Module for application-level commands for Infineon OPTIGA Trust E. More...
Functions |
|
| uint16_t | optiga_open_application (void) |
|
Initialize the Infineon OPTIGA Trust E device and host library.
More...
|
|
| uint16_t | optiga_get_random (uint16_t length, uint8_t *p_random) |
|
Get a random number.
More...
|
|
| uint16_t | optiga_read_certificate (uint8_t **pp_cert, uint32_t *p_length) |
|
Get the Infineon OPTIGA Trust E device certificate.
More...
|
|
| uint16_t | optiga_set_auth_scheme (void) |
|
Set the authentication scheme.
More...
|
|
| uint16_t | optiga_sign (uint8_t *p_message, uint16_t message_length, uint8_t **pp_signature, uint32_t *p_signature_len) |
|
Sign a message using the OPTIGA device.
More...
|
|
Detailed Description
Module for application-level commands for Infineon OPTIGA Trust E.
Function Documentation
| uint16_t optiga_get_random | ( | uint16_t | length , |
| uint8_t * | p_random | ||
| ) |
Get a random number.
The function retrieves a cryptographic-quality random number from the OPTIGA device. This function can be used as entropy source for various security schemes.
- Parameters
-
[in] length Length of the random number (range 8 to 256). [out] p_random Buffer to store the data.
- Return values
-
IFX_I2C_STACK_SUCCESS If function was successful. IFX_I2C_STACK_ERROR If the operation failed.
| uint16_t optiga_open_application | ( | void | ) |
Initialize the Infineon OPTIGA Trust E device and host library.
This function initializes the Infineon OPTIGA Trust E command library and sends the 'open application' command to the device.
- Return values
-
IFX_I2C_STACK_SUCCESS If function was successful. IFX_I2C_STACK_ERROR If the operation failed.
| uint16_t optiga_read_certificate | ( | uint8_t ** | pp_cert , |
| uint32_t * | p_length | ||
| ) |
Get the Infineon OPTIGA Trust E device certificate.
The function retrieves the public X.509 certificate stored in the Infineon OPTIGA Trust E device. This certificate and the contained public key can be used to verify a signature from the device. In addition, the receiver of the certificate can verify the chain of trust by validating the issuer of the certificate and the issuer's signature on it.
- Parameters
-
[out] pp_cert Pointer to the buffer that will contain the output. [out] p_length Pointer to the variable that will contain the length.
- Return values
-
IFX_I2C_STACK_SUCCESS If function was successful. IFX_I2C_STACK_ERROR If the operation failed.
| uint16_t optiga_set_auth_scheme | ( | void | ) |
Set the authentication scheme.
This function sets the authentication scheme for the OPTIGA device. Currently only the ECDSA with the elliptic curve SECP256R1 and hash algorithm SHA256 is supported.
- Attention
- This function must be called once before calling optiga_sign
- Return values
-
IFX_I2C_STACK_SUCCESS If function was successful. IFX_I2C_STACK_ERROR If the operation failed.
| uint16_t optiga_sign | ( | uint8_t * | p_message , |
| uint16_t | message_length , | ||
| uint8_t ** | pp_signature , | ||
| uint32_t * | p_signature_len | ||
| ) |
Sign a message using the OPTIGA device.
The function creates a signature using the scheme selected with optiga_set_auth_scheme . This function can be used to implement device or brand authentication schemes in applications.
- Parameters
-
[in] p_message Pointer to the buffer containing the message to be signed. [in] message_length Length of the message. [out] pp_signature Pointer to the buffer that will contain the signature. [out] p_signature_len Pointer to the variable which will contain the signature length.
- Return values
-
IFX_I2C_STACK_SUCCESS If function was successful. IFX_I2C_STACK_ERROR If the operation failed.