5.2.4.1 Verify - External Public Key Mode
The Verify
command may be used to verify a message
generated externally to the ATECC608A-TNGLoRaWAN with a
public key that is passed to the command. The output of the command will either be a
code indicating success, failure or error or a 32-byte MAC. Prior to this command
being run, the message should be written using the Nonce
command in
Fixed mode to either TempKey or the Message Digest Buffer. In this mode, the device
merely accelerates the public key computation and returns a boolean result.
Procedure to Verify a Message with an External Public Key
- Write the 32-byte digest of the
message to either the TempKey or Message Digest Buffer using the
Nonce
command in Fixed mode. - Optional: System Nonce - Nonce
generated by the system.
- If the external message digest is stored in TempKey, the nonce generated by the system must be stored in the lower 32 bytes of the Message Digest Buffer.
- If the external message is stored in the MessageDigestBuffer[31:0], then the System Nonce must be stored in the upper 32 bytes of the MessageDigest Buffer[63:32]. To do this, the external message and nonce value should be written as a 64-byte value.
- Issue the
Verify
command. Include the Mode, KeyID, which specifies the P256 ECC Curve, the 64-byte signature and the 64-byte external public key. - The output will return:
- One byte success, fail or error code if MAC is not required.
- A 32-byte MAC if specified by the mode.
Opcode |
Mode |
Key ID | Data Field (128 Bytes) | Comment | |
---|---|---|---|---|---|
Signature |
Public Key | ||||
0x45 | 0x02 | 0x00 04 |
R value |
X value | Message stored in TempKey |
0x22 | 0x00 04 |
R value |
X value | Message stored in Message Digest Buffer | |
0xA2 | 0x00 04 |
R value |
X value |
| |
0x82 | 0x00 04 |
R value |
X value |
|
Name | Mode | Size | Response |
---|---|---|---|
Response | 0x02 or 0x22 | 1 byte |
|
0x82 or 0xA2 | 1 byte or 32 bytes |
|
Size | Message in TempKey | Message in Message Digest Buffer |
---|---|---|
32 | Contents of the IO protection key | Contents of the IO protection key |
32 | Message stored in TempKey | Message stored in the first 32 bytes of the Message Digest Buffer |
32 | System Nonce stored in the first 32 bytes of the Message Digest Buffer | System Nonce stored in the second 32 bytes of the Message Digest Buffer |
32 | R Data of the passed signature | R Data of the passed signature |
32 | S Data of the passed signature | S Data of the passed signature |
1 | Opcode | Opcode |
1 | Mode | Mode |
2 | Param2 [LSB,MSB] | Param2 [LSB,MSB] |