A. bitstreaminfo Tool Examples
Output example for CSK1 cancellation certificate:
$ bitstreaminfo ssl_csk1_cancel.bin
Output:
File ssl_csk1_cancel.bin:
Block 0:
Block 0 magic = 0xb6eafd19
Content length = 0x00000080
Content type = SR
Cert type = CANCEL
Protected content SHA-256: 0xed4fc1d85afa5175e4973c9780b78fa000f070c00230ec18d6190133cb915db5
Calculated protected content SHA-256:
0xed4fc1d85afa5175e4973c9780b78fa000f070c00230ec18d6190133cb915db5
Match
Protected content SHA-384:
0x23c1a67cdd52bf7c6a4f34ebc96b64e5d51d3010ab7754572007e81701b6eb4bcedad337ccde563817a19a1e17601a31
Calculated protected content SHA-384:
0x23c1a67cdd52bf7c6a4f34ebc96b64e5d51d3010ab7754572007e81701b6eb4bcedad337ccde563817a19a1e17601a31
Match
Block 1:
Block 1 magic = 0xf27f28d7
Root Entry magic = 0xa757a046
Root Entry curve magic = 0xc7b88c74
Root Entry permissions = 0xffffffff
Root Entry key ID = 0xffffffff
Root public key X = 0xd562f7c475598a44f4cfb3b96e29822a11b823873da1600660a1f2ef7460c109
Root public key Y = 0x9dab9ea9cb25505c9b40ef509245bb23fd9dcdfa3c9f2d7250e9e8063527ef11
Expected root entry hash = 0xe9e618adf1818bf0327cd993a4f706451e877d046283a7bbf5b4df1a3fcc5dad
No CSK
Block 0 Entry magic = 0x15364367
Block 0 Entry signature magic = 0xde64437d
Signature R = 0x1a0d878aebe9bf0a719ca7c1f33fec44e1357f85b54063d79999bff2aa07cdd6
Signature S = 0x46bd1dac9937a847bb3620559901ed3e57a137384eef2b1994d4b3d4cc2f5ad8
Payload:
01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Output example for unsigned Intel® Arria® 10 GT Bitstream:
$ bitstreaminfo sr_vista_rot_4x25G-v1.3.15.bin
File sr_vista_rot_4x25G-v1.3.15.bin:
Block 0:
Block 0 magic = 0xb6eafd19
Content length = 0x02b00000
Content type = SR
Cert type = UPDATE
Protected content SHA-256:
0xe4ecd5f6b332bba7b03bcdbe5f9c28317dda59e403148cedec4550f5fa5644b4
Calculated protected content SHA-256:
0xe4ecd5f6b332bba7b03bcdbe5f9c28317dda59e403148cedec4550f5fa5644b4
Match
Protected content SHA-384:
0x4c56e31d8a4d37d3cdab616a8d6a73a6cce12bd9f0737a4676b3a736bfe4425aaabc046a1c3cc3713cae90dd9d1136ef
Calculated protected content SHA-384:
0x4c56e31d8a4d37d3cdab616a8d6a73a6cce12bd9f0737a4676b3a736bfe4425aaabc046a1c3cc3713cae90dd9d1136ef
Match
Block 1:
Block 1 magic = 0xf27f28d7
Root Entry magic = 0xa757a046
Root Entry curve magic = 0xc7b88c74
Root Entry permissions = 0xffffffff
Root Entry key ID = 0xffffffff
Root public key X = 0x0000000000000000000000000000000000000000000000000000000000000000
Root public key Y = 0x0000000000000000000000000000000000000000000000000000000000000000
Expected root entry hash = 0xf8ff7e0a52a378483c85301df49c7d55ffd26f794121bdb8b102d7e1c3132bb9
CSK magic = 0x14711c2f
CSK curve magic = 0xc7b88c74
CSK permissions = 0xffffffff
CSK key ID = 0x00000000
Code signing key X = 0x0000000000000000000000000000000000000000000000000000000000000000
Code signing key Y = 0x0000000000000000000000000000000000000000000000000000000000000000
CSK signature magic = 0xde64437d
Signature R = 0x0000000000000000000000000000000000000000000000000000000000000000
Signature S = 0x0000000000000000000000000000000000000000000000000000000000000000
Expected CSK hash = 0xbe8a02e7932d98aff66584598978d84412e3c641927efac2cb786a1754cfcd4e
Block 0 Entry magic = 0x15364367
Block 0 Entry signature magic = 0xde64437d
Signature R = 0x0000000000000000000000000000000000000000000000000000000000000000
Signature S = 0x0000000000000000000000000000000000000000000000000000000000000000
Payload:
80 20 01 00 3a 65 80 00 20 00 00 00 ff ff ff ff
ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
...
ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
Output example for signed Intel Arria 10 GT Bitstream:
$ bitstreaminfo signed_sr_vista_rot_4x25G-v1.3.15.bin
File unsigned_sr_vista_rot_4x25G-v1.3.15.bin:
Block 0:
Block 0 magic = 0xb6eafd19
Content length = 0x02b00000
Content type = SR
Cert type = UPDATE
Protected content SHA-256:
0xe4ecd5f6b332bba7b03bcdbe5f9c28317dda59e403148cedec4550f5fa5644b4
Calculated protected content SHA-256:
0xe4ecd5f6b332bba7b03bcdbe5f9c28317dda59e403148cedec4550f5fa5644b4
Match
Protected content SHA-384:
0x4c56e31d8a4d37d3cdab616a8d6a73a6cce12bd9f0737a4676b3a736bfe4425aaabc046a1c3cc3713cae90dd9d1136ef
Calculated protected content SHA-384:
0x4c56e31d8a4d37d3cdab616a8d6a73a6cce12bd9f0737a4676b3a736bfe4425aaabc046a1c3cc3713cae90dd9d1136ef
Match
Block 1:
Block 1 magic = 0xf27f28d7
Root Entry magic = 0xa757a046
Root Entry curve magic = 0xc7b88c74
Root Entry permissions = 0xffffffff
Root Entry key ID = 0xffffffff
Root public key X = 0x09b39cb8cb5c51b649ad6555e0ca1b150932c4289024015f34cd4bb5d47b77f5
Root public key Y = 0x9a9a9affef8f6b45b0b99a2efaa9c118469e3ea0396cb2fe50247d51fb7dba16
Expected root entry hash = 0x5c47ce0b1edc53b2bc02bf9b8aecab95b139b1f07f15fd6f25df7eb25942c0e0
CSK magic = 0x14711c2f
CSK curve magic = 0xc7b88c74
CSK permissions = 0xffffffff
CSK key ID = 0x00000001
Code signing key X = 0xfed4bf4826cf71c4246c9576892b474b1465bba137e141d1f6731fe03b7c312c
Code signing key Y = 0x50e784b7209d5c6af35b55f7d140a3b19769d5bc19babd9c9170d05a3822a6d6
CSK signature magic = 0xde64437d
Signature R = 0x754ab8c579ac2fd0841fb50c978962f95bbc162ecc9544f1f18b99945cf655fd
Signature S = 0x9f9af231cd7a39ba1c6d629023f2b4d316e010fd08eca130efbecbf0caf8e83e
Expected CSK hash = 0xaaaac919f6aecb2532ce6322a76bb57b0f1f285dd4d71d178544ac59f2b78fda
Block 0 Entry magic = 0x15364367
Block 0 Entry signature magic = 0xde64437d
Signature R = 0x680a36f442213783696365604e6789c4b2f6d20b9eb6c8b34abdef6e16bdb1f2
Signature S = 0xfb2764d6db7eb658cd11f55084e981ba5db229c136e66afe8d1ab9e78f0f7510
Payload:
80 20 01 00 3a 65 80 00 20 00 00 00 ff ff ff ff
ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
...
ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
Output example for Root Key hash bitstream:
$ bitstreaminfo root_public_program_ssl.bin
File root_public_program_ssl.bin:
Block 0:
Block 0 magic = 0xb6eafd19
Content length = 0x00000080
Content type = SR
Cert type = Root Entry Hash (256)
Protected content SHA-256:
0xade5140d232e010fda6b79542d1d9f31a9de413b0a10d32bfd2208b01119d658
Calculated protected content SHA-256:
0xade5140d232e010fda6b79542d1d9f31a9de413b0a10d32bfd2208b01119d658
Match
Protected content SHA-384:
0x033cd07c8917d11242d174f608cc7301051bb0145a13527340fcf0b370f98f88ef795029c6ceaddca27a4d221b1f7035
Calculated protected content SHA-384:
0x033cd07c8917d11242d174f608cc7301051bb0145a13527340fcf0b370f98f88ef795029c6ceaddca27a4d221b1f7035
Match
Block 1:
Block 1 magic = 0xf27f28d7
No root entry
No CSK
No block 0 entry
Payload:
5c 47 ce 0b 1e dc 53 b2 bc 02 bf 9b 8a ec ab 95
b1 39 b1 f0 7f 15 fd 6f 25 df 7e b2 59 42 c0 e0
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Output example for BMC RTL/Firmware bitstream from Intel® :
$ bitstreaminfo VistaCreekBravoBMCFW_Release_WW13.2.bin
File VistaCreekBravoBMCFW_Release_WW13.2.bin:
Block 0:
Block 0 magic = 0xb6eafd19
Content length = 0x000d4e80
Content type = BMC
Cert type = UPDATE
Protected content SHA-256:
0x7f49e08241f8390cc5b939843ecb14af73d464c9aa4998a9aff5cddac26b8bb6
Calculated protected content SHA-256:
0x7f49e08241f8390cc5b939843ecb14af73d464c9aa4998a9aff5cddac26b8bb6
Match
Protected content SHA-384:
0x243d2e99486bb68ede871d6b052cabf0b441b1e0538fec8f8450fec58a4c9537b85f95d473972e842924c7e334ebbebb
Calculated protected content SHA-384:
0x243d2e99486bb68ede871d6b052cabf0b441b1e0538fec8f8450fec58a4c9537b85f95d473972e842924c7e334ebbebb
Match
Block 1:
Block 1 magic = 0xf27f28d7
Root Entry magic = 0xa757a046
Root Entry curve magic = 0xc7b88c74
Root Entry permissions = 0xffffffff
Root Entry key ID = 0xffffffff
Root public key X = 0x78a0db7ecef9f13c336e99334d34d10c33829cb290901b48af8c34fce107b3e7
Root public key Y = 0x57cc5b60b89203bc9d975f59c813d1ffd8499d292b2c42262adb9483167832d4
Expected root entry hash = 0x77698ea203e459f6cb0e65b54a1dd4ab47a6a6600e7988f723ad89f5b7f3673a
CSK magic = 0x14711c2f
CSK curve magic = 0xc7b88c74
CSK permissions = 0x00000002
CSK key ID = 0x00000000
Code signing key X = 0xad481a506b8bf261fd0644eb7f0be98cde8152c015eb17a2d08ebd6b2af131df
Code signing key Y = 0x2541eaff9213bb26247b593646aa45ce618a46cf5575de9f1ac21563c9f9570c
CSK signature magic = 0xde64437d
Signature R = 0xbfaf53b0fe2359ea3c86e2c35103f2a5df021f0231681216ab615a1c5f8255bf
Signature S = 0xffccfd664e04f5dcef68c16b4d96708a91c59b1c2677ca3b07a7dc227ee5f31c
Expected CSK hash = 0x6f0b20617a824725757482a23ff39a9b1096aa400436217103ed5a52fde5f52c
Block 0 Entry magic = 0x15364367
Block 0 Entry signature magic = 0xde64437d
Signature R = 0x771201ca87d1622994ad21e8a75a0edb945b42bc885447903487ec79ed399750
Signature S = 0x27823b355b81f25c996f2298c44fe7fd8cbb9e14f46fa8de6836b807c463632d
Payload:
00 80 0a 00 80 80 0a 00 8c cd 02 00 50 ff 47 ff
4d ff 49 c2 43 ff 42 fb ee 1c ae 00 ff ff ff ff
ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
...
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00