Unexpected error message while using quartus_sign

Hi Loic,

May i know have you execute the command with permission = 2?

Seems like the permission is ranged from 0-2.

https://www.intel.com/content/dam/www/programmable/us/en/pdfs/literature/hb/stratix-10/ug-s10-security.pdf (Page 32)

Regards,

YL

Hi,

Thanks for your answer.

Yes I executed the command with permission = 2 and it runs fine.

Page 32 says that permission is ranged from 0-2 and page 17 says to set permission=4 ??

Is there any coherent version of this user guide ?

Here is the command I executed to get all keys (no_passphrase used to make flow setup easier for the moment):

quartus_encrypt --family=stratix10 --operation=make_aes_key output.qek
 
quartus_sign --no_passphrase --family=stratix10 --operation=make_private_pem --curve=secp384r1 root_private.pem
quartus_sign --no_passphrase --family=stratix10 --operation=make_public_pem root_private.pem root_public.pem
quartus_sign --no_passphrase --family=stratix10 --operation=make_root root_public.pem root_public.qky
 
quartus_sign --no_passphrase --family=stratix10 --operation=make_private_pem --curve=secp384r1 design0_sign_private.pem
quartus_sign --no_passphrase --family=stratix10 --operation=make_public_pem design0_sign_private.pem design0_sign_public.pem
quartus_sign --no_passphrase --family=stratix10 --operation=append_key --previous_pem=root_private.pem --previous_qky=root_public.qky --permission=1 --cancel=0 design0_sign_public.pem design0_sign_chain.qky
        
quartus_sign --no_passphrase --family=stratix10 --operation=make_private_pem --curve=secp384r1 design1_sign_private.pem
quartus_sign --no_passphrase --family=stratix10 --operation=make_public_pem design1_sign_private.pem design1_sign_public.pem
quartus_sign --no_passphrase --family=stratix10 --operation=append_key --previous_pem=design0_sign_private.pem  --previous_qky=design0_sign_chain.qky --permission=2 --cancel=1 design1_sign_public.pem design1_sign_chain.qky

Everything runs fine except last command which returns :

Info: *******************************************************************
Info: Running Quartus Prime Signing_Tool
    Info: Version 19.2.0 Build 57 06/24/2019 SJ Pro Edition
    Info: Copyright (C) 2019  Intel Corporation. All rights reserved.
    Info: Your use of Intel Corporation's design tools, logic functions 
    Info: and other software and tools, and any partner logic 
    Info: functions, and any output files from any of the foregoing 
    Info: (including device programming or simulation files), and any 
    Info: associated documentation or information are expressly subject 
    Info: to the terms and conditions of the Intel Program License 
    Info: Subscription Agreement, the Intel Quartus Prime License Agreement,
    Info: the Intel FPGA IP License Agreement, or other applicable license
    Info: agreement, including, without limitation, that your use is for
    Info: the sole purpose of programming logic devices manufactured by
    Info: Intel and sold by Intel or its authorized distributors.  Please
    Info: refer to the applicable agreement for further details, at
    Info: https://fpgasoftware.intel.com/eula.
    Info: Processing started: Wed Jul  3 11:09:10 2019
Info: Command: quartus_sign --no_passphrase --family=stratix10 --operation=append_key --previous_pem=design0_sign_private.pem --previous_qky=design0_sign_chain.qky --permission=2 --cancel=1 design1_sign_public.pem design1_sign_chain.qky
Error (20354): Fail to execute file /tools/appli/altera/quartus_19.2_Linux/quartus/common/devinfo/programmer//python/stratix10_sign.py
Error (20353): Module: family_var1_sign.py, Function: append_key, Line: 102
Error (20353): The specified permission results chain permission value of 0. This is invalid to sign any data
Error: Quartus Prime Signing_Tool was unsuccessful. 3 errors, 0 warnings
    Error: Peak virtual memory: 352 megabytes
    Error: Processing ended: Wed Jul  3 11:09:10 2019
    Error: Elapsed time: 00:00:00

Thanks in advance for your help

Regards

Loic.

Hi Loic,

Based on the error message "Error (20354): Fail to execute file /tools/appli/altera/quartus_19.2_Linux/quartus/common/devinfo/programmer//python/stratix10_sign.py", seems like the file is not available in the directory.

Can you please check?

Regards,

YL

Hi,

The file exists.

If you read more attentively the error messages, you will see that the error appeared during the execution of this Python script:

Error (20353): Module: family_var1_sign.py, Function: append_key, Line: 102

Error (20353): The specified permission results chain permission value of 0. This is invalid to sign any data

Why does it returns that whereas permission has been set to 2 at command call?

Best regards

Loic

HI Loic Vezier,

I have tested the command myself. However, i am not able to duplicate the issue. Is it possible for you to share me your bitstream or design file?

Also, i am testing it on v19.1 and it works prefectly fine.

Thank You.