3.1 Manifest Example
This is an example of a SecureElementManifest object with a single SignedSecureElement entry:
[
{
"payload": "eyJ2ZXJzaW9uIjozLCJtb2RlbCI6IkFURUNDNjA4QyIsInBhcnROdW1iZXIiOiJBVEVDQzYwOEMtTUFIMjIiLCJtYW51ZmFjdHVyZXIiOnsib3JnYW5pemF0aW9uTmFtZSI6Ik1pY3JvY2hpcCBUZWNobm9sb2d5IEluYyIsIm9yZ2FuaXphdGlvbmFsVW5pdE5hbWUiOiJTZWN1cmUgQ29tcHV0aW5nIEdyb3VwIn0sInByb3Zpc2lvbmVyIjp7Im9yZ2FuaXphdGlvbk5hbWUiOiJNaWNyb2NoaXAgVGVjaG5vbG9neSBJbmMiLCJvcmdhbml6YXRpb25hbFVuaXROYW1lIjoiU2VjdXJlIENvbXB1dGluZyBHcm91cCJ9LCJkaXN0cmlidXRvciI6eyJvcmdhbml6YXRpb25OYW1lIjoiTWljcm9jaGlwIFRlY2hub2xvZ3kgSW5jIiwib3JnYW5pemF0aW9uYWxVbml0TmFtZSI6Ik1pY3JvY2hpcCBEaXJlY3QifSwiZ3JvdXBJZCI6IjM1OVNDRTU1TlYzOEgzQ0IiLCJwcm92aXNpb25pbmdUaW1lc3RhbXAiOiIyMDI0LTAxLTE1VDE3OjIyOjQ1LjAwMFoiLCJ1bmlxdWVJZCI6IjAxMjNmMTgyMmMzOGRkN2EwMSIsInB1YmxpY0tleVNldCI6eyJrZXlzIjpbeyJraWQiOiIwIiwia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiJ4OFRQUWs3aDVPdy1jYjE1cC1URTZJUnFIUVNFVHBSTk5idTdubDBGb3dNIiwieSI6InV4M3VQOEFsb1VtOFFuTm55Rkw2UjBLS1pZeEZDSXRVX1FMZ3N1aFhvb3MiLCJ4NWMiOlsiTUlJQjlUQ0NBWnVnQXdJQkFnSVFWQ3U4ZnN2QXAzeWRzbm5TYVh3Z2dUQUtCZ2dxaGtqT1BRUURBakJQTVNFd0h3WURWUVFLREJoTmFXTnliMk5vYVhBZ1ZHVmphRzV2Ykc5bmVTQkpibU14S2pBb0JnTlZCQU1NSVVOeWVYQjBieUJCZFhSb1pXNTBhV05oZEdsdmJpQlRhV2R1WlhJZ1JqWXdNREFnRncweE9UQXhNalF4TmpBd01EQmFHQTh5TURRM01ERXlOREUyTURBd01Gb3dSakVoTUI4R0ExVUVDZ3dZVFdsamNtOWphR2x3SUZSbFkyaHViMnh2WjNrZ1NXNWpNU0V3SHdZRFZRUUREQmd3TVRJelJqRTRNakpETXpoRVJEZEJNREVnUVZSRlEwTXdXVEFUQmdjcWhrak9QUUlCQmdncWhrak9QUU1CQndOQ0FBVEh4TTlDVHVIazdENXh2WG1uNU1Ub2hHb2RCSVJPbEUwMXU3dWVYUVdqQTdzZDdqL0FKYUZKdkVKelo4aFMra2RDaW1XTVJRaUxWUDBDNExMb1Y2S0xvMkF3WGpBTUJnTlZIUk1CQWY4RUFqQUFNQTRHQTFVZER3RUIvd1FFQXdJRGlEQWRCZ05WSFE0RUZnUVVzL0dxWlE2TUFiN3pIL3IxUW81OE9jRUZ1Wkl3SHdZRFZSMGpCQmd3Rm9BVSs5eXFFb3I2d2JXU2o4MnJFZHNKUHM5TnZ2WXdDZ1lJS29aSXpqMEVBd0lEU0FBd1JRSWdOTFR6SzU2YjVVWUVIZTlZd3FJczZ1VGFubXgyT3JCNmgvUVlEc0lPV3NNQ0lRQ0wxRHNseGdVdTg4eG95eWdNU2dMOVg4bGNINUJ6OVJBREphbUlmL3VRS2c9PSIsIk1JSUNCVENDQWFxZ0F3SUJBZ0lRZVFxbjFYMXozT2x0WmR0bWkzYXlYakFLQmdncWhrak9QUVFEQWpCUE1TRXdId1lEVlFRS0RCaE5hV055YjJOb2FYQWdWR1ZqYUc1dmJHOW5lU0JKYm1NeEtqQW9CZ05WQkFNTUlVTnllWEIwYnlCQmRYUm9aVzUwYVdOaGRHbHZiaUJTYjI5MElFTkJJREF3TWpBZ0Z3MHhPREV5TVRReE9UQXdNREJhR0E4eU1EUTVNVEl4TkRFNU1EQXdNRm93VHpFaE1COEdBMVVFQ2d3WVRXbGpjbTlqYUdsd0lGUmxZMmh1YjJ4dloza2dTVzVqTVNvd0tBWURWUVFERENGRGNubHdkRzhnUVhWMGFHVnVkR2xqWVhScGIyNGdVMmxuYm1WeUlFWTJNREF3V1RBVEJnY3Foa2pPUFFJQkJnZ3Foa2pPUFFNQkJ3TkNBQVIyUjBGd3NtUG5tVlM4aGJzUzZmNXdERnVOMU5hVFJaakNLYWRvQWc1T0MyMUlkZER0b2U3Mlg1RmZ4ckVXUnNXaHltTWZZbFZvZEVkcHhkNkR0WWxxbzJZd1pEQU9CZ05WSFE4QkFmOEVCQU1DQVlZd0VnWURWUjBUQVFIL0JBZ3dCZ0VCL3dJQkFEQWRCZ05WSFE0RUZnUVUrOXlxRW9yNndiV1NqODJyRWRzSlBzOU52dll3SHdZRFZSMGpCQmd3Rm9BVWV1MTliY2EzZUoyeU9BR2w2RXFNc0tRT0tvd3dDZ1lJS29aSXpqMEVBd0lEU1FBd1JnSWhBTVl3TWVtcGl6Qk9hSDRHeFRsNUtzVjZYQUZOTUJmZTNOSjkxUjNOaGpmL0FpRUF4cUlzYnJHdVg0V1JTY3RkNTNlTG8vTUw2VDJiZ0crVXZ6MlFwWVI0WWR3PSJdfSx7ImtpZCI6IjEiLCJrdHkiOiJFQyIsImNydiI6IlAtMjU2IiwieCI6IjJPaG5lOXYwYVRTQ2RyWk5tWHZ0T1dpcjVFVGdSaG52ZWNKRFhQSHpGcGciLCJ5IjoiaGNQOTFDTVRBS3ZqZHo2X2lOV080Nmc1dVBqUnZKa3V1UV82VEhja0YtQSJ9LHsia2lkIjoiMiIsImt0eSI6IkVDIiwiY3J2IjoiUC0yNTYiLCJ4IjoiRUVFeGlSZjBUQlh3UGtMaWhKVlJ0ZVNZM2hVLUlHVExsVU8tRlJNSlpGZyIsInkiOiJOdWJvYXc0V19hM0t3aTBsVmVHOXA0aDQySTRtN3ZtSzVQNDlTUGViRnZNIn0seyJraWQiOiIzIiwia3R5IjoiRUMiLCJjcnYiOiJQLTI1NiIsIngiOiJqS0I4RGtjaTVFeFJ6ZzBxdERkQWpwUklIU2h4WU9OODJZWjItaGFqZW5ZIiwieSI6Ik5ZTUo5RHRiQ3Q2T3BuajJnNDNBaGsycHhRdTlLUmRNeTNtMGYtSl9yUkUifSx7ImtpZCI6IjQiLCJrdHkiOiJFQyIsImNydiI6IlAtMjU2IiwieCI6IkxUVTBJR2gzeW1BeldsV21aODRmaFg3WWtCNFpDbW1sVi1ZT05EdERhRFUiLCJ5IjoiY3ZOcjJUSkRXWGY0WE82UHp5YlJXb0VjUUxUNEYzTlZQOFlqMi1YOHFidyJ9XX19",
"protected": "eyJhbGciOiJFUzI1NiIsImtpZCI6IlRDbnBuellCOE0zQ083NzZCeVBKMnlYM0tZbyIsInR5cCI6IkpXVCIsIng1dCNTMjU2IjoiVngyWmhCRVg0Ni16VHlpSVlFV1FQNmVGekNnOTB1Z0dqaDVlcEdCTTRPTSJ9",
"header": {
"uniqueId": "0123f1822c38dd7a01"
},
"signature": "In8syiQ6wIuU2SwwdZ0hDqYwuAeo7J5LOipx346SPi5jbOWl-a9DvkN0eQsY6NVdioZUm5vR3k0YKm4pOeEB9w"
