Solved: SDK-Create Boot Image

kltention · ‎01-22-2018

Hi,

I am getting an 'invalid stoi error" whether I use the command line or the wizard when creating a boot image.

It seems as if [bootloader, encryption=aes]".........." is causing the issues.

When I remove the encryption=aes attribute, it runs perfectly. Also, when it does run and create the .bin file, I am unsure if it is actually encrypted. The CRC32 code is indeed different from the unencrypted .bin file, but I was told that doesn't necessarily mean its encrypted. Here is the skeleton of my bif file. File paths are omitted intentionally

//arch = zynqmp; split = false; format = BIN
the_ROM_image:
{
[aeskeyfile]..\Sauce\xxx.nky
[keysrc_encryption]efuse_red_key
[fsbl_config]a53_x64
[bootloader, encryption=aes]...\Sauce\xxx.elf
}

By using aeskeyfile attribute but not the encryption=aes, does that automatically mean it will be encrypted ?

kltention · ‎01-23-2018

I think I may have figured out my issue.

The .nky file was incorrect. I had:

Device xxxxx

Key 0 xxxxxx

Key StartCBC xxxxxx

Key HMAC xxxxx

when all I needed was:

Device xxxxx

Key 0 xxxxxx

IV xxxxxx

Thanks anyway!

View solution in original post

sadanan · ‎01-22-2018

Hi,

The image will not be encrypted when encryption=aes is not used. Which host OS/version and SDK version are you using? Is it possible to send a testcase to reproduce this error? If you have concerns in attaching a testcase to this post, please send me a private message

kltention · ‎01-23-2018

I think I may have figured out my issue.

The .nky file was incorrect. I had:

Device xxxxx

Key 0 xxxxxx

Key StartCBC xxxxxx

Key HMAC xxxxx

when all I needed was:

Device xxxxx

Key 0 xxxxxx

IV xxxxxx

Thanks anyway!

View solution in original post

msmith.control4 · ‎04-12-2018

Hi kltention,

How did you convert the nky file? AKA, where did you get the IV from?

I created my nky file following XAPP 1175 (create bif with referenced key file that doesnt exist, with a random elf, create BIN from this, and it spits out the nky file).

Looks like when i specify zynqmp is fails.... What platform are you using?

Thanks,

Mark

msmith.control4 · ‎04-12-2018

Ignore me, it seems the BIF form needed for ZynqMP parts is different to Zynq parts....

file.bif:
the_ROM_image:
{
[aeskeyfile]bbram.nky
[keysrc_encryption]bbram_red_key
[fsbl_config]a53_x64
[bootloader, encryption = aes]fsbl.elf
}

command (change PARTNAME to your part):

bootgen -arch zynqmp -image file.bif -p PARTNAME -o BOOT.BIN

kltention · ‎04-13-2018

I generated my own IV

kltention · ‎04-13-2018

If you have the part number in the .nky file you won't have to use in the command.

And yes I found out the hard way that the 2 Products were different (Zynq and Zynqmp)

Good luck!

hexiaojun · ‎05-02-2018

Hi kltention,

I also work on Zynqmp platform, would you please show me how you generate the .nky file which is:

Device xxxxx

Key 0 xxxxxx

IV xxxxxx

Mine is also the format:

Device xxxxx

Key 0 xxxxxx

Key StartCBC xxxxxx

Key HMAC xxxxx

and got [ERROR] : invalid stoi argument.

Thanks,

hexiaojun

kltention · ‎05-02-2018

Hey!

Glad to help.

Initially I had the same issue and my nky file was structured the same way as yours. Here is what I did to solve my problem:

*the part name field has dummy info in it. Locate the partname for your own system

*ignore warning in my photo. It is because "output.bif" already exists.

As you can see I set up the bootgen tool with the usual params. However, when I got to the Security -> Encryption tab. I left the "Key File" field blank. This allowed bootgen to create the key(s) and the .nky file for me. I don't recommend using bootgen keys for your encryption. I used this method to debug the "invalid stoi argument" issue.

Click "Create Image" once completed, check the directory for a file titled "output.nky". Observing that file, you can see how bootgen structures the .nky file to it's liking. You should set up your .nky file the same.

Hope this helps!

hexiaojun · ‎05-02-2018

Hi kltention,

Thanks a lot, I got the format file.

So the IV and key are the random string which is special character as HEX value, right?

Thanks,

hexiaojun

kltention · ‎05-04-2018

Hi,

I'm not sure of the exact algorithm Xilinx uses to generate their own keys and ivs. I wrote my own program to generate my iv and key using .NET framework

Best regards!