optiga_cmd.c File Reference

This file implements cmd modules which covers OPTIGA command formation, locking mechanism, session acquisition and asynchronous data handling. More...

#include "optiga_cmd.h"
#include "optiga_lib_common_internal.h"
#include "optiga_lib_logger.h"
#include "optiga_comms.h"
#include "pal_os_event.h"
#include "pal_os_lock.h"
#include "pal_os_timer.h"
#include "pal_os_memory.h"
#include "pal_ifx_i2c_config.h"

Include dependency graph for optiga_cmd.c:

Classes
struct	optiga_cmd_queue_slot
	The structure represents the slot in the execution queue. More...
struct	optiga_context
	OPTIGA Context which holds the communication buffer, comms instance and other required. This would be maintained and consumed by OPTIGA Cmd. More...
struct	optiga_cmd
	Command context. More...

Macros
#define	OFFSET   (0x0000)
#define	BYTES_TO_READ   (0x0001)
#define	GET_DATA_OBJECT_CMD   (0x01)
#define	PARAM   (0x00)
#define	PUBLIC_KEY_HOST   ((public_key_from_host_t *)(p_optiga_encrypt_asym->key))
#define	OPTIGA_CMD_CLEAR_LAST_ERROR   (0x80)
#define	OPTIGA_CMD_OPEN_APPLICATION   (0x70 | OPTIGA_CMD_CLEAR_LAST_ERROR)
#define	OPTIGA_CMD_CLOSE_APPLICATION   (0x71 | OPTIGA_CMD_CLEAR_LAST_ERROR)
#define	OPTIGA_CMD_GET_DATA_OBJECT   (0x01 | OPTIGA_CMD_CLEAR_LAST_ERROR)
#define	OPTIGA_CMD_SET_DATA_OBJECT   (0x02 | OPTIGA_CMD_CLEAR_LAST_ERROR)
#define	OPTIGA_CMD_GET_RANDOM   (0x0C | OPTIGA_CMD_CLEAR_LAST_ERROR)
#define	OPTIGA_CMD_CALC_HASH   (0x30 | OPTIGA_CMD_CLEAR_LAST_ERROR)
#define	OPTIGA_CMD_CALC_SIGN   (0x31 | OPTIGA_CMD_CLEAR_LAST_ERROR)
#define	OPTIGA_CMD_VERIFY_SIGN   (0x32 | OPTIGA_CMD_CLEAR_LAST_ERROR)
#define	OPTIGA_CMD_CALC_SSEC   (0x33 | OPTIGA_CMD_CLEAR_LAST_ERROR)
#define	OPTIGA_CMD_DERIVE_KEY   (0x34 | OPTIGA_CMD_CLEAR_LAST_ERROR)
#define	OPTIGA_CMD_GEN_KEYPAIR   (0x38 | OPTIGA_CMD_CLEAR_LAST_ERROR)
#define	OPTIGA_CMD_ENCRYPT_ASYM   (0x1E | OPTIGA_CMD_CLEAR_LAST_ERROR)
#define	OPTIGA_CMD_DECRYPT_ASYM   (0x1F | OPTIGA_CMD_CLEAR_LAST_ERROR)
#define	OPTIGA_CMD_SET_OBJECT_PROTECTED   (0x03 | OPTIGA_CMD_CLEAR_LAST_ERROR)
#define	OPTIGA_CMD_MAX_NUMBER_OF_SESSIONS   (0x04)
#define	OPTIGA_CMD_START_SESSION_OID   (0xE100)
#define	OPTIGA_CMD_TOTAL_COMMS_BUFFER_SIZE   (OPTIGA_MAX_COMMS_BUFFER_SIZE + OPTIGA_COMMS_PRL_OVERHEAD)
#define	OPTIGA_CMD_APDU_HEADER_SIZE   (0x04)
#define	OPTIGA_CMD_LAST_ERROR_CODE   (0xF1C2)
#define	OPTIGA_CMD_APDU_INDATA_OFFSET   (OPTIGA_CMD_APDU_HEADER_SIZE + OPTIGA_COMMS_DATA_OFFSET)
#define	OPTIGA_CMD_HASH_HEADER_SIZE   (0x06)
#define	OPTIGA_CMD_INTERMEDIATE_CONTEX_HEADER   (0x03)
#define	OPTIGA_CMD_ZERO_LENGTH_OR_VALUE   (0x0000)
#define	OPTIGA_CMD_OID_DATA_LENGTH   (0x0006)
#define	OPTIGA_CMD_NO_OF_BYTES_IN_TAG   (0x01)
#define	OPTIGA_CMD_UINT16_SIZE_IN_BYTES   (0x02)
#define	START_OPTIGA_COMMS_CLOSE   (0x02)
#define	OPTIGA_CMD_APDU_SUCCESS   (0x00)
#define	OPTIGA_CMD_APDU_FAILURE   (0xFF)
#define	CMD_WRITE_ONLY   (0x00)
#define	CMD_READ_DATA   (0x00)
#define	CMD_GET_DATA_OBJECT_NO_ERROR_CLEAR   (0x01)
#define	CMD_SIGN_DIGEST_TAG   (0x01)
#define	CMD_SIGN_OID_TAG   (0x03)
#define	CMD_SIGN_OID_LEN   (0x0002)
#define	CMD_SSEC_PRIVATE_KEY_TAG   (0x01)
#define	CMD_SSEC_PRIVATE_KEY_LEN   (0x0002)
#define	CMD_SSEC_ALG_ID_TAG   (0x05)
#define	CMD_SSEC_ALG_ID_LEN   (0x01)
#define	CMD_SSEC_PUB_KEY_TAG   (0x06)
#define	CMD_SSEC_EXPORT_TAG   (0x07)
#define	CMD_SSEC_EXPORT_LEN   (0x0000)
#define	CMD_SSEC_STORE_SESSION_TAG   (0x08)
#define	CMD_SSEC_STORE_SESSION_LEN   (0x0002)
#define	CMD_VERIFY_SIGN_DIGEST_TAG   (0x01)
#define	CMD_VERIFY_SIGN_SIGNATURE_TAG   (0x02)
#define	CMD_VERIFY_SIGN_PUB_KEY_CERT_OID_TAG   (0x04)
#define	CMD_VERIFY_SIGN_PUB_KEY_CERT_OID_LENGTH   (0x0002)
#define	CMD_VERIFY_ALGO_ID_TAG   (0x05)
#define	CMD_VERIFY_ALGO_ID_LENGTH   (0x0001)
#define	CMD_VERIFY_PUBLIC_KEY_TAG   (0x06)
#define	CMD_GEN_KEY_PAIR_PRIVATE_KEY_OID_TAG   (0x01)
#define	CMD_GEN_KEY_PAIR_PRIVATE_KEY_OID_LENGTH   (0x0002)
#define	CMD_GEN_KEY_PAIR_KEY_USAGE_TAG   (0x02)
#define	CMD_GEN_KEY_PAIR_KEY_USAGE_LENGTH   (0x0001)
#define	CMD_GEN_KEY_PAIR_EXPORT_KEY_TAG   (0x07)
#define	CMD_GEN_KEY_PAIR_EXPORT_KEY_LENGTH   (0x0000)
#define	CMD_GEN_KEY_PAIR_PUBLIC_KEY_TAG   (0x02)
#define	CMD_GEN_KEY_PAIR_PRIVATE_KEY_TAG   (0x01)
#define	CMD_DERIVE_KEY_SEC_OID_TAG   (0x01)
#define	CMD_DERIVE_KEY_SEC_OID_TAG_LENGTH   (0x0002)
#define	CMD_DERIVE_KEY_DERIVATION_DATA_TAG   (0x02)
#define	CMD_DERIVE_KEY_KEY_LEN_TAG_LENGTH   (0x0002)
#define	CMD_DERIVE_KEY_KEY_LEN_TAG   (0x03)
#define	CMD_DERIVE_KEY_EXPORT_TAG   (0x07)
#define	CMD_DERIVE_KEY_STORE_TAG   (0x08)
#define	CMD_DERIVE_KEY_STORE_TAG_LENGTH   (0x0002)
#define	CMD_DERIVE_KEY_DERIVE_KEY_LEN_MIN   (0x10)
