The manifest file format is designed to convey the unique information about a group of secure subsystems, including unique ID (e.g., serial number), public keys and certificates. This was primarily developed for CryptoAuthenticationâ„¢ (currently ATECC508A, ATECC608A and ATECC608B) secure elements. However, it is structured to work for other secure subsystems as well.
Manifest files provide a way to link an actual Microchip Trust security device to the infrastructure environment that it needs to connect to. These files are a critical aspect of the Microchip Trust&GO, TrustFLEX and, optionally, TrustCUSTOM development environments. Whether you connect to an IoT cloud, a LoRaWAN® network or, potentially, any other infrastructure or environment, the manifest file uniquely ties a given device to that environment.
When working with Microchip Trust&GO, TrustFLEX or TrustCUSTOM products, a manifest file will be generated for a group of devices that are provisioned through the Microchip Just-In-Time provisioning services. Each object entry in the manifest file is known as a signed secure element and is signed by a Microchip Elliptic Curve Cryptography (ECC) private key to validate its authenticity. The overall manifest is made of multiple signed secure elements. Specific information associated with the manufacturer, the secure product device and specific individual device information are all part of the information associated with a given signed secure element.
The manifest file is available in a secure fashion only to the customer that orders the group of devices. Accessing these manifest files is part of the development and provisioning flow provided through Microchip. Once provisioning is completed for a group of products, the manifest file is available for download.