The page Metadata-and-Access-Conditions shows the wrong oid for the object "General puporse data 2". It is 0xF1E1 instead of 0xF1E2.

Hi,
A call to the CmdLib_DeriveKey function returns the value of '0x80010001'
I believe it might correspond to the CMD_LIB_NULL_PARAM. However, in the following line it is defined as '0x80001001'

Can you check if it is bug or not?

Best regards,
Vedat

Hi @ayushev, I created a new pull request #16 for a small change regarding max buffer length for PAL Linux GPIO. Actually, it is not possible to pilot the reset or VDD GPIO identified by a number with more than two digits.

Regards,

Hello @ayushev,

we are using the library together with Mbed OS. We noticed some problems with the provided PAL, such as #37, or the fact that the reset function is not implemented. Furthermore, Mbed OS 6 deprecates some API used in the PAL, such as wait_ms(). We have now a working PAL which is Mbed OS 6 compatible. Are you open for PRs in this area?

An attempt to read metadata field on several OIDs fails

Hello, when I try to verify a signature I signed with the keys inside the device, it either returns error code 0x01 | Invalid OID or 0x05 | Invalid parameter in command data field. I am going to post my program logic, maybe you can see and tell me if there is a flaw.

1. Init the device succesfully.
2. Generate a keypair at OPTIGA_KEY_STORE_ID_E0F1
3. Save the pubkey in 0xF1DC
4. Read the pubkey at 0xF1DC
5. Hash a "Hello World!" string
6. Sign the string with the key at OPTIGA_KEY_STORE_ID_E0F1

Signature looks like this :
02-21-00-da-0b-64-31-f0-f1-9e-49-d4-dc-6f-14-a1-00-14-dc-00-33-05-4a-84-5c-45-d4-21-f9-5d-e1-c9-05-35-43-02-20-4d-80-63-52-c9-11-79-37-d0-cf-ec-ec-32-f6-c9-51-77-9a-50-a7-6c-06-c0-16-e3-dc-77-4d-69-1b-30-a5

So far all operations return OPTIGA_LIB_SUCCESS and I can see that I can read the same public key from the GP storage on each different run. The signature of the same hash with the same key changes every time tho. But I believe this is expected. When I try to do verification in the following ways it fails

`SE_STATUS` v3_verify(const uint8_t *pKeyData, uint16_t keyDataLen, const uint8_t *pHash, uint16_t hashLen, const uint8_t *pSignature, uint16_t signatureLen)
									
{
    optiga_key_id_t oid = OPTIGA_KEY_STORE_ID_E0F1;
    optiga_lib_status_t return_status = OPTIGA_LIB_ERROR;




    do
    {

        return_status = optiga_crypt_ecdsa_verify (pHash,
                                                   hashLen,
                                                   pSignature,
                                                   signatureLen,
				       	   // OPTIGA_CRYPT_OID_DATA stands for OID in the public_key_details
		                                   OPTIGA_CRYPT_OID_DATA,
                                                   &oid);

        if(return_status != OPTIGA_LIB_SUCCESS)
        {
			//Signature verification failed.
            printf("%02x\n",return_status);
            break;
        }

    } while(FALSE);

    return return_status;
}`

This returns Invalid OID error. If I provide the function the saved public key which is also stored inside the device.

`SE_STATUS` v3_verify_external(const uint8_t *pKeyData, uint16_t keyDataLen, const uint8_t *pHash, uint16_t hashLen, const uint8_t *pSignature, uint16_t signatureLen)
									
{
	public_key_from_host_t public_key_details = {
                                                 pKeyData,
                                                 keyDataLen,
		                                 OPTIGA_ECC_NIST_P_256
                                                };


    optiga_lib_status_t return_status = OPTIGA_LIB_ERROR;




    do
    {

        return_status = optiga_crypt_ecdsa_verify (pHash,
                                                   hashLen,
                                                   pSignature,
                                                   signatureLe
// OPTIGA_CRYPT_OID_DATA stands for OID in the public_key_details
					           OPTIGA_CRYPT_HOST_DATA,					
                                                   &public_key_details);

        if(return_status != OPTIGA_LIB_SUCCESS)
        {
			//Signature verification failed.
            printf("%d\n",return_status);
            break;
        }

    } while(FALSE);

    return return_status;
}`

This returns Invalid parameter in command data field. Is there any chance I am making a mistake when using these functions ?