#define	CMD_ENCRYPT_ASYM_SESSION_OID_TAG   (0x02)
#define	CMD_ENCRYPT_ASYM_SESSION_OID_LENGTH   (0x0002)
#define	CMD_ENCRYPT_ASYM_MESSAGE_TAG   (0x61)
#define	CMD_ENCRYPT_ASYM_PUB_KEY_CERT_OID_TAG   (0x04)
#define	CMD_ENCRYPT_ASYM_PUB_KEY_CERT_OID_LENGTH   (0x0002)
#define	CMD_ENCRYPT_ASYM_ALGO_ID_TAG   (0x05)
#define	CMD_ENCRYPT_ASYM_ALGO_ID_LENGTH   (0x0001)
#define	CMD_ENCRYPT_ASYM_PUBLIC_KEY_TAG   (0x06)
#define	CMD_DECRYPT_ASYM_ENCRYPT_MESSAGE_TAG   (0x61)
#define	CMD_DECRYPT_ASYM_DECRYPT_KEY_TAG   (0x03)
#define	CMD_DECRYPT_ASYM_DECRYPT_KEY_LENGTH   (0x0002)
#define	CMD_DECRYPT_ASYM_SESSION_OID_TAG   (0x02)
#define	CMD_DECRYPT_ASYM_SESSION_OID_LENGTH   (0x0002)
#define	OPTIGA_PROTECTION_LEVEL_MASK   (0x03)
#define	OPTIGA_CMD_ERROR_CODE_PREPARE   (0x01)
#define	OPTIGA_CMD_ERROR_CODE_TX   (0x02)
#define	OPTIGA_CMD_ERROR_CODE_RX   (0x03)
#define	OPTIGA_CMD_ERROR_CODE_STATE_MASK   (0x03)
#define	OPTIGA_CMD_ENTER_HANDLER_CALL_MASK   (0x80)
#define	OPTIGA_CMD_ENTER_HANDLER_CALL   (0x80)
#define	OPTIGA_CMD_EXIT_HANDLER_CALL   (0x00)
#define	OPTIGA_CMD_OUT_OF_BOUNDARY_ERROR   (0x08)
#define	CMD_RSA_PRE_MASTER_OPTIONAL_DATA_TAG   (0x41)
#define	CMD_RANDOM_PARAM_TYPE_PRE_MASTER_SECRET   (0x04)
	Param type for optiga pre master secret. More...
#define	CMD_SET_OBJECT_PROTECTED_TAG   (0x30)
	Set object protected tag. More...
#define	OPTIGA_CMD_APDU_TL_LENGTH   (0x03)
#define	OPTIGA_CMD_PARAM_INITIALIZE_APP_CONTEXT   (0x00)
#define	SET_DEV_ERROR_HANDLER_STATE(state)
#define	SET_DEV_ERROR_NOTIFICATION(bits_value)
#define	EXIT_STATE_WITH_ERROR(ctx, exit_machine)
#define	OPTIGA_CMD_QUEUE_NOT_ASSIGNED   (0x00)
#define	OPTIGA_CMD_QUEUE_ASSIGNED   (0x01)
#define	OPTIGA_CMD_QUEUE_REQUEST   (0x02)
#define	OPTIGA_CMD_QUEUE_PROCESSING   (0x04)
#define	OPTIGA_CMD_QUEUE_RESUME   (0x08)
#define	OPTIGA_CMD_SESSION_NOT_ASSIGNED   (0x00)
#define	OPTIGA_CMD_SESSION_ASSIGNED   (0x10)
#define	OPTIGA_CMD_NO_SESSION_OID   (0x0000)
#define	OPTIGA_CMD_ALL_SESSION_ASSIGNED   (0x10101010)
#define	OPTIGA_CMD_QUEUE_REQUEST_LOCK   (0x21)
#define	OPTIGA_CMD_QUEUE_REQUEST_STRICT_LOCK   (0x23)
#define	OPTIGA_CMD_QUEUE_REQUEST_SESSION   (0x22)
#define	OPTIGA_CMD_QUEUE_NO_REQUEST   (0x00)
#define	OPTIGA_CMD_QUEUE_SLOT_STATE   (0x09)
#define	OPTIGA_CMD_QUEUE_SLOT_LOCK_TYPE   (0x08)
#define	OPTIGA_CMD_SCHEDULER_IDLING_TIME_MS   (1000U)
#define	OPTIGA_CMD_SCHEDULER_RUNNING_TIME_MS   (50U)
enum	optiga_cmd_state {   OPTIGA_CMD_EXEC_COMMS_OPEN = 0, OPTIGA_CMD_EXEC_COMMS_OPEN_START, OPTIGA_CMD_EXEC_COMMS_OPEN_DONE, OPTIGA_CMD_EXEC_COMMS_CLOSE_START,   OPTIGA_CMD_EXEC_COMMS_CLOSE_DONE, OPTIGA_CMD_EXEC_REQUEST_SESSION, OPTIGA_CMD_EXEC_REQUEST_LOCK, OPTIGA_CMD_EXEC_REQUEST_STRICT_LOCK,   OPTIGA_CMD_EXEC_PREPARE_COMMAND, OPTIGA_CMD_EXEC_PROCESS_RESPONSE, OPTIGA_CMD_EXEC_GET_DEVICE_ERROR, OPTIGA_CMD_EXEC_RELEASE_LOCK,   OPTIGA_CMD_STATE_EXIT }
	The enum represents diffrent state of command handler. More...
typedef enum optiga_cmd_state	optiga_cmd_state_t
	The enum represents diffrent state of command handler. More...
typedef optiga_lib_status_t(*	optiga_cmd_handler_t) (optiga_cmd_t *me)
typedef struct optiga_cmd_queue_slot	optiga_cmd_queue_slot_t
	The structure represents the slot in the execution queue. More...
_STATIC_H optiga_context_t	g_optiga = {0}
_STATIC_H optiga_context_t *	g_optiga_list [] = {&g_optiga}
_STATIC_H uint16_t	g_hibernate_datastore_id_list [] = {OPTIGA_HIBERNATE_CONTEXT_ID}
const uint8_t	g_optiga_unique_application_identifier []
_STATIC_H optiga_lib_status_t	optiga_cmd_get_error_code_handler (optiga_cmd_t *me)
void	optiga_cmd_set_shielded_connection_option (optiga_cmd_t *me, uint8_t value, uint8_t shielded_connection_option)
_STATIC_H void	optiga_cmd_execute (optiga_cmd_t *me, uint8_t cmd_param, optiga_cmd_handler_t cmd_hdlrs, optiga_cmd_state_t start_state, void *input)
_STATIC_H void	optiga_cmd_execute_handler (void *p_ctx, optiga_lib_status_t event)
_STATIC_H void	optiga_cmd_prepare_apdu_header (uint8_t cmd, uint8_t param, uint16_t in_data_length, uint8_t *p_apdu_buffer)
_STATIC_H void	optiga_cmd_prepare_tag_header (uint8_t tag, uint16_t tag_length, uint8_t *buffer, uint16_t *position)
_STATIC_H void	optiga_cmd_event_trigger_execute (void *p_ctx)
_STATIC_H bool_t	optiga_cmd_session_available (const optiga_context_t *p_optiga)
_STATIC_H void	optiga_cmd_session_assign (optiga_cmd_t *me)
_STATIC_H void	optiga_cmd_session_free (optiga_cmd_t *me)
_STATIC_H uint8_t	optiga_cmd_queue_get_state_of (const optiga_cmd_t *me, uint8_t slot_member)
_STATIC_H uint8_t	optiga_cmd_queue_get_count_of (const optiga_context_t *p_optiga, uint8_t slot_member, uint8_t state_to_check)
