2.1 TA100 Configuration

The configuration described in this section represents the minimum recommended setup required to support WPC authentication. The complete configuration may vary depending on whether the WPC authentication use case is implemented as a standalone function or combined with additional use cases.

TA100 WPC Handles

A total of five handles are required to support authentication using WPC Slot 0.

Table 2-1. TA100 WPC Slot 0 Handles
Handle Name	Handle ID	Purpose	Features Description
WpcCARootDigest	0x8050	Stores the digest of the WPC Root Certificate. This value is common across all devices.	Always readable Lockable once written Non-deletable
WpcDevicePrivateKey_0	0x8051	ECC P-256 private key unique to each device. This key is automatically generated by Microchip.	Never readable Never writable Usable without an authentication session Lockable Non-deletable
WpcSignerCertData_0	0x8600	Manufacturer signer certificate. This certificate is common for a given manufacturer but differs between manufacturers. It must conform to the format defined in the WPC authentication specification.	Always readable Lockable once written
WpcDeviceCertData_0	0x8601	Device certificate that uniquely identifies an individual device. Each certificate is valid for a single device and must conform to the WPC authentication specification.	Always readable Lockable once written Non-deletable
WpcChainDigest_0	0x8602	SHA-256 digest of the complete WPC Slot 0 certificate chain. The digest may be used to accelerate WPC authentication and is unique to each SSS.	Always readable Lockable once written Non-deletable

Note: It is recommended that all slots be locked once configured to prevent Denial-of-Service attacks resulting from unauthorized modification of stored data.

Attention: Support for WPC slots beyond Slot 0 may be available. Contact Microchip Sales to determine supported capabilities and configuration options.

Additional Configuration Options

The following recommendations apply to standalone WPC authentication devices. All options may be selected using the TA Configurator tool included with the TPDS Tools. For devices that combine multiple use cases, configuration requirements may differ.

Supported package options include the 8-pin SOIC SPI, 8-pin SOIC I²C or 24-pin VQFN, which supports both I²C and SPI.
If the 24-pin VQFN package is selected, configure the Advanced Crypto Engine (ACE) interface to either I²C or SPI. The Fast Crypto Engine interface is not supported for WPC authentication use cases.
Microchip will provide the group number used to uniquely identify the customer.
If an I²C interface is used, the customer must specify the 7-bit I²C address. The default value for the TA100 is 0x17.
Due to the slow authentication time, it is recommended that the Idle Timer be disabled. Once authentication is complete, the device may be placed into sleep using the Power command.
GPIO signals are not required for WPC authentication and should be left in their default configuration.
Pull-up settings for all pins should remain at their default values.
All features not explicitly required for WPC authentication should remain disabled.