Verify - Stored Public Key Mode

When using the Verify command in Stored mode, the public key to be used is stored in a data slot and does not need to be passed. Prior to this command being run, the message should be written to TempKey or the Message Digest Buffer using the Nonce command.

Procedure to Verify a Message with a Stored Key

1.If so required, validate the public key before using the Verify command.
2.If so required, authorize the public key before use.
3.Write the 32-byte digest of the message to either the TempKey or Message Digest Buffer using the Nonce command in Fixed mode.
4.Write the System Nonce to either the lower or upper 32 bytes of the Message Digest Buffer.
1. 4.1.If TempKey contains the message digest, then store the System Nonce in the lower 32 bytes of the Message Digest Buffer.
2. 4.2.If the message digest is stored in the lower 32 bytes of the Message Digest Buffer, then store the System Nonce in the upper 32 bytes of the Message Digest Buffer. The user needs to write both the message digest and the System Nonce at one time using the Nonce command.
5.Issue the Verify command. Include the Mode, KeyID, which specifies the public key slot, the 64-byte signature and the slot # of the internal public key.
6.The output will return:
1. 6.1.One byte success, fail or error code if MAC is not required.
2. 6.2.A 32-byte MAC, if specified by the mode or an error code, if the command fails.

Table 1. Command Parameters
Opcode (1 Byte)	Mode (1 Byte)	Public Key (2 Bytes)	Data Field (64 Bytes)	Comment
Opcode (1 Byte)	Mode (1 Byte)	Public Key (2 Bytes)	Signature (64 Bytes)	Comment
0x45	0x00	0x00, 0[Slot]	R value S value	- Message stored in TempKey
	0x20	0x00, 0[Slot]	R value S value	- Message stored in Message Digest Buffer
	0x80	0x00, 0[Slot]	R value S value	- Message stored in TempKey Validation MAC is returned
	0xA0	0x00, 0[Slot]	R value S value	- Message stored in Message Digest Buffer Validation MAC is returned

Table 2. Output Response - Verify Stored
Name	Mode	Size	Response
Response	0x00 or 0x20	1 byte	0x00 - If signature is verified 0x01 - If signature does not match Error code - If there is a failure due to some other reason
Response	0x80 or 0xA0	32 bytes 1 byte	Validation MAC - If signature is verified 0x01 - If signature does not match Error code - If there is a failure due to some other reason

Table 3. Validation MAC - Verify Stored. The validation MAC input locations vary based on where the message is stored.
Size (Bytes)	Message in TempKey	Message in Message Digest Bufffer
32	Contents of the IO protection key	Contents of the IO protection key
32	Message from TempKey	First 32 bytes message from the Digest Buffer
32	System Nonce in the first 32 bytes of the Message Digest Buffer	System Nonce stored in the second 32 bytes of the Message Digest Buffer
32	R Data of the passed signature	R Data of the passed signature
32	S Data of the passed signature	S Data of the passed signature
1	Opcode	Opcode
1	Mode	Mode
2	Param2 [LSB,MSB]	Param2 [LSB,MSB]