_STATIC_H void	optiga_cmd_queue_assign_slot (const optiga_cmd_t *me, uint8_t *queue_index_store)
_STATIC_H void	optiga_cmd_queue_deassign_slot (optiga_cmd_t *me)
_STATIC_H void	optiga_cmd_queue_scheduler (void *p_optiga)
_STATIC_H void	optiga_cmd_queue_update_slot (optiga_cmd_t *me, uint8_t request_type)
_STATIC_H void	optiga_cmd_queue_reset_slot (const optiga_cmd_t *me)
optiga_lib_status_t	optiga_cmd_request_session (optiga_cmd_t *me)
optiga_lib_status_t	optiga_cmd_release_session (optiga_cmd_t *me)
optiga_lib_status_t	optiga_cmd_request_lock (optiga_cmd_t *me, uint8_t lock_type)
optiga_lib_status_t	optiga_cmd_release_lock (const optiga_cmd_t *me)
	Releases the OPTIGA cmd lock. More...
_STATIC_H optiga_lib_status_t	optiga_cmd_restore_context (const optiga_cmd_t *me)
_STATIC_H optiga_lib_status_t	optiga_cmd_store_context (const optiga_cmd_t *me)
optiga_cmd_t *	optiga_cmd_create (uint8_t optiga_instance_id, callback_handler_t handler, void *caller_context)
	Creates an instance of optiga_cmd_t. More...
optiga_lib_status_t	optiga_cmd_destroy (optiga_cmd_t *me)
	Destroys the instance of optiga_cmd_t. More...
_STATIC_H optiga_lib_status_t	optiga_cmd_open_application_handler (optiga_cmd_t *me)
optiga_lib_status_t	optiga_cmd_open_application (optiga_cmd_t *me, uint8_t cmd_param, void *params)
	Opens the OPTIGA Application. More...
_STATIC_H optiga_lib_status_t	optiga_cmd_close_application_handler (optiga_cmd_t *me)
optiga_lib_status_t	optiga_cmd_close_application (optiga_cmd_t *me, uint8_t cmd_param, void *params)
	Closes the OPTIGA Application. More...
_STATIC_H optiga_lib_status_t	optiga_cmd_get_data_object_handler (optiga_cmd_t *me)
optiga_lib_status_t	optiga_cmd_get_data_object (optiga_cmd_t *me, uint8_t cmd_param, optiga_get_data_object_params_t *params)
	Reads data or metadata of the specified data object. More...
_STATIC_H optiga_lib_status_t	optiga_cmd_set_data_object_handler (optiga_cmd_t *me)
optiga_lib_status_t	optiga_cmd_set_data_object (optiga_cmd_t *me, uint8_t cmd_param, optiga_set_data_object_params_t *params)
	Writes data or metadata to the specified data object. More...
_STATIC_H optiga_lib_status_t	optiga_cmd_get_random_handler (optiga_cmd_t *me)
optiga_lib_status_t	optiga_cmd_get_random (optiga_cmd_t *me, uint8_t cmd_param, optiga_get_random_params_t *params)
	Generates random data or pre-master secret for RSA key exchange. More...
_STATIC_H optiga_lib_status_t	optiga_cmd_calc_sign_handler (optiga_cmd_t *me)
optiga_lib_status_t	optiga_cmd_calc_sign (optiga_cmd_t *me, uint8_t cmd_param, optiga_calc_sign_params_t *params)
	Calculate signature on digest. More...
_STATIC_H optiga_lib_status_t	optiga_cmd_verify_sign_handler (optiga_cmd_t *me)
optiga_lib_status_t	optiga_cmd_verify_sign (optiga_cmd_t *me, uint8_t cmd_param, optiga_verify_sign_params_t *params)
	Verifies the signature over the given digest. More...
_STATIC_H optiga_lib_status_t	optiga_cmd_calc_ssec_handler (optiga_cmd_t *me)
optiga_lib_status_t	optiga_cmd_calc_ssec (optiga_cmd_t *me, uint8_t cmd_param, optiga_calc_ssec_params_t *params)
	Calculates shared secret. More...
_STATIC_H optiga_lib_status_t	optiga_cmd_derive_key_handler (optiga_cmd_t *me)
optiga_lib_status_t	optiga_cmd_derive_key (optiga_cmd_t *me, uint8_t cmd_param, optiga_derive_key_params_t *params)
	Derives a key. More...
_STATIC_H optiga_lib_status_t	optiga_cmd_gen_keypair_handler (optiga_cmd_t *me)
optiga_lib_status_t	optiga_cmd_gen_keypair (optiga_cmd_t *me, uint8_t cmd_param, optiga_gen_keypair_params_t *params)
	Generates ECC or RSA key-pair. More...
_STATIC_H optiga_lib_status_t	optiga_cmd_encrypt_asym_handler (optiga_cmd_t *me)
optiga_lib_status_t	optiga_cmd_encrypt_asym (optiga_cmd_t *me, uint8_t cmd_param, optiga_encrypt_asym_params_t *params)
	Encrypt data using RSA public key. More...
_STATIC_H optiga_lib_status_t	optiga_cmd_decrypt_asym_handler (optiga_cmd_t *me)
optiga_lib_status_t	optiga_cmd_decrypt_asym (optiga_cmd_t *me, uint8_t cmd_param, optiga_decrypt_asym_params_t *params)
	Decrypts data using OPTIGA RSA private key. More...
_STATIC_H optiga_lib_status_t	optiga_cmd_calc_hash_handler (optiga_cmd_t *me)
optiga_lib_status_t	optiga_cmd_calc_hash (optiga_cmd_t *me, uint8_t cmd_param, optiga_calc_hash_params_t *params)
	Generates hash on external data or data in OID. More...
_STATIC_H optiga_lib_status_t	optiga_cmd_set_object_protected_handler (optiga_cmd_t *me)
optiga_lib_status_t	optiga_cmd_set_object_protected (optiga_cmd_t *me, uint8_t cmd_param, optiga_set_object_protected_params_t *params)
	Writes protected object fragments to OPTIGA. More...

