Security & Smart Card Forum Discussions

Hi Team,

For thermal simulation we need Junction to board (J_b) resistance values.

Attached snapshot from datasheet

Dear Infineon Community Team,

I ported (to Zephyr 2.4.0 ) and successfully tried the zephyr driver for Optiga Trust M. It works well. Nice job you did here.

However I have been really disappointed when I discovered that this zephyr driver was unfortunately not based on the Optiga Trust Library : "pal" is not ported on Zephyr. Instead it is a nice but distinct implementation. In our case I would have to use features that are not present in this Zephyr driver. So porting the Library seems mandatory.

QUESTIONS:

- Does Infineon think about providing the "Optiga Trust M library" porting for Zephyr?

- Is there any description to implement a Certificate Signing Request using the Optiga Trust M? Or the CSR must be done off-security controller?

- Is there any document that shows the security controller commands in more details?

Thanks in advance. Looking forward to your soonest reply.

Best regards,

Thierry 

I am working on bring up Infineon SLS37CSA HSM on Qualcomm SA2150P application processor.

I already download all reference resource from the link (https://myicp.infineon.com/sites/SLS37_V2X/Lists/defaultdoclib/SLS37V2XProduct/) including databook, get start, HSM host software and public certification (IntCAcerts/Infineon OPTIGA(TM) V2X ECC CA 004_20200804.zip).

I already integrate HSM host software to SA2150P Linux rootfs. The sample application runs failure below:

~ # get-info
[T=1' ] [ERROR ] polling time exceeded but no data received
[T=1' ] [ERROR ] polling time exceeded but no data received
[T=1' ] [ERROR ] polling time exceeded but no data received
[T=1' ] [ERROR ] Giving up block exchange after 2 tries
[T=1' ] [WARNING] Trying to recover via S(SWR) exchange
[T=1' ] [ERROR ] polling time exceeded but no data received
Could not initialize V2X communication stack (0x804101ff)
~ #

My questions:

1. There is no guide to show how to use the public certification (IntCAcerts/Infineon OPTIGA(TM) V2X ECC CA 004_20200804.zip). Can you provide the steps?

2. What is the other possible reasons for the sample app failure above?

Hello

I have a few  of the SLB9670 TPM 2.0 chips installed in a batch of embedded Linux devices. They work fine, but they do not have fips certification marked in their fixed properties. The product page, however, says:

"FIPS 140-2 certified FW available via FW update"

Is it possible to install the firmware update in order to upgrade the SLB9670 in the field? How?

Is this firmware update available, and under what conditions?

Regards. Jorgen.Pihlflyckt@ajeco.fi

Hi,the following page https://github.com/Infineon/optiga-trust-m/wiki/Data-and-Key-Store-Overview says about data-retention-after-testing that "this time is the same as the device lifetime defined in the data sheet."

Where can i find this information? Can you give me more details?

If i write a data object like 0xF1D0 once after production, how long is this information retained?

Regards.

In the Optiga Trust M datasheet, the exposed centre pad is labelled as n.c. but with the following comment

Connect the exposed pad with the copper area in the PCB to improve thermal dissipation.

Can this pad be connected to ground? or must any connection be floating?

thanks in advance