Digital Signature Service

Takes a user-supplied SHA-384 hash and signs it with the device's 384-bit private “factory” EC key, KFP, which is the private half of the key pair whose public key (DCPK) is certified by Microchip in the device's X.509-compliant supply chain assurance certificate. The resulting P-384 ECDSA signature can either be formatted using ASN.1 DER or simply returned in a raw format compatible with the user cryptoprocessor. As ECDSA requires the use of a nonce, the service returns a different result each time, even if the hash input is the same.

The System Controller cryptoprocessor does not directly support generating a nonce with the required numerical range required for ECDSA. It is therefore possible that the generated nonce is rejected, in which case a new nonce is automatically generated until a good value is found. This makes the execution time of this service non-deterministic, however, the probability of an out-of-range nonce being initially generated is extremely low and the probability of a second bad nonce is infinitesimal.


If the Raw format is selected, the SIGNATURE field contains two unsigned little-endian 12-word (48 byte) values compatible with the user cryptoprocessor.

If the DER format is selected, the SIGNATURE field is returned in a minimal length DER encoding using a maximum of 104 bytes. If the encoded signature is less than 104 bytes, the output is padded with zeroes. The extra bytes, if any, must be deleted by the user.

Table 1. Digital Signature Service Request
System Service Descriptor Bit Field Value Description
15:7 MBOXADDR[10:2] Mailbox address. See Table 2.
6:0 19H Digital signature Raw format service command
1AH Digital Signature DER format service command

The following table lists the Digital Signature Service mailbox format.

Table 2. Digital Signature Service Mailbox Format
Offset Length (bytes) Parameter Direction Description
0 48 HASH Input SHA384 hash to be signed
48 96 (Raw) SIGNATURE Output ECDSA signature (r, s)
104 (DER)