cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted
Visitor
Visitor
2,319 Views
Registered: ‎01-22-2018

SDK-Create Boot Image

Jump to solution

Hi,

 

I am getting an 'invalid stoi error" whether I use the command line or the wizard when creating a boot image.

It seems as if [bootloader, encryption=aes]".........." is causing the issues.

 

When I remove the encryption=aes attribute, it runs perfectly. Also, when it does run and create the .bin file, I am unsure if it is actually encrypted. The CRC32 code is indeed different from the unencrypted .bin file, but I was told that doesn't necessarily mean its encrypted. Here is the skeleton of my bif file. File paths are omitted intentionally

 

//arch = zynqmp; split = false; format = BIN
the_ROM_image:
{
 [aeskeyfile]..\Sauce\xxx.nky
 [keysrc_encryption]efuse_red_key
 [fsbl_config]a53_x64
 [bootloader, encryption=aes]...\Sauce\xxx.elf
}

 

By using aeskeyfile attribute but not the encryption=aes, does that automatically mean it will be encrypted ?

0 Kudos
1 Solution

Accepted Solutions
Highlighted
Visitor
Visitor
2,877 Views
Registered: ‎01-22-2018

I think I may have figured out my issue.

 

The .nky file was incorrect. I had:

 

Device  xxxxx

Key 0   xxxxxx

Key StartCBC xxxxxx

Key HMAC xxxxx

 

when all I needed was:

Device  xxxxx

Key 0   xxxxxx

IV         xxxxxx

 

Thanks anyway!

View solution in original post

0 Kudos
10 Replies
Highlighted
Xilinx Employee
Xilinx Employee
2,290 Views
Registered: ‎10-21-2010

Hi,

The image will not be encrypted when encryption=aes is not used. Which host OS/version and SDK version are you using? Is it possible to send a testcase to reproduce this error? If you have concerns in attaching a testcase to this post, please send me a private message

0 Kudos
Highlighted
Visitor
Visitor
2,878 Views
Registered: ‎01-22-2018

I think I may have figured out my issue.

 

The .nky file was incorrect. I had:

 

Device  xxxxx

Key 0   xxxxxx

Key StartCBC xxxxxx

Key HMAC xxxxx

 

when all I needed was:

Device  xxxxx

Key 0   xxxxxx

IV         xxxxxx

 

Thanks anyway!

View solution in original post

0 Kudos
Highlighted
2,140 Views
Registered: ‎04-12-2018

Hi kltention,

 

How did you convert the nky file? AKA, where did you get the IV from?

I created my nky file following XAPP 1175 (create bif with referenced key file that doesnt exist, with a random elf, create BIN from this, and it spits out the nky file).

 

Looks like when i specify zynqmp is fails.... What platform are you using?

 

 

Thanks,

Mark

0 Kudos
Highlighted
2,124 Views
Registered: ‎04-12-2018

Ignore me, it seems the BIF form needed for ZynqMP parts is different to Zynq parts....

 

file.bif:
the_ROM_image:
{
[aeskeyfile]bbram.nky
[keysrc_encryption]bbram_red_key
[fsbl_config]a53_x64
[bootloader, encryption = aes]fsbl.elf
}

 

command (change PARTNAME to your part):

bootgen -arch zynqmp -image file.bif -p PARTNAME -o BOOT.BIN

 

 

0 Kudos
Highlighted
Visitor
Visitor
2,102 Views
Registered: ‎01-22-2018

I generated my own IV

0 Kudos
Highlighted
Visitor
Visitor
2,101 Views
Registered: ‎01-22-2018

If you have the part number in the .nky file you won't have to use in the command.

And yes I found out the hard way that the 2 Products were different (Zynq and Zynqmp)

 

Good luck!

0 Kudos
Highlighted
Visitor
Visitor
1,966 Views
Registered: ‎04-12-2018

Hi kltention,

 

I also work on Zynqmp platform, would you please show me how you generate the .nky file which is:

Device  xxxxx

Key 0   xxxxxx

IV         xxxxxx

 

Mine is also the format:

Device  xxxxx

Key 0   xxxxxx

Key StartCBC xxxxxx

Key HMAC xxxxx

 

and got [ERROR]  : invalid stoi argument.

 

Thanks,

hexiaojun

0 Kudos
Highlighted
Visitor
Visitor
1,955 Views
Registered: ‎01-22-2018

Hey!

 

Glad to help.

 

Initially I had the same issue and my nky file was structured the same way as yours. Here is what I did to solve my problem:

 

CBI.png

 

PARTITION.png

 

security.png

*the part name field has dummy info in it. Locate the partname for your own system

*ignore warning in my photo. It is because "output.bif" already exists.

 

As you can see I set up the bootgen tool with the usual params. However, when I got to the Security -> Encryption tab. I left the "Key File" field blank. This allowed bootgen to create the key(s) and the .nky file for me. I don't recommend using bootgen keys for your encryption. I used this method to debug the "invalid stoi argument" issue.

 

Click "Create Image" once completed, check the directory for a file titled "output.nky". Observing that file, you can see how bootgen structures the .nky file to it's liking. You should set up your .nky file the same.

 

Hope this helps!

0 Kudos
Highlighted
Visitor
Visitor
1,945 Views
Registered: ‎04-12-2018

Hi kltention,

 

Thanks a lot, I got the format file.

So the IV and key are the random string which is special character as HEX value, right?

 

Thanks,

hexiaojun

0 Kudos
Highlighted
Visitor
Visitor
1,387 Views
Registered: ‎01-22-2018

Hi,

 

I'm not sure of the exact algorithm Xilinx uses to generate their own keys and ivs. I wrote my own program to generate my iv and key using .NET framework

 

Best regards!

0 Kudos