Using Encryption
Select the Use Encryption check box to encrypt the boot image or any of the particular partitions of the boot image.
When you enable encryption, you must specify the key file, source, and part name. The table below lists the encryption settings available for both Zynq® and Zynq® UltraScale+™ MPSoC architectures :
|
Setting |
Description |
|---|---|
| For Zynq Architecture | |
|
Key File |
The AES key file contains the key for encryption. The supported file format for AES key file is *.nky. This key file contains the values like Key 0, StartCBC and HMAC values. If the key file is not given, then this tool generates a key file and stores in the current working directory, which is used for encrypting the partitions. |
|
Key Store |
The Key Store is the location where the AES key will be written to for decryption purpose. |
|
Part Name |
This field specifies the Xilinx part name. This is needed when generating an encryption key. The name is copied verbatim to the NKY file in the “Device” line. |
| For Zynq UltraScale+ MPSoC Architecture | |
| Optional Key | Use the optional key for encryption purpose. |