4.2.4 `Verify` Command

The Verify command takes an ECDSA [R,S] signature and verifies that it is correctly generated given an input message digest and public key. In all cases, the signature is an input to the command. The public key can be either stored on the device or provided as an input.

An optional MAC can be returned from the Verify command to defeat any man-in-the-middle attacks. If the verify calculation shows that the signature is correctly generated from the input digest, a MAC will be computed based on an input nonce stored in TempKey and the value of the I/O protection secret, which is stored in both the ECC608-TNGHNT and the host MCU. MAC outputs can only be generated in External and Stored modes. The I/O protection function must be enabled for MAC computation.

ECC608-TNGHNT

4.2.4 Verify Command

4.2.4 `Verify` Command