Tip / Sign in to post questions, reply, level up, and achieve exciting badges. Know more

cross mob

Signature verification using 0xE0E0 certificate of OPTIGA™ Trust M – KBA235163

Signature verification using 0xE0E0 certificate of OPTIGA™ Trust M – KBA235163

IFX_Publisher2
Community Manager
Community Manager
Community Manager
1000 replies posted First like given 750 replies posted

Version: **

OPTIGA™ Trust M has a pre-provisioned key pair with a private key at 0xE0F0 and a public key certificate (TLS identity certificate chain format) at 0xE0E0. Use this public key certificate to verify a signature generated from the corresponding private key as follows:

Method 1: Using the public key from the certificate

Read the public key certificate from a 0xE0E0 data object using optiga_util_read_data API. Print the read content and store it on a local device (copy in notepad). Use the OpenSSL tool to decode the certificate and note the public key. Copy this public key into the ecc_public_key_component buffer of theexample_crypt_ecdsa_verify code example. Run this example with the appropriate digest and signature.

Method 2: Using the certificate OID (Object ID)

To verify the signature using OID, the data object must contain only a single X.509 certificate (ASN.1 DER encoded). As the public key certificate in 0xE0E0 is in the form of a TLS identity certificate chain, you cannot directly use this OID to verify signature. Therefore, first, read the public key certificate from the 0xE0E0 data object using optiga_util_read_data API. Print the read content and find the 0x30 byte, which indicates the first byte of the DER-encoded X.509 certificate (all previous data bytes contain certificate chaining data that is not a part of X.509 public-key certificate).

In the signature verification code, read the 0xE0E0 certificate from the offset corresponding to 0x30 data using optiga_util_read_data API. Store this into Trust Anchor data object using optiga_util_write_data API, with the optiga_oid as 0xE0E8 / 0xE0E9. Now pass this Trust Anchor OID pointer to optiga_crypt_ecdsa_verify API with the public_key_source_type as OPTIGA_CRYPT_OID_DATA. This flow is shown below.

uint16_t CertChainOID, TrustAnchorOID;
int16_t offset, bytes_to_read;
uint8_t public_key_buffer[1024];
.
.
CertChainOID = 0xE0E0;
TrustAnchorOID = 0xE0E8;
offset = 0x09;    // offset corresponding to 0x30
bytes_to_read = sizeof(public_key_buffer);
.
.
Return_status = optiga_util_read_data (me, CertChainOID, offset, public_key_buffer, &bytes_to_read);
Return_status = optiga_util_write_data (me, TrustAnchorOID, OPTIGA_UTIL_ERASE_AND_WRITE, 0x00, public_key_buffer, bytes_to read);
Return_status = optiga_crypt_ecdsa_verify (me, digest_value, sizeof(digest_value), sign, sizeof(sign), OPTIGA_CRYPT_OID_DATA, (void *) &TrustAnchorOID);

0 Likes
732 Views