Detailed Description

This file implements cmd modules which covers OPTIGA command formation, locking mechanism, session acquisition and asynchronous data handling.

Copyright

MIT License

Copyright (c) 2019 Infineon Technologies AG

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE

\endcopyright

Author

Infineon Technologies AG

Macro Definition Documentation

BYTES_TO_READ

#define BYTES_TO_READ   (0x0001)

CMD_DECRYPT_ASYM_DECRYPT_KEY_LENGTH

#define CMD_DECRYPT_ASYM_DECRYPT_KEY_LENGTH   (0x0002)

CMD_DECRYPT_ASYM_DECRYPT_KEY_TAG

#define CMD_DECRYPT_ASYM_DECRYPT_KEY_TAG   (0x03)

CMD_DECRYPT_ASYM_ENCRYPT_MESSAGE_TAG

#define CMD_DECRYPT_ASYM_ENCRYPT_MESSAGE_TAG   (0x61)

CMD_DECRYPT_ASYM_SESSION_OID_LENGTH

#define CMD_DECRYPT_ASYM_SESSION_OID_LENGTH   (0x0002)

CMD_DECRYPT_ASYM_SESSION_OID_TAG

#define CMD_DECRYPT_ASYM_SESSION_OID_TAG   (0x02)

CMD_DERIVE_KEY_DERIVATION_DATA_TAG

#define CMD_DERIVE_KEY_DERIVATION_DATA_TAG   (0x02)

CMD_DERIVE_KEY_DERIVE_KEY_LEN_MIN

#define CMD_DERIVE_KEY_DERIVE_KEY_LEN_MIN   (0x10)

CMD_DERIVE_KEY_EXPORT_TAG

#define CMD_DERIVE_KEY_EXPORT_TAG   (0x07)

CMD_DERIVE_KEY_KEY_LEN_TAG

#define CMD_DERIVE_KEY_KEY_LEN_TAG   (0x03)

CMD_DERIVE_KEY_KEY_LEN_TAG_LENGTH

#define CMD_DERIVE_KEY_KEY_LEN_TAG_LENGTH   (0x0002)

CMD_DERIVE_KEY_SEC_OID_TAG

#define CMD_DERIVE_KEY_SEC_OID_TAG   (0x01)

CMD_DERIVE_KEY_SEC_OID_TAG_LENGTH

#define CMD_DERIVE_KEY_SEC_OID_TAG_LENGTH   (0x0002)

CMD_DERIVE_KEY_STORE_TAG

#define CMD_DERIVE_KEY_STORE_TAG   (0x08)

CMD_DERIVE_KEY_STORE_TAG_LENGTH

#define CMD_DERIVE_KEY_STORE_TAG_LENGTH   (0x0002)

CMD_ENCRYPT_ASYM_ALGO_ID_LENGTH

#define CMD_ENCRYPT_ASYM_ALGO_ID_LENGTH   (0x0001)

CMD_ENCRYPT_ASYM_ALGO_ID_TAG

#define CMD_ENCRYPT_ASYM_ALGO_ID_TAG   (0x05)

CMD_ENCRYPT_ASYM_MESSAGE_TAG

#define CMD_ENCRYPT_ASYM_MESSAGE_TAG   (0x61)

CMD_ENCRYPT_ASYM_PUB_KEY_CERT_OID_LENGTH

#define CMD_ENCRYPT_ASYM_PUB_KEY_CERT_OID_LENGTH   (0x0002)

CMD_ENCRYPT_ASYM_PUB_KEY_CERT_OID_TAG

#define CMD_ENCRYPT_ASYM_PUB_KEY_CERT_OID_TAG   (0x04)

CMD_ENCRYPT_ASYM_PUBLIC_KEY_TAG

#define CMD_ENCRYPT_ASYM_PUBLIC_KEY_TAG   (0x06)

CMD_ENCRYPT_ASYM_SESSION_OID_LENGTH

#define CMD_ENCRYPT_ASYM_SESSION_OID_LENGTH   (0x0002)

CMD_ENCRYPT_ASYM_SESSION_OID_TAG

#define CMD_ENCRYPT_ASYM_SESSION_OID_TAG   (0x02)

CMD_GEN_KEY_PAIR_EXPORT_KEY_LENGTH

#define CMD_GEN_KEY_PAIR_EXPORT_KEY_LENGTH   (0x0000)

CMD_GEN_KEY_PAIR_EXPORT_KEY_TAG

#define CMD_GEN_KEY_PAIR_EXPORT_KEY_TAG   (0x07)

CMD_GEN_KEY_PAIR_KEY_USAGE_LENGTH

#define CMD_GEN_KEY_PAIR_KEY_USAGE_LENGTH   (0x0001)

CMD_GEN_KEY_PAIR_KEY_USAGE_TAG

#define CMD_GEN_KEY_PAIR_KEY_USAGE_TAG   (0x02)

CMD_GEN_KEY_PAIR_PRIVATE_KEY_OID_LENGTH

#define CMD_GEN_KEY_PAIR_PRIVATE_KEY_OID_LENGTH   (0x0002)

CMD_GEN_KEY_PAIR_PRIVATE_KEY_OID_TAG

#define CMD_GEN_KEY_PAIR_PRIVATE_KEY_OID_TAG   (0x01)

CMD_GEN_KEY_PAIR_PRIVATE_KEY_TAG

#define CMD_GEN_KEY_PAIR_PRIVATE_KEY_TAG   (0x01)

CMD_GEN_KEY_PAIR_PUBLIC_KEY_TAG

#define CMD_GEN_KEY_PAIR_PUBLIC_KEY_TAG   (0x02)

CMD_GET_DATA_OBJECT_NO_ERROR_CLEAR

#define CMD_GET_DATA_OBJECT_NO_ERROR_CLEAR   (0x01)

CMD_RANDOM_PARAM_TYPE_PRE_MASTER_SECRET

#define CMD_RANDOM_PARAM_TYPE_PRE_MASTER_SECRET   (0x04)

Param type for optiga pre master secret.

CMD_READ_DATA

#define CMD_READ_DATA   (0x00)

CMD_RSA_PRE_MASTER_OPTIONAL_DATA_TAG

#define CMD_RSA_PRE_MASTER_OPTIONAL_DATA_TAG   (0x41)

CMD_SET_OBJECT_PROTECTED_TAG

#define CMD_SET_OBJECT_PROTECTED_TAG   (0x30)

Set object protected tag.