}
]
Decoding the protected member gives the following SignedSecureElementProtectedHeader:
{
"typ": "JWT",
"alg": "ES256",
"kid": "TCnpnzYB8M3CO776ByPJ2yX3KYo",
"x5t#S256": "Vx2ZhBEX46-zTyiIYEWQP6eFzCg90ugGjh5epGBM4OM"
}
Decoding the payload member gives the following SecureElement:
[
{
"version": 3,
"model": "ATECC608C",
"partNumber": "ATECC608C-MAH22",
"manufacturer": {
"organizationName": "Microchip Technology Inc",
"organizationalUnitName": "Secure Computing Group"
},
"provisioner": {
"organizationName": "Microchip Technology Inc",
"organizationalUnitName": "Secure Computing Group"
},
"distributor": {
"organizationName": "Microchip Technology Inc",
"organizationalUnitName": "Microchip Direct"
},
"groupId": "359SCE55NV38H3CB",
"provisioningTimestamp": "2024-01-15T17:22:45.000Z",
"uniqueId": "0123f1822c38dd7a01",
"publicKeySet": {
"keys": [
{
"kid": "0",
"kty": "EC",
"crv": "P-256",
"x": "x8TPQk7h5Ow-cb15p-TE6IRqHQSETpRNNbu7nl0FowM",
"y": "ux3uP8AloUm8QnNnyFL6R0KKZYxFCItU_QLgsuhXoos",
"x5c": [
"MIIB9TCCAZugAwIBAgIQVCu8fsvAp3ydsnnSaXwggTAKBggqhkjOPQQDAjBPMSEwHwYDVQQKDBhNaWNyb2NoaXAgVGVjaG5vbG9neSBJbmMxKjAoBgNVBAMMIUNyeXB0byBBdXRoZW50aWNhdGlvbiBTaWduZXIgRjYwMDAgFw0xOTAxMjQxNjAwMDBaGA8yMDQ3MDEyNDE2MDAwMFowRjEhMB8GA1UECgwYTWljcm9jaGlwIFRlY2hub2xvZ3kgSW5jMSEwHwYDVQQDDBgwMTIzRjE4MjJDMzhERDdBMDEgQVRFQ0MwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATHxM9CTuHk7D5xvXmn5MTohGodBIROlE01u7ueXQWjA7sd7j/AJaFJvEJzZ8hS+kdCimWMRQiLVP0C4LLoV6KLo2AwXjAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIDiDAdBgNVHQ4EFgQUs/GqZQ6MAb7zH/r1Qo58OcEFuZIwHwYDVR0jBBgwFoAU+9yqEor6wbWSj82rEdsJPs9NvvYwCgYIKoZIzj0EAwIDSAAwRQIgNLTzK56b5UYEHe9YwqIs6uTanmx2OrB6h/QYDsIOWsMCIQCL1DslxgUu88xoyygMSgL9X8lcH5Bz9RADJamIf/uQKg==",
