ECDH - TempKey Source

The ECDH command may use the value in TempKey as its starting value for an ECDH command. The ECC private key value in TempKey must be generated by the GenKey command. Once the TempKey has been used by the ECDH command, the TempKey.Valid flag is reset. If the output is back to the TempKey location, then this flag will be set again.

Table 1. Input Parameters ECDH TempKey

Opcode
(1 Byte)

Mode
(1 Byte)

KeyId
(2 Bytes)

Data Description

Data 1
(32 Bytes)

Data 2
(32 Bytes)

0x43 0x0D 0x00 00 X component of public key Y component of public key
  • Results sent to the output buffer
  • Output is in the clear(1)
0x0F 0x00 00 X component of public key Y component of public key
  • Results sent to the output buffer
  • Output is encrypted
0x09 0x00 00 X component of public key Y component of public key
  • Results stored in TempKey
  • Output is available for other operations but is not directly accessible.
0x05 0x00 0[Slot] X component of public key Y component of public key
  • Results stored in specified slot
Note:
  1. 1.When the ChipOptions.ECDHPROT value is 1, then the output of the ECDH command will be encrypted in this mode. For the ATECC608A-TNGTLS the ECDHPROT field is set to 0 and encryption will be dependent upon the mode of the ECDH command.
Table 2. Output Response ECDH TempKey
Name Mode Size Description
Response 0x0D or 0x0F 1 byte Error code if command fails
Response 0x0D 32 bytes Shared Master Secret as clear text

Response
OutNonce

0x0F

32 bytes
32 bytes

Shared Master Secret as encrypted text
nonce used for encryption

Response 0x05 or 0x09 1 byte 0x00 if successful, otherwise an error code is returned