Device Commands

The following section details all of the commands broken out by Command mode that are allowed in the ATECC608A-TNGTLS. The commands have been broken into three categories:
  1. 1.General Device Commands
    These commands fall into two categories:
    • General device access commands that are used to send data to the device or retrieve data but typically do not perform any cryptographic functions.
    • General cryptographic commands that can be used by the device or the system but typically do not operate on specific data slots.
  2. 2.Asymmetric Cryptography Commands

    These commands perform asymmetric cryptographic operations, such as key generation, message signing and message verification that utilize an ECC public or private key. These commands are limited to use on ECC Data zone slots.

  3. 3.Symmetric Cryptography Commands

    These commands perform a symmetric cryptographic function, such as generating a digest or MAC, key derivation or AES encryption and decryption.

Input Parameters for all Commands

Multibyte input parameters are shown as big-endian (MSB first) values in the input parameters tables unless otherwise specified. Note that the ATECC608A-TNGTLS device actually expects the data to be sent little-endian (LSB first).

Table 1. Command Opcodes, Short Descriptions, and Command Categories
Command Opcode Description Command Category
AES 0x51 Execute the AES-ECB Encrypt or Decrypt functions. Calculate a Galois Field Multiply. Symmetric Cryptography Command
CheckMac 0x28 Verify a MAC calculated on another CryptoAuthentication device. Symmetric Cryptography Command
Counter 0x24 Read or increment one of the monotonic counters General Device Commands
ECDH 0x43 Generate an ECDH pre-master secret using stored private key and input public key. Asymmetric Cryptography Command
GenDig 0x15 Generate a data digest from a random or input seed and a stored value. Symmetric Cryptography Command
GenKey 0x40 Generate an ECC public key. Optionally generate an ECC private key. Asymmetric Cryptography Command
Info 0x30 Return device state information. General Device Commands
KDF 0x56 Implement the PRF or HKDF key derivation functions Symmetric Cryptography Command
Lock 0x17 Prevent further modifications to a zone or slot of the device. General Device Commands
MAC 0x08 Calculate digest (response) from key and other internal data using SHA-256. Symmetric Cryptography Command
Nonce 0x16 Generate a 32-byte random number and an internally stored Nonce. General Device Commands
Random 0x1B Generate a random number. General Device Commands
Read 0x02 Read 4 or 32 bytes from the device, with or without authentication and encryption. General Device Commands
SelfTest 0x77 Test the various internal cryptographic computation elements General Device Commands
Sign 0x41 ECDSA signature calculation. Asymmetric Cryptography Command
SHA 0x47 Compute a SHA-256 or HMAC digest for general purpose use by the system. General Device Commands
UpdateExtra 0x20 Update bytes 84 or 85 within the Configuration zone after the Configuration zone is locked. General Device Commands
Verify 0x45 ECDSA verify calculation. Asymmetric Cryptography Command
Write 0x12 Write 4 or 32 bytes to the device, with or without authentication and encryption. General Device Commands