Forum Discussion

Ariel_Morali's avatar
Ariel_Morali
Icon for New Contributor rankNew Contributor
1 year ago

quartus_pfg --info .pof Fatal Error

I would like to verify the payload is encrypted in the .pof file that I created.

I manage to get information on the .sof file (before encryption), but I fail to get information on the .pof file (after encryption):

N6010_4_1_0_8/work/syn/syn_top/output_files$ quartus_pfg --info ofs_top.sof
Info: *******************************************************************
Info: Running Quartus Prime Programming File Generator
Info: Version 23.1.0 Build 115 03/30/2023 Patches 0.02iofs,0.23 SC Pro Edition
Info: Copyright (C) 2023 Intel Corporation. All rights reserved.
Info: Your use of Intel Corporation's design tools, logic functions
Info: and other software and tools, and any partner logic
Info: functions, and any output files from any of the foregoing
Info: (including device programming or simulation files), and any
Info: associated documentation or information are expressly subject
Info: to the terms and conditions of the Intel Program License
Info: Subscription Agreement, the Intel Quartus Prime License Agreement,
Info: the Intel FPGA IP License Agreement, or other applicable license
Info: agreement, including, without limitation, that your use is for
Info: the sole purpose of programming logic devices manufactured by
Info: Intel and sold by Intel or its authorized distributors. Please
Info: refer to the applicable agreement for further details, at
Info: https://fpgasoftware.intel.com/eula.
Info: Processing started: Thu Mar 27 15:18:54 2025
Info: System process ID: 49963
Info: Command: quartus_pfg --info ofs_top.sof
==================================================
General
==================================================
Device name: AGFB014R24A2E2V
Software version: Quartus Prime Version 23.1.0 Build 115 03/30/2023 Patches 0.02iofs,0.23 SC Pro Edition Patches .02iofs,.23
JTAG user code: 0xFFFFFFFF
Configuration clock source: 125 MHz OSC_CLK_1 pin

==================================================
Configuration
==================================================
Configuration scheme: AVST x8
Active serial clock source: 115 MHz Clock Frequency
Remote system update MAX_RETRY count: 1
HPS present: FALSE

==================================================
Configuration Pin Options
==================================================
SDM_IO0: PWRMGT_SCL
SDM_IO1: AVSTx8_DATA2
SDM_IO2: AVSTx8_DATA0
SDM_IO3: AVSTx8_DATA3
SDM_IO4: AVSTx8_DATA1
SDM_IO5: INIT_DONE
SDM_IO6: AVSTx8_DATA4
SDM_IO7: NA
SDM_IO8: AVSTx8_READY
SDM_IO9: nCATTRIP
SDM_IO10: AVSTx8_DATA7
SDM_IO11: AVSTx8_VALID
SDM_IO12: PWRMGT_ALERT
SDM_IO13: AVSTx8_DATA5
SDM_IO14: AVSTx8_CLK
SDM_IO15: AVSTx8_DATA6
SDM_IO16: PWRMGT_SDA

==================================================
Power Management & VID
==================================================
Version: 1
VID enable: TRUE
VID mode of operation: PMBUS_SLAVE
Device address in PMBus Slave mode (Hex): 3C

==================================================
Error Detection CRC
==================================================
Enable error detection check: TRUE
Minimum SEU interval: 479
Enable internal scrubbing: FALSE
Allow SEU fault injection: FALSE

==================================================
CvP settings
==================================================
Configuration via Protocol: OFF

==================================================
Partial Reconfiguration
==================================================
POF0 region ID: 0x01000000
POF0 hash: 7511807749D8142C00B755A59D39F7CFD906CA2996FF886E9561108547F1EEF8

==================================================
Security
==================================================
Enable configuration bitstream authentication: TRUE
Owner root key hash: AF777CCF 32DCD190 4E2D4C21 1E70ACB7 8D7114D7 D83FF895 BB830B1B 533823B1 F5302D6A 1C9DA4B1 22539468 3B160451
Enable multi-authority: FALSE
Enable configuration bitstream encryption: TRUE
Encryption key storage location: EFUSE
Encryption update ratio: 31:1
Enable scrambling: TRUE

==================================================
Anti-Tamper
==================================================
Anti-tamper response: DISABLE

==================================================
Attestation
==================================================
CRL distribution point:

==================================================
Security Options
==================================================
Disable JTAG: OFF
Force SDM clock to internal oscillator: OFF
Force encryption key update: OFF
Disable virtual eFuses: OFF
Lock security eFuses: OFF
Disable HPS debug: OFF
Disable encryption key in eFuses: OFF
Disable encryption key in BBRAM: OFF
Disable Intrinsic ID PUF-wrapped encryption key in Quad SPI: OFF

==================================================
Tiles
==================================================
P-tile: USED
E-tile: USED


