Recent discussions
Hi there,
Now I setup a board that use XMC1302 and OPTIGA Trust security chip. Do you have any code example for this?
I just want to comimunicate with security chip, i.e. read some info from it or something like that.
I am a total fresh on this, I will be very grateful if you can give any help.
Thanks
Show LessCan you provide link to get detailed datasheet of SLJ52ACA150A1VQFN32XUMA1 including part number details and technical details like single pin interface to FPGA.
We are interfacing SLJ52ACA150A1 with FPGA LFE5UM-45F (lattice) using single wire for DATA I/O, RST and CLK pins. Need any example schematic. Specifically we need pull-up value required on DATA pin (if required) and any other similar interface details.
Show LessHello,
I have some questions on Infineon OPTIGA™ Trust M SLS 32AIA010MH and especially optiga_crypt_ecdsa_sign().
Question 1
Are there some limitations on the length of the provided digest in the optiga_crypt_ecdsa_sign() API-call? I have an application where I want to sign a digest of ~300 bytes (i.e. I do not want to apply the signature on a hash of the data), but providing such digest to the optiga_crypt_ecdsa_sign() method gives me an error code of 0x8005. Why is that? This error code does not seem to be defined anywhere either, so I am not able to figure out what it means.
By inspecting the source code, it looks like it should give me an OPTIGA_CMD_ERROR_INVALID_INPUT (0x0203) error instead if any.
Question 2
Are there some timing constraints in the https://infineon.github.io/optiga-trust-m/ library we need to be aware of?
I have used the procedure outlined in this example: https://github.com/Infineon/optiga-trust-m/blob/develop/examples/optiga/example_optiga_crypt_ecdsa_sign.c, but if I remove the log statements and the performance measurement, it looks like it causes some issues.
Ressources: https://infineon.github.io/optiga-trust-m/
Best regards
Show LessDear Supporter
I want to translate the following KBA. Please confirm to my work.
Signature verification using 0xE0E0 certificate of OPTIGA™ Trust M – KBA235163
Regards,
Nino
Show LessHi
I have tested several javacards (Feitian D11CR, Infineon JTOP, G&D Smart Cafe) over T=0 and here is what I have observed.
If applet returns some data in case 4 APDU, the JCRE signals with SW 0x61XX that there is data available which terminal should retrieve using GET RESPONSE APDU.
However, if applet returns some data in case 2 APDU and Le does not match number of bytes to be returned, JCRE signals with error SW 0x6CXX, instructing that the same C-APDU has to be resent with correct Le.
For legacy reasons there are terminals who know how to handle 0x61XX, but fail to handle 0x6CXX response. Is there a way how to force JCRE to handle case 2 APDUs using 0x61XX (GET RESPONSE) omegle voojio method?
Show LessDear Infineon Community Team,
I ported (to Zephyr 2.4.0 ) and successfully tried the zephyr driver for Optiga Trust M. It works well. Nice job you did here.
However I have been really disappointed when I discovered that this zephyr driver was unfortunately not based on the Optiga Trust Library : "pal" is not ported on Zephyr. Instead it is a nice but distinct implementation. In our case I would have to use features that are not present in this Zephyr driver. So porting the Library seems mandatory.
QUESTIONS:
- Does Infineon think about providing the "Optiga Trust M library" porting for Zephyr?
- Is there any description to implement a Certificate Signing Request using the Optiga Trust M? Or the CSR must be done off-security controller?
- Is there any document that shows the security controller commands in more details?
Thanks in advance. Looking forward to your soonest reply.
Best regards,
Thierry
Show Less
I am working on bring up Infineon SLS37CSA HSM on Qualcomm SA2150P application processor.
I already download all reference resource from the link (https://myicp.infineon.com/sites/SLS37_V2X/Lists/defaultdoclib/SLS37V2XProduct/) including databook, get start, HSM host software and public certification (IntCAcerts/Infineon OPTIGA(TM) V2X ECC CA 004_20200804.zip).
I already integrate HSM host software to SA2150P Linux rootfs. The sample application runs failure below:
~ # get-info
[T=1' ] [ERROR ] polling time exceeded but no data received
[T=1' ] [ERROR ] polling time exceeded but no data received
[T=1' ] [ERROR ] polling time exceeded but no data received
[T=1' ] [ERROR ] Giving up block exchange after 2 tries
[T=1' ] [WARNING] Trying to recover via S(SWR) exchange
[T=1' ] [ERROR ] polling time exceeded but no data received
Could not initialize V2X communication stack (0x804101ff)
~ #
My questions:
1. There is no guide to show how to use the public certification (IntCAcerts/Infineon OPTIGA(TM) V2X ECC CA 004_20200804.zip). Can you provide the steps?
2. What is the other possible reasons for the sample app failure above?
Show LessHi,the following page https://github.com/Infineon/optiga-trust-m/wiki/Data-and-Key-Store-Overview says about data-retention-after-testing that "this time is the same as the device lifetime defined in the data sheet."
Where can i find this information? Can you give me more details?
If i write a data object like 0xF1D0 once after production, how long is this information retained?
Regards.
Show LessIn the Optiga Trust M datasheet, the exposed centre pad is labelled as n.c. but with the following comment
Connect the exposed pad with the copper area in the PCB to improve thermal dissipation.
Can this pad be connected to ground? or must any connection be floating?
thanks in advance
Show Less