CMD_SIGN_DIGEST_TAG

#define CMD_SIGN_DIGEST_TAG   (0x01)

CMD_SIGN_OID_LEN

#define CMD_SIGN_OID_LEN   (0x0002)

CMD_SIGN_OID_TAG

#define CMD_SIGN_OID_TAG   (0x03)

CMD_SSEC_ALG_ID_LEN

#define CMD_SSEC_ALG_ID_LEN   (0x01)

CMD_SSEC_ALG_ID_TAG

#define CMD_SSEC_ALG_ID_TAG   (0x05)

CMD_SSEC_EXPORT_LEN

#define CMD_SSEC_EXPORT_LEN   (0x0000)

CMD_SSEC_EXPORT_TAG

#define CMD_SSEC_EXPORT_TAG   (0x07)

CMD_SSEC_PRIVATE_KEY_LEN

#define CMD_SSEC_PRIVATE_KEY_LEN   (0x0002)

CMD_SSEC_PRIVATE_KEY_TAG

#define CMD_SSEC_PRIVATE_KEY_TAG   (0x01)

CMD_SSEC_PUB_KEY_TAG

#define CMD_SSEC_PUB_KEY_TAG   (0x06)

CMD_SSEC_STORE_SESSION_LEN

#define CMD_SSEC_STORE_SESSION_LEN   (0x0002)

CMD_SSEC_STORE_SESSION_TAG

#define CMD_SSEC_STORE_SESSION_TAG   (0x08)

CMD_VERIFY_ALGO_ID_LENGTH

#define CMD_VERIFY_ALGO_ID_LENGTH   (0x0001)

CMD_VERIFY_ALGO_ID_TAG

#define CMD_VERIFY_ALGO_ID_TAG   (0x05)

CMD_VERIFY_PUBLIC_KEY_TAG

#define CMD_VERIFY_PUBLIC_KEY_TAG   (0x06)

CMD_VERIFY_SIGN_DIGEST_TAG

#define CMD_VERIFY_SIGN_DIGEST_TAG   (0x01)

CMD_VERIFY_SIGN_PUB_KEY_CERT_OID_LENGTH

#define CMD_VERIFY_SIGN_PUB_KEY_CERT_OID_LENGTH   (0x0002)

CMD_VERIFY_SIGN_PUB_KEY_CERT_OID_TAG

#define CMD_VERIFY_SIGN_PUB_KEY_CERT_OID_TAG   (0x04)

CMD_VERIFY_SIGN_SIGNATURE_TAG

#define CMD_VERIFY_SIGN_SIGNATURE_TAG   (0x02)

CMD_WRITE_ONLY

#define CMD_WRITE_ONLY   (0x00)

EXIT_STATE_WITH_ERROR

#define EXIT_STATE_WITH_ERROR	(		ctx,
			exit_machine
	)

Value:

{\
                              ctx->cmd_next_execution_state = OPTIGA_CMD_EXEC_RELEASE_LOCK;\
                              ctx->exit_status = OPTIGA_CMD_ERROR;\
                              exit_machine = FALSE;}

GET_DATA_OBJECT_CMD

#define GET_DATA_OBJECT_CMD   (0x01)

OFFSET

#define OFFSET   (0x0000)

OPTIGA_CMD_ALL_SESSION_ASSIGNED

#define OPTIGA_CMD_ALL_SESSION_ASSIGNED   (0x10101010)

OPTIGA_CMD_APDU_FAILURE

#define OPTIGA_CMD_APDU_FAILURE   (0xFF)

OPTIGA_CMD_APDU_HEADER_SIZE

#define OPTIGA_CMD_APDU_HEADER_SIZE   (0x04)

OPTIGA_CMD_APDU_INDATA_OFFSET

#define OPTIGA_CMD_APDU_INDATA_OFFSET   (OPTIGA_CMD_APDU_HEADER_SIZE + OPTIGA_COMMS_DATA_OFFSET)

OPTIGA_CMD_APDU_SUCCESS

#define OPTIGA_CMD_APDU_SUCCESS   (0x00)

OPTIGA_CMD_APDU_TL_LENGTH

#define OPTIGA_CMD_APDU_TL_LENGTH   (0x03)

OPTIGA_CMD_CALC_HASH

#define OPTIGA_CMD_CALC_HASH   (0x30 | OPTIGA_CMD_CLEAR_LAST_ERROR)

OPTIGA_CMD_CALC_SIGN

#define OPTIGA_CMD_CALC_SIGN   (0x31 | OPTIGA_CMD_CLEAR_LAST_ERROR)

OPTIGA_CMD_CALC_SSEC

#define OPTIGA_CMD_CALC_SSEC   (0x33 | OPTIGA_CMD_CLEAR_LAST_ERROR)

OPTIGA_CMD_CLEAR_LAST_ERROR

#define OPTIGA_CMD_CLEAR_LAST_ERROR   (0x80)

OPTIGA_CMD_CLOSE_APPLICATION

#define OPTIGA_CMD_CLOSE_APPLICATION   (0x71 | OPTIGA_CMD_CLEAR_LAST_ERROR)

OPTIGA_CMD_DECRYPT_ASYM

#define OPTIGA_CMD_DECRYPT_ASYM   (0x1F | OPTIGA_CMD_CLEAR_LAST_ERROR)

OPTIGA_CMD_DERIVE_KEY

#define OPTIGA_CMD_DERIVE_KEY   (0x34 | OPTIGA_CMD_CLEAR_LAST_ERROR)

OPTIGA_CMD_ENCRYPT_ASYM

#define OPTIGA_CMD_ENCRYPT_ASYM   (0x1E | OPTIGA_CMD_CLEAR_LAST_ERROR)

OPTIGA_CMD_ENTER_HANDLER_CALL

#define OPTIGA_CMD_ENTER_HANDLER_CALL   (0x80)

OPTIGA_CMD_ENTER_HANDLER_CALL_MASK

#define OPTIGA_CMD_ENTER_HANDLER_CALL_MASK   (0x80)

OPTIGA_CMD_ERROR_CODE_PREPARE

#define OPTIGA_CMD_ERROR_CODE_PREPARE   (0x01)

OPTIGA_CMD_ERROR_CODE_RX

#define OPTIGA_CMD_ERROR_CODE_RX   (0x03)

OPTIGA_CMD_ERROR_CODE_STATE_MASK

#define OPTIGA_CMD_ERROR_CODE_STATE_MASK   (0x03)

OPTIGA_CMD_ERROR_CODE_TX

#define OPTIGA_CMD_ERROR_CODE_TX   (0x02)

OPTIGA_CMD_EXIT_HANDLER_CALL

#define OPTIGA_CMD_EXIT_HANDLER_CALL   (0x00)

OPTIGA_CMD_GEN_KEYPAIR

#define OPTIGA_CMD_GEN_KEYPAIR   (0x38 | OPTIGA_CMD_CLEAR_LAST_ERROR)

OPTIGA_CMD_GET_DATA_OBJECT

#define OPTIGA_CMD_GET_DATA_OBJECT   (0x01 | OPTIGA_CMD_CLEAR_LAST_ERROR)

OPTIGA_CMD_GET_RANDOM

#define OPTIGA_CMD_GET_RANDOM   (0x0C | OPTIGA_CMD_CLEAR_LAST_ERROR)

OPTIGA_CMD_HASH_HEADER_SIZE

#define OPTIGA_CMD_HASH_HEADER_SIZE   (0x06)

OPTIGA_CMD_INTERMEDIATE_CONTEX_HEADER

#define OPTIGA_CMD_INTERMEDIATE_CONTEX_HEADER   (0x03)

OPTIGA_CMD_LAST_ERROR_CODE

#define OPTIGA_CMD_LAST_ERROR_CODE   (0xF1C2)

OPTIGA_CMD_MAX_NUMBER_OF_SESSIONS

#define OPTIGA_CMD_MAX_NUMBER_OF_SESSIONS   (0x04)

OPTIGA_CMD_NO_OF_BYTES_IN_TAG

#define OPTIGA_CMD_NO_OF_BYTES_IN_TAG   (0x01)

