Tip / Sign in to post questions, reply, level up, and achieve exciting badges. Know more

OPTIGA™ Trust Forum Discussions

lseg
Level 1
Level 1
5 sign-ins First reply posted First question asked

I would like to use a nr of parallel instances of optiga_util and optiga_ crypto.

Apparently it is possible to have multiple of them at the same time but it is limited to the nr of optiga_cmd instances:

fromsolution reference: "This operation inherently creates an
instance of optiga_cmd if available due to solution constraints (the
number of optiga_cmd instances might be limited)."

How can I know how many instances will be possible?

Kind regards,

0 Likes
1 Solution
KarishmaShaik
Moderator
Moderator
Moderator
10 solutions authored 50 replies posted 100 sign-ins

Hi @lseg,

The maximum number of instance registrations is defined as 'OPTIGA_CMD_MAX_REGISTRATIONS' in optiga_lib_config_m_v3.h file.

View solution in original post

0 Likes
6 Replies
KarishmaShaik
Moderator
Moderator
Moderator
10 solutions authored 50 replies posted 100 sign-ins

Hi @lseg,

The maximum number of instance registrations is defined as 'OPTIGA_CMD_MAX_REGISTRATIONS' in optiga_lib_config_m_v3.h file.

0 Likes
lseg
Level 1
Level 1
5 sign-ins First reply posted First question asked

@KarishmaShaik thank you for your answer!

So max is set to 6, since I need one instance for an optiga_util and one for an optiga_crypto, I will only be able to have 3 parallel flows I suppose?

So for example if I want to have some parallel independent  TLS channels it is limited to 3, each channel requiring its own optiga_util and optiga_ crypto? 

Kind regards,

0 Likes
KarishmaShaik
Moderator
Moderator
Moderator
10 solutions authored 50 replies posted 100 sign-ins

Yes, your understanding is correct. Each optiga_util and optiga_crypt instances are independent and will be considered as 2 separate instances.

0 Likes

What I am not understanding than, is that on the chip you have 4 session contexts (0xE100-0xE103), I suppose each of the optiga_crypt instances will get one of them assigned, right?

How come there are 4 of these although only 3 optiga_crypt instances are possible. Or am I making a wrong connection here somehow.

You can not have an optiga_crypt instance without having a optiga_util instance, right?

You could have a optiga_util without needing a optiga_crypt. 

An optiga_util will not use one of the session context, or is that a wrong assumption from me?

Kind regards,

Luc Segers

0 Likes
Sharath
Moderator
Moderator
Moderator
25 solutions authored 100 sign-ins 50 replies posted

Hi @lseg ,

Please find our answer below:

What I am not understanding than, is that on the chip you have 4 session contexts (0xE100-0xE103), I suppose each of the optiga_crypt instances will get one of them assigned, right?
A: Session context object is an instance where you are using volatile memory (RAM) to perform an operation like write data or use a key or a certificate from this RAM area, it has got nothing to do with sessions created. The opposite of a session context object would be persistent objects like key and cert objects.

How come there are 4 of these although only 3 optiga_crypt instances are possible. Or am I making a wrong connection here somehow.
A: Explained above, session context is just a volatile object, in contrast with other objects like E0E0 and so on, which are persistent (non-volatile)

You can not have an optiga_crypt instance without having a optiga_util instance, right?
A: optiga_crypt instance is created if you need optiga trust to perform a crypto operation like encryption, signature etc. optiga_util instance is created if you need optiga_trust to perfrom a non crypto operation like secure data read and data write from objects like certificates and user specific data in arbitrary data objects (e.g. F1D0). So, optiga_crypt and optiga_util they are independent of each other.

You could have a optiga_util without needing a optiga_crypt. 
A: Yes, if you just need to use a read or write API of optiga trust and not perform any crypto operation like encryption, signature.

An optiga_util will not use one of the session context, or is that a wrong assumption from me?
A: You can use session context if you need the data or keys in this object to disappear after a reset, since it is in volatile memory. For other use cases, you can use persistent data objects instead.

For more details, refer this blog
For complete info, refer the solutions reference manual 

0 Likes
KarishmaShaik
Moderator
Moderator
Moderator
10 solutions authored 50 replies posted 100 sign-ins

Please let us know if your query is resolved.

We will wait for 3 days and then lock this thread. In case your problem is not resolved, please create a new thread and we will be happy to help. 

0 Likes