Hi all,

The braces opened in the following line are not closed and cause hard-to-trace compiler errors when compiling for C++.

Hello *,

According to Figure 19, "power profile" in below link, I have following questions:

• Is "Power Limit" identical to the value given in Page 89, "Current limitation in mA" with a default of 6mA?
• Does "Low Power" equals the value of 6mA? Or is it a separate value?

https://github.com/Infineon/Assets/raw/master/PDFs/OPTIGA_Trust_X_SolutionReferenceManual_v1.35.pdf

Found inconsistent case file naming when building the code in Linux. Following is the changes I made to get it to build correctly. using branch tag v1.0.2

a. optiga/dtls/OCPConfig.c:34:41 
“optiga/dtls/DtlsRecordlayer.h” change to “optiga/dtls/DtlsRecordLayer.h”

b. optiga/dtls/DtlsFlightHandler.c:33:43 
“optiga/dtls/DtlsFlighthandler.h” change to “optiga/dtls/DtlsFlightHandler.h”

c. Rename  “optiga/include/optiga/dtls/DtlsFlighthandler.h” to DtlsFlightHandler.h

I'm using the chip to sign a digest (with optiga_crypt_ecdsa_sign from the the Crypt API) and need to verify the signature on the server side.

What is the length of the signature? In the mbedtls example you use 110, some places 70 or 80. In what format is the signature encoded?

I assumed it was DER, but when trying to decode it with ecdsa-python the procedure fails with "trailing junk after the signature"

dogusriddle asked here:

How to find out the public key that corresponds to the private key in slot 0xF0F0?

I am using optiga-trust-x with Nordic's NRF52840 microcontrolller and want to use optiga to perform AES encryption.
I searched your API but didn't find any straight way to perform AES. Does your API really support AES? If so can you explain how to use it?

Hello , I am trying to use the chip for secure data storage but writing to some OIDs directly doesn't

work as expected. I can write & read what I wrote to memory regions between F1D0- F1DF by

using optiga_util_write_data and optiga_util_read_data. Although the functions return

OPTIGA_LIB_SUCCESS , I cant seem to read what I wrote to OIDS F1E0, F1E2 and E0E8. I

believe I will have to set up the meta data for these regions before I can put my persistent data

there. The page under the wiki didn't really help me much . How can I set the OIDS so that I can

write & read to them and the data stays there until I overwrite and can be modified anytime ?

Hi @ayushev ,
I am trying to download all PKI hierarchy, as mentioned in the OPTIGATM Trust X Keys and Certificates/3.1 PKI hierarchy for Productive Certificates, to host uC but I couldn't find any info (no forum, no doc, no example) about it. The only example is provided in the nordicsemi nRF SDK as below:

    // Maximum size of the certificate
    #define CHAIN_SIZE 1728
    optiga_lib_status_t optiga_lib_status;

    // print internal certificate
    // This is a TLS certificate chain and not suitable for optiga_verify
    uint8_t  chain[CHAIN_SIZE] = {0};
    uint8_t  chain2[CHAIN_SIZE] = {0};
    uint8_t  chain3[CHAIN_SIZE] = {0};
    uint16_t chain_len = CHAIN_SIZE;

    NRF_LOG_INFO("Reading/Writing certificate");
    NRF_LOG_FLUSH();

    optiga_lib_status = optiga_util_read_data(eDEVICE_PUBKEY_CERT_IFX, 0, chain, &chain_len);
    DEMO_OPTIGA_ERROR_CHECK(optiga_lib_status);
    NRF_LOG_INFO("Certificate Chain [%d bytes]:", chain_len);
    pr_hex(chain, chain_len);

    optiga_lib_status = optiga_util_read_data(eDEVICE_PUBKEY_CERT_IFX, 0, chain2, &chain_len);
    DEMO_OPTIGA_ERROR_CHECK(optiga_lib_status);
    NRF_LOG_INFO("Certificate Chain 2 [%d bytes]:", chain_len);
    pr_hex(chain2, chain_len);

    optiga_lib_status = optiga_util_read_data(eDEVICE_PUBKEY_CERT_IFX, 0, chain3, &chain_len);
    DEMO_OPTIGA_ERROR_CHECK(optiga_lib_status);
    NRF_LOG_INFO("Certificate Chain 3 [%d bytes]:", chain_len);
    pr_hex(chain3, chain_len);