OPTIGA_CMD_NO_SESSION_OID

#define OPTIGA_CMD_NO_SESSION_OID   (0x0000)

OPTIGA_CMD_OID_DATA_LENGTH

#define OPTIGA_CMD_OID_DATA_LENGTH   (0x0006)

OPTIGA_CMD_OPEN_APPLICATION

#define OPTIGA_CMD_OPEN_APPLICATION   (0x70 | OPTIGA_CMD_CLEAR_LAST_ERROR)

OPTIGA_CMD_OUT_OF_BOUNDARY_ERROR

#define OPTIGA_CMD_OUT_OF_BOUNDARY_ERROR   (0x08)

OPTIGA_CMD_PARAM_INITIALIZE_APP_CONTEXT

#define OPTIGA_CMD_PARAM_INITIALIZE_APP_CONTEXT   (0x00)

OPTIGA_CMD_QUEUE_ASSIGNED

#define OPTIGA_CMD_QUEUE_ASSIGNED   (0x01)

OPTIGA_CMD_QUEUE_NO_REQUEST

#define OPTIGA_CMD_QUEUE_NO_REQUEST   (0x00)

OPTIGA_CMD_QUEUE_NOT_ASSIGNED

#define OPTIGA_CMD_QUEUE_NOT_ASSIGNED   (0x00)

OPTIGA_CMD_QUEUE_PROCESSING

#define OPTIGA_CMD_QUEUE_PROCESSING   (0x04)

OPTIGA_CMD_QUEUE_REQUEST

#define OPTIGA_CMD_QUEUE_REQUEST   (0x02)

OPTIGA_CMD_QUEUE_REQUEST_LOCK

#define OPTIGA_CMD_QUEUE_REQUEST_LOCK   (0x21)

OPTIGA_CMD_QUEUE_REQUEST_SESSION

#define OPTIGA_CMD_QUEUE_REQUEST_SESSION   (0x22)

OPTIGA_CMD_QUEUE_REQUEST_STRICT_LOCK

#define OPTIGA_CMD_QUEUE_REQUEST_STRICT_LOCK   (0x23)

OPTIGA_CMD_QUEUE_RESUME

#define OPTIGA_CMD_QUEUE_RESUME   (0x08)

OPTIGA_CMD_QUEUE_SLOT_LOCK_TYPE

#define OPTIGA_CMD_QUEUE_SLOT_LOCK_TYPE   (0x08)

OPTIGA_CMD_QUEUE_SLOT_STATE

#define OPTIGA_CMD_QUEUE_SLOT_STATE   (0x09)

OPTIGA_CMD_SCHEDULER_IDLING_TIME_MS

#define OPTIGA_CMD_SCHEDULER_IDLING_TIME_MS   (1000U)

OPTIGA_CMD_SCHEDULER_RUNNING_TIME_MS

#define OPTIGA_CMD_SCHEDULER_RUNNING_TIME_MS   (50U)

OPTIGA_CMD_SESSION_ASSIGNED

#define OPTIGA_CMD_SESSION_ASSIGNED   (0x10)

OPTIGA_CMD_SESSION_NOT_ASSIGNED

#define OPTIGA_CMD_SESSION_NOT_ASSIGNED   (0x00)

OPTIGA_CMD_SET_DATA_OBJECT

#define OPTIGA_CMD_SET_DATA_OBJECT   (0x02 | OPTIGA_CMD_CLEAR_LAST_ERROR)

OPTIGA_CMD_SET_OBJECT_PROTECTED

#define OPTIGA_CMD_SET_OBJECT_PROTECTED   (0x03 | OPTIGA_CMD_CLEAR_LAST_ERROR)

OPTIGA_CMD_START_SESSION_OID

#define OPTIGA_CMD_START_SESSION_OID   (0xE100)

OPTIGA_CMD_TOTAL_COMMS_BUFFER_SIZE

#define OPTIGA_CMD_TOTAL_COMMS_BUFFER_SIZE   (OPTIGA_MAX_COMMS_BUFFER_SIZE + OPTIGA_COMMS_PRL_OVERHEAD)

OPTIGA_CMD_UINT16_SIZE_IN_BYTES

#define OPTIGA_CMD_UINT16_SIZE_IN_BYTES   (0x02)

OPTIGA_CMD_VERIFY_SIGN

#define OPTIGA_CMD_VERIFY_SIGN   (0x32 | OPTIGA_CMD_CLEAR_LAST_ERROR)

OPTIGA_CMD_ZERO_LENGTH_OR_VALUE

#define OPTIGA_CMD_ZERO_LENGTH_OR_VALUE   (0x0000)

OPTIGA_PROTECTION_LEVEL_MASK

#define OPTIGA_PROTECTION_LEVEL_MASK   (0x03)

PARAM

#define PARAM   (0x00)

PUBLIC_KEY_HOST

#define PUBLIC_KEY_HOST   ((public_key_from_host_t *)(p_optiga_encrypt_asym->key))

SET_DEV_ERROR_HANDLER_STATE

#define SET_DEV_ERROR_HANDLER_STATE

(

state

)

Value:

{\
                                   (me->device_error_status) &= ~OPTIGA_CMD_ERROR_CODE_STATE_MASK;\
                                   (me->device_error_status) |= state & OPTIGA_CMD_ERROR_CODE_STATE_MASK;}

SET_DEV_ERROR_NOTIFICATION

#define SET_DEV_ERROR_NOTIFICATION

(

bits_value

)

Value:

{\
                                  (me->device_error_status) &= ~OPTIGA_CMD_ENTER_HANDLER_CALL_MASK;\
                                  (me->device_error_status) |= bits_value & OPTIGA_CMD_ENTER_HANDLER_CALL_MASK;}

START_OPTIGA_COMMS_CLOSE

#define START_OPTIGA_COMMS_CLOSE   (0x02)

Typedef Documentation

optiga_cmd_handler_t

typedef optiga_lib_status_t(* optiga_cmd_handler_t) (optiga_cmd_t *me)

optiga_cmd_queue_slot_t

typedef struct optiga_cmd_queue_slot optiga_cmd_queue_slot_t

The structure represents the slot in the execution queue.

optiga_cmd_state_t

typedef enum optiga_cmd_state optiga_cmd_state_t

The enum represents diffrent state of command handler.

Enumeration Type Documentation

optiga_cmd_state

enum optiga_cmd_state

The enum represents diffrent state of command handler.

Enumerator
OPTIGA_CMD_EXEC_COMMS_OPEN
OPTIGA_CMD_EXEC_COMMS_OPEN_START
OPTIGA_CMD_EXEC_COMMS_OPEN_DONE
OPTIGA_CMD_EXEC_COMMS_CLOSE_START
OPTIGA_CMD_EXEC_COMMS_CLOSE_DONE
OPTIGA_CMD_EXEC_REQUEST_SESSION
OPTIGA_CMD_EXEC_REQUEST_LOCK
OPTIGA_CMD_EXEC_REQUEST_STRICT_LOCK
OPTIGA_CMD_EXEC_PREPARE_COMMAND
OPTIGA_CMD_EXEC_PROCESS_RESPONSE
OPTIGA_CMD_EXEC_GET_DEVICE_ERROR
OPTIGA_CMD_EXEC_RELEASE_LOCK
OPTIGA_CMD_STATE_EXIT

Function Documentation

optiga_cmd_calc_hash()

optiga_lib_status_t optiga_cmd_calc_hash	(	optiga_cmd_t *	me,
		uint8_t	cmd_param,
		optiga_calc_hash_params_t *	params
	)

Generates hash on external data or data in OID.

