The following section provides a set of terms used to discuss configuration
options. The terms are arranged alphabetically.
| |
AES Key
| Slot can be used as a key source for AES
commands. The AES key is 128 bits in width for the ECC608-TNGHNT.
|
Always Write
| Slot can be written in the clear with the Write
command.
|
Clear Read
| Slot is considered public (non-secret) and its contents can be read in the
clear with the Read command.
|
ECDH
| Elliptic Curve Diffie Hellman. Private key can be used with the
ECDH command.
|
Ext Sign
| Private key can be used to sign external (arbitrary) messages.
|
Int Sign
| Private key can be used to sign internal messages generated by the
GenKey or GenDig commands. Used to
attest to the device's internal keys and configuration.
|
Lockable
| Slot can be locked at some point in the future. Once locked, the
slot contents cannot be changed (read/use only).
|
No Read
| Slot is considered secret and its contents cannot be read with the
Read command. Private keys and symmetric secrets must
always be configured as No Read.
|
No Write
| Slot cannot be changed with the Write command.
|
Permanent
| Private key is permanent/unchangeable. It is internally generated during
factory provisioning.
|
Updatable
| Private key can be overwritten later with a new, random,
internally-generated private key. Its initial value is internally generated
during factory provisioning.
|