Info: Quartus Prime Programming File Generator was successful. 0 errors, 0 warnings
Info: Peak virtual memory: 1810 megabytes
Info: Processing ended: Thu Mar 27 15:18:59 2025
Info: Elapsed time: 00:00:05
Info: System process ID: 49963


N6010_4_1_0_8/work/syn/syn_top/output_files$ quartus_pfg --info ofs_top.pof
Info: *******************************************************************
Info: Running Quartus Prime Programming File Generator
Info: Version 23.1.0 Build 115 03/30/2023 Patches 0.02iofs,0.23 SC Pro Edition
Info: Copyright (C) 2023 Intel Corporation. All rights reserved.
Info: Your use of Intel Corporation's design tools, logic functions
Info: and other software and tools, and any partner logic
Info: functions, and any output files from any of the foregoing
Info: (including device programming or simulation files), and any
Info: associated documentation or information are expressly subject
Info: to the terms and conditions of the Intel Program License
Info: Subscription Agreement, the Intel Quartus Prime License Agreement,
Info: the Intel FPGA IP License Agreement, or other applicable license
Info: agreement, including, without limitation, that your use is for
Info: the sole purpose of programming logic devices manufactured by
Info: Intel and sold by Intel or its authorized distributors. Please
Info: refer to the applicable agreement for further details, at
Info: https://fpgasoftware.intel.com/eula.
Info: Processing started: Thu Mar 27 15:19:31 2025
Info: System process ID: 49980
Info: Command: quartus_pfg --info ofs_top.pof

*** Fatal Error: Segment Violation: faulting address=0x44e9dd24, PC=0x7f4ef16f2c9e : 0x7f4ef16f2c9e: jtag_client!mem_prim_move + 0x18e
Module: quartus_pfg
Stack Trace:
Err Handler 0x136c2: ERR_UNWINDER_BACKTRACE::get_stack_trace(void const**, int, int, void*) + 0xe0 (ccl_err)
Err Handler 0x902d4: msg_ie_get_call_stack(void*) + 0xc4 (ccl_msg)
Err Handler 0x9220e: MSG_INTERNAL_ERROR::report_fatal(char const*, void*, bool) + 0x40 (ccl_msg)
Err Handler 0x170cf: err_report_fatal_exception(char const*, void*, bool) + 0x60 (ccl_err)
Err Handler 0x1736f: err_sigaction_handler + 0x191 (ccl_err)
System 0x42520: (c)
Quartus 0x24c9e: mem_prim_move + 0x18e (jtag_client)
Quartus 0x24522: memcpy_s + 0x172 (jtag_client)
Quartus 0x161843: PGMTCL_FILE_PARSER_POF::get_file_info(std::vector<std::pair<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::vector<std::pair<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::vector<std::pair<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > >, std::allocator<std::pair<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > > > >, std::allocator<std::pair<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::vector<std::pair<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > >, std::allocator<std::pair<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > > > > > > >, std::allocator<std::pair<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::vector<std::pair<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::vector<std::pair<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > >, std::allocator<std::pair<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > > > >, std::allocator<std::pair<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::vector<std::pair<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > >, std::allocator<std::pair<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > > > > > > > > >&) + 0x203 (pgm_pgmtcl)
Quartus 0x13832f: PGMTCL_FILE_PARSER::get_file_info(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >&) + 0x5f (pgm_pgmtcl)
Quartus 0x42845f: PFG_CMD_FRAMEWORK::show_file_info() + 0x695 (quartus_pfg)
Quartus 0x435ab9: PFG_CMD_FRAMEWORK::execute() + 0x83 (quartus_pfg)
Quartus 0x34625: qexe_standard_main(QEXE_FRAMEWORK*, QEXE_OPTION_DEFINITION const**, int, char const**) + 0xf77 (comp_qexe)
Quartus 0x426ed8: pfg_cmd_main(int, char const**) + 0x5a (quartus_pfg)
Quartus 0x4e5c0: msg_main_thread(void*) + 0x10 (ccl_msg)
Quartus 0x50b07: msg_thread_wrapper(void* (*)(void*), void*) + 0x8c (ccl_msg)
Quartus 0x1f568: mem_thread_wrapper(void* (*)(void*), void*) + 0x98 (ccl_mem)
Quartus 0x10f58: err_thread_wrapper(void* (*)(void*), void*) + 0x1e (ccl_err)
Quartus 0xba55: thr_thread_wrapper + 0x15 (ccl_thr)
Quartus 0x4f6f4: msg_exe_main(int, char const**, int (*)(int, char const**)) + 0xd3 (ccl_msg)
Quartus 0x426484: main + 0x26 (quartus_pfg)
System 0x29d90: (c)
System 0x29e40: __libc_start_main + 0x80 (c)
Quartus 0x40ba89: _start + 0x29 (quartus_pfg)

End-trace

3 Replies

  • WZ2's avatar
    WZ2
    Icon for Frequent Contributor rankFrequent Contributor
    11 months ago

    Hi there,

    Is this POF directly converted from a SOF? Does it include any additional binary files, such as a .hex file for the HPS or others?