However, this code reads the same certificate into different variables, and that is all. (to be honest, I didn't understand the reason for that. I hoped the code downloads the certificate chain, but it doesn't)
So I appreciate if you can help me with that,
Best regards,
Vedat

Hi,
While compiling example in example_optiga_util_write_data.c i am getting a warning:

[...] examples/optiga/example_optiga_util_write_data.c:128:59: warning: array subscript 27 is aboce array bound of 'uint8_t[27]' {aka 'unsigned char[27]'} [-Warray-bounds]

It's referring to this file's line 120.

if ((coprocessor_uid[26] < 11) || (coprocessor_uid[27] < 18))

While coprocessor_uid is initialised as array of length 27 uint8_t coprocessor_uid[27];

is this a mistake or was it done with premeditation?

In the wiki link the API optiga_crypt_ecc_generate_keypair() doc show only 5 parameters but the example code shows 6. The 3rd parameter (just after the key usage) is missing in the doc.
below shows the example code.

    return_status = optiga_crypt_ecc_generate_keypair(OPTIGA_ECC_NIST_P_256,
                                                      (uint8_t)OPTIGA_KEY_USAGE_SIGN,
                                                      FALSE,
                                                      &optiga_key_id,
                                                      public_key,
                                                      &public_key_length);

Thanks. Is there anyway i can program my own firmware in OPTIGA? or change the existing one? I guess the functionality i am looking for cant be done securely without changing OPTIGA firmware.

Originally posted by @faboulous1 in #13 (comment)

We want to securely store some data on the chip, that can only be accessed after valid authentication. The authentication will be perfermed by OPTIGA internally. We are looking for following functionality all together:

1- Secure storage of data in OPTIGA

2- Secure the storage using some authentication mechanism such as a password

3- Log the wrong attempts of password, that after X wrong attempts, we erase the password and the data stored

4- The password shouldnt be able to read from chip and it can be modified after authentication

Is it possible to achieve the above mentioned functionality using existing APIs of OPTIGA X?

Or do we need to modify OPTIGA X firmware to achieve it?

Please advise.

Hi,
I was going through some code involving mbedTLS external library and i had a problem with multiple definition of mbedtls_hardware_poll() function.
I noticed there is a file enrtopy_optiga.c (with a typo in a name) and trustx_random.c both checking for MBEDTLS_ENTROPY_HARDWARE_ALT and defining mbedtls_hardware_poll() function.

Is that a bug?

Hi @ayushev ,
I tried the example here for optiga_crypt_tls_prf_sha256 as you suggested before. In this example, there is a check like

if ((coprocessor_uid[26] < 11) || (coprocessor_uid[27] < 18))  // ??
        {
        	/* This example can't work with this firmware, you need
        	 * to populate and use session OID instead
        	 */
        	return_status = OPTIGA_LIB_SUCCESS;
        	break;
        }

I couldn't understand that condition exactly. My test fails at that point. In the solution reference manual (v1.35) there is no information about those bytes. But the closest index (25) contains ESW build number (page 88).

My module has the following values in this array (coprocessor_uid)
idx | val
25 | 0x10
26 | 0x48
27 | 0x00

I appreciate if you have any suggestion.
Kind regards

optiga_key_id =  OPTIGA_KEY_STORE_ID_E0F0;
      
        return_status = optiga_crypt_ecc_generate_keypair(OPTIGA_ECC_NIST_P_256,
                                                          (uint8_t)OPTIGA_KEY_USAGE_SIGN,
                                                          FALSE,
			                                  &optiga_key_id,
                                                          public_key,
                                                          &public_key_length);

This slot always fails with the return code of 65536, the remaining 3 slots are working as expected. Do you know what can cause this behaviour ?

Is your feature request related to a problem? Please describe.

Popcorn Computer sells open hardware single board computers and handheld Linux devices.
Pocket P.C. is an open hardware Linux handheld that was successfully crowdfunded. Pocket P.C. is the process of finalizing product development and preparing for mass production. Pocket P.C. integrates an Optiga Trust X IC and we intend on shipping units with the cli-optiga-trust-x utilities and source code. We are preparing to upstream our board config to buildroot for Pocket P.C. as well as a package config for cli-optiga-trust-x and i2c-utilities-optiga-trust. We would be appreciative if Infineon added our device's pal file to the official optiga-trust-x repository. As you can see, we have been actively improving the cli-optiga-trust-x software and already have submitted a number of PRs. We intend on submitting more PRs in the future.