Generates hash on external data or data in OID by issuing Calc Hash command to OPTIGA.

• Acquires the OPTIGA lock for optiga_crypt_hash_start/optiga_crypt_hash_update/optiga_crypt_hash_finalize.
  
• Forms the CalcHash command based on inputs.
  
• Issues the CalcHash command through optiga_comms_transceive.
  
• Releases the OPTIGA lock on successful completion of asynchronous operation.
  

Precondition

• Application on OPTIGA must be opened using optiga_cmd_open_application before using this API.

Note

• Error codes from lower layers will be returned as it is.

Parameters

[in]	me	Valid instance of optiga_cmd_t created using optiga_cmd_create.
[in]	cmd_param	Param of CalcHash Command APDU. Must be valid argument, otherwise OPTIGA returns an error.
[in]	params	InData of CalcHash Command APDU, must not be NULL.

Return values

OPTIGA_CMD_SUCCESS	Successful invocation.
OPTIGA_CMD_ERROR	Error occurred before invoking CalcHash command. Error in the asynchronous state machine.
OPTIGA_CMD_ERROR_MEMORY_INSUFFICIENT	Error due to insufficient buffer size. APDU length formed is greater than OPTIGA_MAX_COMMS_BUFFER_SIZE. Data received from OPTIGA is greater than the buffer size provided by user.

Here is the call graph for this function:

optiga_cmd_calc_hash_handler()

_STATIC_H optiga_lib_status_t optiga_cmd_calc_hash_handler

(

optiga_cmd_t *

me

)

Here is the call graph for this function:

optiga_cmd_calc_sign()

optiga_lib_status_t optiga_cmd_calc_sign	(	optiga_cmd_t *	me,
		uint8_t	cmd_param,
		optiga_calc_sign_params_t *	params
	)

Calculate signature on digest.

Calculate signature on digest by issuing Calc Sign command to OPTIGA.

• Acquires the OPTIGA session/lock for optiga_crypt_ecdsa_sign/optiga_crypt_rsa_sign.
  
• Forms the Generate KeyPair command based on inputs.
  
• Issues the Generate KeyPair command through optiga_comms_transceive.
• Releases the OPTIGA lock on successful completion of asynchronous operation.
  

Precondition

• Application on OPTIGA must be opened using optiga_cmd_open_application before using this API.

Note

• Error codes from lower layers will be returned as it is.
  

Parameters

[in]	me	Valid instance of optiga_cmd_t created using optiga_cmd_create.
[in]	cmd_param	Param of Calc Sign Command APDU. Must be valid argument, otherwise OPTIGA returns an error.
[in]	params	InData of Calc Sign Command APDU, must not be NULL.

Return values

OPTIGA_CMD_SUCCESS	Successful invocation.
OPTIGA_CMD_ERROR	Error occurred before invoking Calc Sign command. Error in the asynchronous state machine.
OPTIGA_CMD_ERROR_INVALID_INPUT	Instance invoked for session oid, without acquiring the session (from optiga_cmd_gen_keypair).
OPTIGA_CMD_ERROR_MEMORY_INSUFFICIENT	Error due to insufficient buffer size. APDU length formed is greater than OPTIGA_MAX_COMMS_BUFFER_SIZE. Length of the buffer to copy the signature is less than actual length of signature.

Here is the call graph for this function:

optiga_cmd_calc_sign_handler()

_STATIC_H optiga_lib_status_t optiga_cmd_calc_sign_handler

(

optiga_cmd_t *

me

)

Here is the call graph for this function:

optiga_cmd_calc_ssec()

optiga_lib_status_t optiga_cmd_calc_ssec	(	optiga_cmd_t *	me,
		uint8_t	cmd_param,
		optiga_calc_ssec_params_t *	params
	)

Calculates shared secret.

Calculates shared secret by issuing CalcSSec command to OPTIGA.

• Acquires the OPTIGA session/lock for optiga_crypt_ecdh.
  
• Forms the command apdu based on inputs.
  
• Issues the command through optiga_comms_transceive.
  
• If the private key is session based or shared secret is to be stored in OPTIGA, it acquires a session if not already available.
  
• Releases the OPTIGA lock on successful completion of asynchronous operation.
  

Precondition

• Application on OPTIGA must be opened using optiga_cmd_open_application.
• A key pair must be generated/available in the given private key ID.

Note

• Error codes from lower layers will be returned as it is.
  

Parameters

[in]	me	Valid instance of optiga_cmd_t created using optiga_cmd_create.
[in]	cmd_param	Param of Calc SSec Command APDU. Must be valid argument, otherwise OPTIGA returns an error.
[in]	params	Pointer to input parameters, must not be NULL.

Return values

OPTIGA_LIB_SUCCESS	Successful invocation of optiga_comms module.
OPTIGA_CMD_ERROR	Error occurred before invoking CalcSSec command optiga_comms_transceive returned a failure Error in the asynchronous state machine.
OPTIGA_CMD_ERROR_INVALID_INPUT	Instance invoked for session oid, without acquiring the session (from optiga_cmd_gen_keypair).
OPTIGA_CMD_ERROR_MEMORY_INSUFFICIENT	APDU length formed is greater than OPTIGA_MAX_COMMS_BUFFER_SIZE.

Here is the call graph for this function:

optiga_cmd_calc_ssec_handler()

_STATIC_H optiga_lib_status_t optiga_cmd_calc_ssec_handler

(

optiga_cmd_t *

me

)

Here is the call graph for this function:

optiga_cmd_close_application()

optiga_lib_status_t optiga_cmd_close_application	(	optiga_cmd_t *	me,
		uint8_t	cmd_param,
		void *	params
	)

Closes the OPTIGA Application.

Closes the OPTIGA Application by issuing the CloseApplication command.

• Acquires the OPTIGA lock for optiga_util_close_application.
  
• Forms the CloseApplication commands based on inputs.
  
• Issues the CloseApplication command through optiga_comms_transceive.
  
• Releases the OPTIGA lock on successful completion of asynchronous operation.
  

Precondition

• Application on OPTIGA must be opened using optiga_cmd_open_application before using this API.
  

Note

• This function must be mandatorily invoked before issuing a reset to OPTIGA, in case the context needs to be saved.
• Error codes from lower layers will be returned as it is.
  

Parameters

[in]	me	Valid instance of optiga_cmd_t created using optiga_cmd_create.
[in]	cmd_param	Param of Command APDU. Must be valid argument, otherwise OPTIGA returns an error.
[in]	params	Secure connection related information, must not be NULL.

Return values

OPTIGA_CMD_SUCCESS	Successful invocation.
OPTIGA_CMD_ERROR	Error occurred before invoking CloseApplication command. Error in the asynchronous state machine.
OPTIGA_CMD_ERROR_MEMORY_INSUFFICIENT	APDU length formed is greater than OPTIGA_MAX_COMMS_BUFFER_SIZE.