    Typically, a POF is not suitable for use with the quartus_pfg --info command. However, if the original SOF is trusted, the POF generated using the PFG tool is usually not problematic.

    Best regards,

    WZ


    • Ariel_Morali's avatar
      Ariel_Morali
      Icon for New Contributor rankNew Contributor
      11 months ago

      Hi,

      If the POF is not suitable for use with the quartus_pfg --info command, can you suggest another way to verify the bitstream is encrypted?

      The files are created using the OFS build_flash.sh script, while ofs_top_pof_flash.pfg was modified to enable encryption.

      Specifically, The pof is created with "quartus_pfg -c ofs_top_pof_flash.pfg".

      This is the content of ofs_top_pof_flash.pfg:

      <pfg version="1">
      <settings custom_db_dir="./" mode="AVSTX8"/>
      <output_files>
      <output_file name="ofs_top" directory="output_files/" type="POF">
      <file_options/>
      <secondary_file type="MAP" name="ofs_top_pof">
      <file_options/>
      </secondary_file>
      <flash_device_id>Flash_Device_1</flash_device_id>
      </output_file>
      </output_files>
      <bitstreams>
      <bitstream id="Bitstream_1">
      <path signing="ON" finalize_encryption="1" qek_file="keys/aes_root.qek" password="keys/passphrase.txt" signing_pem_file="keys/ac_adp_dev_fim_root_private_384.pem">output_files/ofs_top.sof</path>
      </bitstream>
      </bitstreams>
      <raw_files>
      <raw_file type="HEX" id="Info_Factory_1">./factory_image_info.hex</raw_file>
      <raw_file type="HEX" id="Info_User_1">./user1_image_info.hex</raw_file>
      <raw_file type="HEX" id="Info_User_2">./user2_image_info.hex</raw_file>
      <raw_file type="RBF" id="VAB_Option_Bits_File">./vab_option_bits.bin</raw_file>
      </raw_files>
      <flash_devices>
      <flash_device type="CFI_2Gb" id="Flash_Device_1">
      <partition reserved="1" fixed_s_addr="0" s_addr="auto" e_addr="auto" fixed_e_addr="0" id="OPTIONS" size="0"/>
      <partition reserved="0" fixed_s_addr="0" s_addr="0x00010000" e_addr="auto" fixed_e_addr="0" id="Option_Bits_VAB" size="0"/>
      <partition reserved="0" fixed_s_addr="0" s_addr="0x00020000" e_addr="auto" fixed_e_addr="0" id="Factory_Image" size="0"/>
      <partition reserved="0" fixed_s_addr="0" s_addr="0x04000000" e_addr="auto" fixed_e_addr="0" id="User_Image_1" size="0"/>
      <partition reserved="0" fixed_s_addr="0" s_addr="0x07FF6000" e_addr="auto" fixed_e_addr="0" id="factory_image_info" size="0"/>
      <partition reserved="0" fixed_s_addr="0" s_addr="0x07FF7000" e_addr="auto" fixed_e_addr="0" id="user1_image_info" size="0"/>
      <partition reserved="0" fixed_s_addr="0" s_addr="0x07FF8000" e_addr="auto" fixed_e_addr="0" id="user2_image_info" size="0"/>
      <partition reserved="0" fixed_s_addr="0" s_addr="0x08000000" e_addr="auto" fixed_e_addr="0" id="User_Image_2" size="0"/>
      </flash_device>
      </flash_devices>
      <assignments>
      <assignment page="1" partition_id="User_Image_1">
      <bitstream_id>Bitstream_1</bitstream_id>
      </assignment>
      <assignment page="2" partition_id="User_Image_2">
      <bitstream_id>Bitstream_1</bitstream_id>
      </assignment>
      <assignment page="0" partition_id="Factory_Image">
      <bitstream_id>Bitstream_1</bitstream_id>
      </assignment>
      <assignment partition_id="factory_image_info">
      <raw_file_id>Info_Factory_1</raw_file_id>
      </assignment>
      <assignment partition_id="user1_image_info">
      <raw_file_id>Info_User_1</raw_file_id>
      </assignment>
      <assignment partition_id="user2_image_info">
      <raw_file_id>Info_User_2</raw_file_id>
      </assignment>
      <assignment partition_id="Option_Bits_VAB">
      <raw_file_id>VAB_Option_Bits_File</raw_file_id>
      </assignment>
      </assignments>
      </pfg>

  • WZ2's avatar
    WZ2
    Icon for Frequent Contributor rankFrequent Contributor
    11 months ago

    From the .pfg file, it can be seen that the .pof was generated with encryption enabled, so it is indeed not possible to analyze it. I suggest you analyze the ofs_top.sof file directly instead.