The format for public and private keys depends on the command and key length. In general, the Most Significant Bytes (MSB) appear first on the bus and at the lowest address in memory. In the remainder of this section below, the bytes on the left side of the page are the MSBs. Microchip recommends all pad bytes be set to zero for consistency.
PrivWrite
command. This parameter is always 36 bytes in length and
the first four bytes (32 bits) are all pad bits.ECC public keys appear as the input or output parameters to several commands, and they can also be stored in EEPROM. They are composed of an X value first on the bus or in memory, followed by a Y value. They are formatted differently depending on the situation as noted below:
GenKey
command
or an input to the Verify
command:
32 bytes of X, then 32 bytes of Y. (36 bytes) There are no pad bytes.
Write
command: Public keys can
be written directly to the EEPROM using the Write
command and are
always
72 bytes long, formatted as follows: 4-pad bytes, 32 bytes of X, four pad
bytes, then 32 bytes of Y.
GenKey
command:
SHA Message:
Public keys can be hashed and placed in TempKey by the GenKey
command. The SHA message contains various bytes that are independent of the size of
the key. These are followed by 25 bytes of pad, followed by 32 bytes of X, then by 32
bytes of Y.
Verify
command:
SHA Message:
When used to validate a stored public key, the Verify
command
expects an input signature created over a SHA-256 digest of a key stored in memory.
Such an inner SHA calculation is always performed over 72 bytes formatted as they are
stored in EEPROM as 4-pad bytes, 32 bytes of X, 4-pad bytes, then 32 bytes of
Y.
When a public key is configured to be validated by the
Verify
command, the Most Significant four bits of the first byte in
memory are used internally by the device to save the validation state. They are always set
to the invalid state (0xA) by the Write
command, and then may be set to
the Valid state (0x5) by the Verify
command.
The lowest levels of the I/O protocols are described below. Above the I/O protocol level, the exact same bytes are transferred to and from the device to implement the commands. Error codes are documented in the following sections.