Example:
──────────────────────────────────────────────────────────────────────
authen_en=0x1
kak_len=0x0 //Quartus Prime only supports 256bit KAK Key value.
kak_key=0x8ba28445ed9307d039762afd3b599bd2fa6853915b87e865b4060357e5683325

Field Descriptions

Field	Value	Description
authen_en	0x1	Authentication Enable Flag Setting this to 0x1 enables the authentication feature in the device. Once programmed into fuses, the BootROM will require all boot images to be properly signed and authenticated.
kak_len	0x0	Key Authentication Key Length Specifies the KAK key length. 0x0 indicates 256-bit ECC keys (prime256v1). Altera Quartus Prime currently only supports 256-bit KAK keys for Arria 10 devices, so this value should remain 0x0.
kak_key	0xb2a1f0...	Key Authentication Key Hash This is the SHA256 hash of your root public key in reversed byte order (hardware format). This 256-bit value is burned into the device fuses and serves as the root of trust. The BootROM will compare this hash against the public key in the boot image to verify authenticity. IMPORTANT: This value is permanent once written to fuses and cannot be changed. Ensure you securely backup your root private key!

Using the Fuse File in Quartus Prime

1. Copy the three lines (authen_en, kak_len, kak_key) into your UAF (User Authentication File)
2. Open Altera Quartus Prime Programming Tool
3. Load your UAF file containing these values
4. Program the device fuses using the Quartus Prime Programmer

Security Warning

• Fuse programming is irreversible! Once you program the kak_key into device fuses, you cannot change it.
• Backup your private key securely! If you lose the private key corresponding to the programmed public key hash, you will not be able to sign new bootloaders for that device.
• Test thoroughly before programming production devices. Use development boards for initial testing.
• After fuse programming, only bootloaders signed with the corresponding private key will be accepted by the device BootROM.

Reference

For more information on how to use the secure boot tool please refer to https://www.intel.com/content/www/us/en/programmable/documentation/cru1452898171006.html#cru1452898115026