4.5.1 ECC Key Formatting

The format for public and private keys depends on the command and key length. In general, the Most Significant Bytes (MSB) appear first on the bus and at the lowest address in memory. In the remainder of this section below, the bytes on the left side of the page are the MSBs. Microchip recommends all pad bytes be set to zero for consistency.

  • ECC private keys appear to the user only as the input parameter to the PrivWrite command. This parameter is always 36 bytes in length and the first four bytes (32 bits) are all pad bits.

    ECC public keys appear as the input or output parameters to several commands, and they can also be stored in EEPROM. They are composed of an X value first on the bus or in memory, followed by a Y value. They are formatted differently depending on the situation as noted below:

  • The public key is an output of the GenKey command or an input to the Verify command: 


    32 bytes of X, then 32 bytes of Y. (36 bytes) There are no pad bytes.

  • Write command:

    Public keys can be written directly to the EEPROM using the Write command and are always 
72 bytes long, formatted as follows: 4-pad bytes, 32 bytes of X, four pad bytes, then 32 bytes of Y.


  • GenKey command:


    SHA Message: Public keys can be hashed and placed in TempKey by the GenKey command. The SHA message contains various bytes that are independent of the size of the key. These are followed by 25 bytes of pad, followed by 32 bytes of X, then by 32 bytes of Y.

  • Verify command:


    SHA Message: When used to validate a stored public key, the Verify command expects an input signature created over a SHA-256 digest of a key stored in memory. Such an inner SHA calculation is always performed over 72 bytes formatted as they are stored in EEPROM as 4-pad bytes, 32 bytes of X, 4-pad bytes, then 32 bytes of Y.

When a public key is configured to be validated by the Verify command, the Most Significant four bits of the first byte in memory are used internally by the device to save the validation state. They are always set to the invalid state (0xA) by the Write command, and then may be set to the Valid state (0x5) by the Verify command.

The lowest levels of the I/O protocols are described below. Above the I/O protocol level, the exact same bytes are transferred to and from the device to implement the commands. Error codes are documented in the following sections.