Sign - Internal Message

The Sign command in the Internal Message mode is used to sign a message that was internally generated. The command calculates the internal message digest and then signs the digest using the ECDSA sign algorithm with the private ECC key specified in KeyID. Internally generated messages must always reside in TempKey. The value in TempKey must be generated using either the GenDig or the GenKey command. If TempKey is not valid an error will occur. Typical uses include:

For the ATECC608A-TFLXTLS device, only Slot 1 is capable of signing internally generated messages.

Table 1. Input Parameters - Sign Internal Message

Opcode
(1 Byte)

Mode
(1 Byte)

KeyId
(2 Bytes)

 Description
0x41 0x00 or 0x20 0x00 0[Slot] Serial number is not included in the message digest calculation
0x40 or 0x60 0x00 0[Slot] Serial number is included in the message digest calculation
Table 2. Output Response - Sign Internal Message
Name Size Description
Response 1 byte Error code if the command fails
64 bytes The signature composed of R and S values

Internal Message Generation

The internal message is generated based on a 55 Byte Field as shown below.

Byte Count Serial Number Not Included Serial Number Included

32 bytes
1 byte
1 byte
2 bytes
2 bytes
2 bytes
1 byte
2 bytes
1 byte
4 bytes
2 bytes
2 bytes
1 byte
1 byte
1 byte

TempKey(1)
Opcode
Mode
KeyID
SlotConfig (of TempKeyFlags.KeyID)
KeyConfig (of TempKeyFlags.KeyID)
TempKeyFlags(2)
Zeros
SN[8] = 0x01
Zeros
SN[0:1] = 0x01 0x23
Zeros
SlotLocked:TempKeyFlags.KeyID
0x00
0x00

TempKey(1)
Opcode
Mode
KeyID
SlotConfig (of TempKeyFlags.KeyID)
KeyConfig (of TempKeyFlags.KeyID)
TempKeyFlags(2)
Zeros
SN[8] = 0x01
SN[4:7]
SN[0:1] = 0x01 0x23
SN[2:3]
SlotLocked:TempKeyFlags.KeyID
0x00
0x00
Notes:
  1. 1. TempKey must be generated by GenKey or GenDig commands prior to this calculation.
  2. 2.TempKeyFlags Consists of: (b[7]: NoMacFlag, b[6]: GenKeyData, b[5]: GenDigData, b[4]: SourceFlag,b[3:0] TempKeyFlags)
Parent topic: Sign Command