"MIICBTCCAaqgAwIBAgIQeQqn1X1z3OltZdtmi3ayXjAKBggqhkjOPQQDAjBPMSEwHwYDVQQKDBhNaWNyb2NoaXAgVGVjaG5vbG9neSBJbmMxKjAoBgNVBAMMIUNyeXB0byBBdXRoZW50aWNhdGlvbiBSb290IENBIDAwMjAgFw0xODEyMTQxOTAwMDBaGA8yMDQ5MTIxNDE5MDAwMFowTzEhMB8GA1UECgwYTWljcm9jaGlwIFRlY2hub2xvZ3kgSW5jMSowKAYDVQQDDCFDcnlwdG8gQXV0aGVudGljYXRpb24gU2lnbmVyIEY2MDAwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAAR2R0FwsmPnmVS8hbsS6f5wDFuN1NaTRZjCKadoAg5OC21IddDtoe72X5FfxrEWRsWhymMfYlVodEdpxd6DtYlqo2YwZDAOBgNVHQ8BAf8EBAMCAYYwEgYDVR0TAQH/BAgwBgEB/wIBADAdBgNVHQ4EFgQU+9yqEor6wbWSj82rEdsJPs9NvvYwHwYDVR0jBBgwFoAUeu19bca3eJ2yOAGl6EqMsKQOKowwCgYIKoZIzj0EAwIDSQAwRgIhAMYwMempizBOaH4GxTl5KsV6XAFNMBfe3NJ91R3Nhjf/AiEAxqIsbrGuX4WRSctd53eLo/ML6T2bgG+Uvz2QpYR4Ydw="
]
},
{
"kid": "1",
"kty": "EC",
"crv": "P-256",
"x": "2Ohne9v0aTSCdrZNmXvtOWir5ETgRhnvecJDXPHzFpg",
"y": "hcP91CMTAKvjdz6_iNWO46g5uPjRvJkuuQ_6THckF-A"
},
{
"kid": "2",
"kty": "EC",
"crv": "P-256",
"x": "EEExiRf0TBXwPkLihJVRteSY3hU-IGTLlUO-FRMJZFg",
"y": "Nuboaw4W_a3Kwi0lVeG9p4h42I4m7vmK5P49SPebFvM"
},
{
"kid": "3",
"kty": "EC",
"crv": "P-256",
"x": "jKB8Dkci5ExRzg0qtDdAjpRIHShxYON82YZ2-hajenY",
"y": "NYMJ9DtbCt6Opnj2g43Ahk2pxQu9KRdMy3m0f-J_rRE"
},
{
"kid": "4",
"kty": "EC",
"crv": "P-256",
"x": "LTU0IGh3ymAzWlWmZ84fhX7YkB4ZCmmlV-YONDtDaDU",
"y": "cvNr2TJDWXf4XO6PzybRWoEcQLT4F3NVP8Yj2-X8qbw"
}
]
}
}
]
The SignedSecureElement example above can be verified with the following certificate:
-----BEGIN CERTIFICATE-----
MIIB0jCCAXigAwIBAgIQcP14hLlwUpir3i8tdzrmhTAKBggqhkjOPQQDAjBBMSEw
HwYDVQQKDBhNaWNyb2NoaXAgVGVjaG5vbG9neSBJbmMxHDAaBgNVBAMME01hbmlm
ZXN0IFNpZ25lciAwMDUwIBcNMjQwMzA3MDEzMjI4WhgPOTk5OTEyMzEyMzU5NTla
MEExITAfBgNVBAoMGE1pY3JvY2hpcCBUZWNobm9sb2d5IEluYzEcMBoGA1UEAwwT
TWFuaWZlc3QgU2lnbmVyIDAwNTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABEyv
Hdl9eahGVVB6qBk10hJJo0LQYVbp+WiF7bINiHwYjgaDbaxicTYUmhxegfq16nMM
3Wb8C5jfszBG3JIj5JijUDBOMB0GA1UdDgQWBBRMKemfNgHwzcI7vvoHI8nbJfcp
ijAfBgNVHSMEGDAWgBRMKemfNgHwzcI7vvoHI8nbJfcpijAMBgNVHRMBAf8EAjAA
MAoGCCqGSM49BAMCA0gAMEUCIEqosgzOcF4YutuSZbw4d3CunMmME4pYUiMhQCKG
9aHnAiEAzjNY6YJxtgEwxzgBUmXP1A5IS7EnUQCbcLkGUDh3uMM=
-----END CERTIFICATE-----