Forum Discussion

LVEZI's avatar
LVEZI
Icon for New Contributor rankNew Contributor
6 years ago

Unexpected error message while using quartus_sign

Hi,

I am trying to follow this user guide : https://www.intel.com/content/dam/altera-www/global/en_US/pdfs/literature/hb/stratix-10/ug-s10-security.pdf

On page 16, chapter 3.3, following command has to be executed :

quartus_sign --family=stratix10 --operation=append_key --previous_pem=design1_sign_private.pem --previous_qky=design0_sign_chain.qky --permission=4 --cancel=1 design1_sign_public.pem design1_sign_chain.qky

When I run it, I get following error message :

Error (20354): Fail to execute file /tools/appli/altera/quartus_19.2_Linux/quartus/common/devinfo/programmer//python/stratix10_sign.py
Error (20353): Module: family_var1_sign.py, Function: append_key, Line: 102
Error (20353): The specified permission results chain permission value of 0. This is invalid to sign any data
Error: Quartus Prime Signing_Tool was unsuccessful. 3 errors, 0 warnings

Why this tool is talking about permission=0 whereas I provided permission=4?

I tried to get some help using quartus_sign --help=permission:

bash-4.2$ quartus_sign --help=permission
 
Option: -p <device family name> | --permission=<device family name>
 
Option to specify sign permission.

As you can see, it is not very helpful (moreover it is wrong, this is not the device family which has to be given).

Same behavior between Quartus Linux 19.1 and 19.2

Any help would be appreciated.

Regards

Loic

5 Replies

  • LVEZI's avatar
    LVEZI
    Icon for New Contributor rankNew Contributor
    6 years ago

    Hi,

    Thanks for your answer.

    Yes I executed the command with permission = 2 and it runs fine.

    Page 32 says that permission is ranged from 0-2 and page 17 says to set permission=4 ??

    Is there any coherent version of this user guide ?

    Here is the command I executed to get all keys (no_passphrase used to make flow setup easier for the moment):

    quartus_encrypt --family=stratix10 --operation=make_aes_key output.qek
 
quartus_sign --no_passphrase --family=stratix10 --operation=make_private_pem --curve=secp384r1 root_private.pem
quartus_sign --no_passphrase --family=stratix10 --operation=make_public_pem root_private.pem root_public.pem
quartus_sign --no_passphrase --family=stratix10 --operation=make_root root_public.pem root_public.qky
 
quartus_sign --no_passphrase --family=stratix10 --operation=make_private_pem --curve=secp384r1 design0_sign_private.pem
quartus_sign --no_passphrase --family=stratix10 --operation=make_public_pem design0_sign_private.pem design0_sign_public.pem
quartus_sign --no_passphrase --family=stratix10 --operation=append_key --previous_pem=root_private.pem --previous_qky=root_public.qky --permission=1 --cancel=0 design0_sign_public.pem design0_sign_chain.qky
        
quartus_sign --no_passphrase --family=stratix10 --operation=make_private_pem --curve=secp384r1 design1_sign_private.pem
quartus_sign --no_passphrase --family=stratix10 --operation=make_public_pem design1_sign_private.pem design1_sign_public.pem
quartus_sign --no_passphrase --family=stratix10 --operation=append_key --previous_pem=design0_sign_private.pem  --previous_qky=design0_sign_chain.qky --permission=2 --cancel=1 design1_sign_public.pem design1_sign_chain.qky

    Everything runs fine except last command which returns :

    Info: *******************************************************************
Info: Running Quartus Prime Signing_Tool
    Info: Version 19.2.0 Build 57 06/24/2019 SJ Pro Edition
    Info: Copyright (C) 2019  Intel Corporation. All rights reserved.
    Info: Your use of Intel Corporation's design tools, logic functions 
    Info: and other software and tools, and any partner logic 
    Info: functions, and any output files from any of the foregoing 
    Info: (including device programming or simulation files), and any 
    Info: associated documentation or information are expressly subject 
    Info: to the terms and conditions of the Intel Program License 
    Info: Subscription Agreement, the Intel Quartus Prime License Agreement,
    Info: the Intel FPGA IP License Agreement, or other applicable license
    Info: agreement, including, without limitation, that your use is for
    Info: the sole purpose of programming logic devices manufactured by
    Info: Intel and sold by Intel or its authorized distributors.  Please
    Info: refer to the applicable agreement for further details, at
    Info: https://fpgasoftware.intel.com/eula.
    Info: Processing started: Wed Jul  3 11:09:10 2019
Info: Command: quartus_sign --no_passphrase --family=stratix10 --operation=append_key --previous_pem=design0_sign_private.pem --previous_qky=design0_sign_chain.qky --permission=2 --cancel=1 design1_sign_public.pem design1_sign_chain.qky
Error (20354): Fail to execute file /tools/appli/altera/quartus_19.2_Linux/quartus/common/devinfo/programmer//python/stratix10_sign.py
Error (20353): Module: family_var1_sign.py, Function: append_key, Line: 102
Error (20353): The specified permission results chain permission value of 0. This is invalid to sign any data
Error: Quartus Prime Signing_Tool was unsuccessful. 3 errors, 0 warnings
    Error: Peak virtual memory: 352 megabytes
    Error: Processing ended: Wed Jul  3 11:09:10 2019
    Error: Elapsed time: 00:00:00

    Thanks in advance for your help

    Regards

    Loic.

  • YuanLi_S_Intel's avatar
    YuanLi_S_Intel
    Icon for Regular Contributor rankRegular Contributor
    6 years ago

    Hi Loic,

    Based on the error message "Error (20354): Fail to execute file /tools/appli/altera/quartus_19.2_Linux/quartus/common/devinfo/programmer//python/stratix10_sign.py", seems like the file is not available in the directory.

    Can you please check?

    Regards,

    YL

  • LVEZI's avatar
    LVEZI
    Icon for New Contributor rankNew Contributor
    6 years ago

    Hi,

    The file exists.

    If you read more attentively the error messages, you will see that the error appeared during the execution of this Python script:

    Error (20353): Module: family_var1_sign.py, Function: append_key, Line: 102

    Error (20353): The specified permission results chain permission value of 0. This is invalid to sign any data

    Why does it returns that whereas permission has been set to 2 at command call?

    Best regards

    Loic

  • YuanLi_S_Intel's avatar
    YuanLi_S_Intel
    Icon for Regular Contributor rankRegular Contributor
    6 years ago

    HI Loic Vezier,

    I have tested the command myself. However, i am not able to duplicate the issue. Is it possible for you to share me your bitstream or design file?

    Also, i am testing it on v19.1 and it works prefectly fine.

    Thank You.