OPTIGA™ Trust Forum Discussions

Can you provide link to get detailed datasheet of SLJ52ACA150A1VQFN32XUMA1 including part number details and technical details like single pin interface to FPGA. 

We are interfacing SLJ52ACA150A1 with FPGA LFE5UM-45F (lattice) using single wire for DATA I/O, RST and CLK pins. Need any example schematic. Specifically we need pull-up value required on DATA pin (if required) and any other similar interface details.

Hello,

I have some questions on Infineon OPTIGA™ Trust M SLS 32AIA010MH and especially optiga_crypt_ecdsa_sign().

Question 1

Are there some limitations on the length of the provided digest in the optiga_crypt_ecdsa_sign() API-call? I have an application where I want to sign a digest of ~300 bytes (i.e. I do not want to apply the signature on a hash of the data), but providing such digest to the optiga_crypt_ecdsa_sign() method gives me an error code of 0x8005. Why is that? This error code does not seem to be defined anywhere either, so I am not able to figure out what it means.

By inspecting the source code, it looks like it should give me an OPTIGA_CMD_ERROR_INVALID_INPUT (0x0203) error instead if any.

Question 2
Are there some timing constraints in the https://infineon.github.io/optiga-trust-m/ library we need to be aware of?

I have used the procedure outlined in this example: https://github.com/Infineon/optiga-trust-m/blob/develop/examples/optiga/example_optiga_crypt_ecdsa_sign.c, but if I remove the log statements and the performance measurement, it looks like it causes some issues. 

Ressources: https://infineon.github.io/optiga-trust-m/

Best regards

Dear Infineon Community Team,

I ported (to Zephyr 2.4.0 ) and successfully tried the zephyr driver for Optiga Trust M. It works well. Nice job you did here.

However I have been really disappointed when I discovered that this zephyr driver was unfortunately not based on the Optiga Trust Library : "pal" is not ported on Zephyr. Instead it is a nice but distinct implementation. In our case I would have to use features that are not present in this Zephyr driver. So porting the Library seems mandatory.

QUESTIONS:

- Does Infineon think about providing the "Optiga Trust M library" porting for Zephyr?

- Is there any description to implement a Certificate Signing Request using the Optiga Trust M? Or the CSR must be done off-security controller?

- Is there any document that shows the security controller commands in more details?

Thanks in advance. Looking forward to your soonest reply.

Best regards,

Thierry 

I am working on bring up Infineon SLS37CSA HSM on Qualcomm SA2150P application processor.

I already download all reference resource from the link (https://myicp.infineon.com/sites/SLS37_V2X/Lists/defaultdoclib/SLS37V2XProduct/) including databook, get start, HSM host software and public certification (IntCAcerts/Infineon OPTIGA(TM) V2X ECC CA 004_20200804.zip).

I already integrate HSM host software to SA2150P Linux rootfs. The sample application runs failure below:

~ # get-info
[T=1' ] [ERROR ] polling time exceeded but no data received
[T=1' ] [ERROR ] polling time exceeded but no data received
[T=1' ] [ERROR ] polling time exceeded but no data received
[T=1' ] [ERROR ] Giving up block exchange after 2 tries
[T=1' ] [WARNING] Trying to recover via S(SWR) exchange
[T=1' ] [ERROR ] polling time exceeded but no data received
Could not initialize V2X communication stack (0x804101ff)
~ #

My questions:

1. There is no guide to show how to use the public certification (IntCAcerts/Infineon OPTIGA(TM) V2X ECC CA 004_20200804.zip). Can you provide the steps?

2. What is the other possible reasons for the sample app failure above?

Hi,the following page https://github.com/Infineon/optiga-trust-m/wiki/Data-and-Key-Store-Overview says about data-retention-after-testing that "this time is the same as the device lifetime defined in the data sheet."

Where can i find this information? Can you give me more details?

If i write a data object like 0xF1D0 once after production, how long is this information retained?

Regards.

In the Optiga Trust M datasheet, the exposed centre pad is labelled as n.c. but with the following comment

Connect the exposed pad with the copper area in the PCB to improve thermal dissipation.

Can this pad be connected to ground? or must any connection be floating?

thanks in advance