Describe the solution you'd like

Adding Popcorn Computer's Pocket P.C. i2c pal file to master.

In Arduino library code for OPTIGA Trust X (generatekeypair code) itself have to generate a private and public key but in program, it generates the key every 10seconds...
I didn't understand why it genearte key every 10seconds??

Hello,

I'm exploring and experimenting the use of the Optiga Trust-X on my custom device to do a MQTT over TLS connection with 1-way authentication for high-security risk systems to our cloud platform. We are using mbed-os (and the included mbedtls) for our rtos library.

The current implementation (used for low-security risk systems) are as follows:

1. Generate a RSA key-pair on the MCU.
2. Store the Public and Private Key in Flash Memory.
3. Use the Public Key to generate a Certificate Signing Request (CSR).
4. Send the CSR to the cloud platform, which would issue the device with a client certificate (using RESTful APIs).
5. Use the (i) private key, (ii) client certificate, (iii) CA certificate (obtain via REST) to establish a TLS connection to the mqtt cloud server.

I'm thinking of using the Trust-X to store the private/pub key and perhaps even generate it using ECDH on the Trust-X itself, after reading through the documentations. Problem is, I see that based on the comment in #12 (comment) , it seems I can't read out the private key that will be used to establish a TLS connection.

Thoughts on this application of trust-x?

Hi,

We're currently saving sensitive data into the Trust X chip and locking the slot, preventing read and write operations, but we have to change the data inside several already locked chips in the future. We read that the LCS state isn't reversible, but are there any operations that can be done so that we can re-access the data slots?

Thanks

Kindly reminder: The function has 5 parameters as documented, but 6 provided in the example below the function description.

https://github.com/Infineon/optiga-trust-x/wiki/Trust-X-Crypt-API#optiga_crypt_ecdsa_sign

I am trying to verify a signature using a certificate stored in the chip. I keep receiving INVALID_CERTIFICATE_FORMAT (0x29) device error although I tried both the IFX certificate and another certificate & key pair I wrote using the personalization scripts. In the solution reference manual it is mentioned that this code can also mean signature verification failure, but I use the following code snippet where the chip signs the digest itself, so that scenario is eliminated. Am I doing something wrong?

static uint8_t digest [] = {
    0x61, 0xC7, 0xDE, 0xF9, 0x0F, 0xD5, 0xCD, 0x7A, 
    0x8B, 0x7A, 0x36, 0x41, 0x04, 0xE0, 0x0D, 0x82, 
    0x38, 0x46, 0xBF, 0xB7, 0x70, 0xEE, 0xBF, 0x8F, 
    0x40, 0x25, 0x2E, 0x0A, 0x21, 0x42, 0xAF, 0x9C,
}; 

static uint8_t optigaSignature[72];
uint16_t optigaSignatureLen = sizeof(optigaSignature);
ret = optiga_crypt_ecdsa_sign(digest, sizeof(digest), OPTIGA_KEY_STORE_ID_E0F0, optigaSignature, &optigaSignatureLen);
if (ret != OPTIGA_LIB_SUCCESS)
{
    tr_error("optiga_crypt_ecdsa_sign failed with %x", (unsigned int)ret);
    return ret;
}
tr_debug("Generated signature length: %u", optigaSignatureLen);

eOID_d codesignCertificateOid = eDEVICE_PUBKEY_CERT_IFX;
ret = optiga_crypt_ecdsa_verify(digest, sizeof(digest), optigaSignature, optigaSignatureLen, OPTIGA_CRYPT_OID_DATA, &codesignCertificateOid);
if (ret != OPTIGA_LIB_SUCCESS)
{
    tr_error("optiga_crypt_ecdsa_verify failed with %x", (unsigned int)ret);
    return ret;
}
tr_debug("Success!");

And this is the output:

[1175ms][DBG ][optiga_trust_x_lib]: Generated signature length: 68
[1334ms][ERR ][optiga_trust_x_lib]: optiga_crypt_ecdsa_verify failed with 80010029

How can we rely on Trust X to simply encrypt / decrypt data on chip? What I expect is the ability to create a symmetric key there on chip and retrieve a 'optiga_key_id_t' reference relatively, so I can use this symmetric key to provide maximum protection by doing encryption before storing the data on the main SoC flash storage.

Hi,
When I2C write fails, its sets the status to PAL_STATUS_I2C_BUSY, should it not be set to PAL_STATUS_FAILURE?