Step 5: Programming The Owner Public Root Key For Authentication; Step 5A: Programming The Owner Public Root Key Using The Intel Quartus Prime Programmer - Intel Stratix 10 User Manual

You can generate the unsigned bitstream in
command:
quartus_pfg -c design.sof unsigned_bitstream.rbf
1. Run the following command to sign the bitstream using a command-line
command:
> quartus_sign --family=stratix10 --operation=sign \
--qky=design1_sign_keychain.qky --pem=design1_sign_private.pem \
unsigned_bitstream.rbf signed_bitstream.rbf
Related Information
Generating Secondary Programming Files with Programming File Generator
3.5. Step 5: Programming the Owner Public Root Key for
Authentication
Your manufacturing process programs the hash of the owner public root public key,
root_public.qky
the hash value into actual eFuses on the device is irreversible. During development,
you can validate the hash value by programming this value into virtual eFuses. The
virtual eFuses are volatile. Values stored in eFuses clear each time you power cycle
the Intel Stratix 10 device.
You can use the Intel Quartus Prime Software to program the public root key for
authentication. Alternatively, you can use a command-line command to accomplish
this task.
3.5.1. Step 5a: Programming the Owner Public Root Key Using the Intel
Quartus Prime Programmer
1. On the Tools menu, select Programmer.
2. Right click the image of the Intel Stratix 10 device and select Edit
QKY/QEK/Fuse file ....
® ®
Intel Stratix 10 Device Security User Guide
20
, into eFuses available on the Intel Stratix 10 device. Programming
3. Using the Authentication Feature
UG-S10SECURITY | 2019.05.10
format using the following
.rbf
Add
Send Feedback