5.2.3.1 Sign - Internal Message
Sign command in the Internal Message mode is
used to sign a message that was internally generated. The command
calculates the internal message digest and then signs the digest
using the ECDSA sign algorithm with the private ECC key specified in
KeyID. Internally generated messages must always reside in TempKey.
The value in TempKey must be generated using either the
GenDig or the GenKey command.
If TempKey is not valid an error will occur. Typical uses
include:- Signing an
internally generated random key. This is typically generated
by the
GenKeycommand. - The output of
a
GenKeyorGenDigcommands, provided the output is located in TempKey.
For the ATECC608A-TNGTLS device, only Slot 1 is capable of signing internally generated messages.
|
Opcode |
Mode |
KeyId | Description |
|---|---|---|---|
| 0x41 | 0x00 or 0x20 | 0x00 0[Slot] | Serial number is not included in the message digest calculation |
| 0x40 or 0x60 | 0x00 0[Slot] | Serial number is included in the message digest calculation |
| Name | Size | Description |
|---|---|---|
| Response | 1 byte | Error code if the command fails |
| 64 bytes | The signature composed of R and S values |
Internal Message Generation
The internal message is generated based on a 55 Byte Field as shown below.
| Byte Count | Serial Number Not Included | Serial Number Included |
|---|---|---|
|
32 bytes |
TempKey(1) |
TempKey(1) |
- TempKey
must be generated by
GenKeyorGenDigcommands prior to this calculation. - TempKeyFlags Consists of: (b[7]: NoMacFlag, b[6]: GenKeyData, b[5]: GenDigData, b[4]: SourceFlag,b[3:0] TempKeyFlags)