Here is the call graph for this function:

optiga_cmd_close_application_handler()

_STATIC_H optiga_lib_status_t optiga_cmd_close_application_handler

(

optiga_cmd_t *

me

)

Optiga context store operation

Here is the call graph for this function:

optiga_cmd_create()

optiga_cmd_t* optiga_cmd_create	(	uint8_t	optiga_instance_id,
		callback_handler_t	handler,
		void *	caller_context
	)

Creates an instance of optiga_cmd_t.

Creates an instance of optiga_cmd_t.

• Stores the callers context and callback handler.
  
• Allocate memory for optiga_cmd_t.
  
• Assigns OPTIGA structure based on the optiga instance.
  

Precondition

• None

Note

• None

Parameters

[in]	optiga_instance_id	Indicates the OPTIGA configuration to associate with instance.
[in]	handler	Pointer to callback function, must not be NULL.
[in]	caller_context	Pointer to upper layer context.

Return values

optiga_cmd_t	* On successful instance creation.
NULL	Memory allocation failure. Already, OPTIGA_CMD_MAX_REGISTRATIONS number of instances is created.

Here is the call graph for this function:

optiga_cmd_decrypt_asym()

optiga_lib_status_t optiga_cmd_decrypt_asym	(	optiga_cmd_t *	me,
		uint8_t	cmd_param,
		optiga_decrypt_asym_params_t *	params
	)

Decrypts data using OPTIGA RSA private key.

Decrypts data using OPTIGA RSA private key by issuing Decrypt Asym command to OPTIGA.

• Acquires the OPTIGA session/lock for optiga_crypt_rsa_decrypt_and_export/optiga_crypt_rsa_decrypt_and_store.
  
• Forms the Decrypt Asym command based on inputs.
• Issues the Decrypt Asym command through optiga_comms_transceive.
• Releases the OPTIGA lock on successful completion of asynchronous operation.
  

Precondition

• Application on OPTIGA must be opened using optiga_cmd_open_application before using this API.

Note

• Error codes from lower layers will be returned as it is.

Parameters

[in]	me	Valid instance of optiga_cmd_t created using optiga_cmd_create.
[in]	cmd_param	Param of Decrypt Asym Command APDU. Must be valid argument, otherwise OPTIGA returns an error.
[in]	params	InData of Decrypt Asym Command APDU, must not be NULL.

Return values

OPTIGA_LIB_SUCCESS	Successful invocation.
OPTIGA_CMD_ERROR	Error occurred before invoking Decrypt Asym command. Error in the asynchronous state machine.
OPTIGA_CMD_ERROR_MEMORY_INSUFFICIENT	Error due to insufficient buffer size. APDU length formed is greater than OPTIGA_MAX_COMMS_BUFFER_SIZE. Length of the buffer to copy the decrypted data is less than buffer to copy it into.

Here is the call graph for this function:

optiga_cmd_decrypt_asym_handler()

_STATIC_H optiga_lib_status_t optiga_cmd_decrypt_asym_handler

(

optiga_cmd_t *

me

)

Here is the call graph for this function:

optiga_cmd_derive_key()

optiga_lib_status_t optiga_cmd_derive_key	(	optiga_cmd_t *	me,
		uint8_t	cmd_param,
		optiga_derive_key_params_t *	params
	)

Derives a key.

Derives a key by issuing DeriveKey command to OPTIGA.

• Acquires the OPTIGA session/lock for optiga_crypt_ecdh.
  
• Issues the calculate shared secret command through optiga_comms_transceive.
• Based on the shared secret location in OPTIGA and target storage, it requests to acquire a session.
• Releases the OPTIGA lock on successful completion of asynchronous operation.
  

Precondition

• Application on OPTIGA must be opened using optiga_cmd_open_application before using this API.
• A key pair should be generated for the input object ID.

Note

• Error codes from lower layers will be returned as it is.

Parameters

[in]	me	Valid instance of optiga_cmd_t created using optiga_cmd_create.
[in]	cmd_param	Param of Derive Key Command APDU. Must be valid argument, otherwise OPTIGA returns an error.
[in]	params	InData of derive key Command APDU, must not be NULL.

Return values

OPTIGA_LIB_SUCCESS	Successful invocation.
OPTIGA_CMD_ERROR	Error occurred before invoking derive key command optiga comms transceive returned a failure Error in the asynchronous state machine.
OPTIGA_CMD_ERROR_INVALID_INPUT	Instance invoked for session oid, without acquiring the session(from optiga_cmd_calc_ssec).
OPTIGA_CMD_ERROR_MEMORY_INSUFFICIENT	APDU length formed is greater than OPTIGA_MAX_COMMS_BUFFER_SIZE.

Here is the call graph for this function:

optiga_cmd_derive_key_handler()

_STATIC_H optiga_lib_status_t optiga_cmd_derive_key_handler

(

optiga_cmd_t *

me

)

Here is the call graph for this function:

optiga_cmd_destroy()

optiga_lib_status_t optiga_cmd_destroy

(

optiga_cmd_t *

me

)

Destroys the instance of optiga_cmd_t.

Destroys the instance of optiga_cmd_t.

• Releases any OPTIGA cmd module lock utilized by the instance.
  
• Releases any OPTIGA session acquired by the instance.
  
• De-allocate the memory of the optiga_cmd_t instance.
  

Precondition

• None

Note

• None

Parameters

[in]

me

Valid instance of optiga_cmd_t created using optiga_cmd_create.

Return values

OPTIGA_LIB_SUCCESS

Successful destruction of instance.

Here is the call graph for this function:

optiga_cmd_encrypt_asym()

optiga_lib_status_t optiga_cmd_encrypt_asym	(	optiga_cmd_t *	me,
		uint8_t	cmd_param,
		optiga_encrypt_asym_params_t *	params
	)

Encrypt data using RSA public key.

Encrypts data using RSA public key by issuing Encrypt Asym command to OPTIGA.

• Acquires the OPTIGA session/lock for optiga_crypt_rsa_encrypt_message/optiga_crypt_rsa_encrypt_session.
  
• Forms the Encrypt Asym command based on inputs.
• Issues the Encrypt Asym command through optiga_comms_transceive.
• Releases the OPTIGA lock on successful completion of asynchronous operation.
  

Precondition

• Application on OPTIGA must be opened using optiga_cmd_open_application before using this API.

Note

• Error codes from lower layers will be returned as it is.

Parameters

[in]	me	Valid instance of optiga_cmd_t created using optiga_cmd_create.
[in]	cmd_param	Param of Encrypt Asym Command APDU. Must be valid argument, otherwise OPTIGA returns an error.
[in]	params	InData of Encrypt Asym Command APDU, must not be NULL.

Return values

OPTIGA_LIB_SUCCESS	Successful invocation.
OPTIGA_CMD_ERROR	Error occurred before invoking Encrypt Asym command. Error in the asynchronous state machine.
OPTIGA_CMD_ERROR_INVALID_INPUT	Instance invoked for encrypting session, without acquiring the session
OPTIGA_CMD_ERROR_MEMORY_INSUFFICIENT	Error due to insufficient buffer size. APDU length formed is greater than OPTIGA_MAX_COMMS_BUFFER_SIZE. Length of the buffer to copy the encrypted data is less than buffer to copy it into.

Here is the call graph for this function:

optiga_cmd_encrypt_asym_handler()

_STATIC_H optiga_lib_status_t optiga_cmd_encrypt_asym_handler

(

optiga_cmd_t *

me

)

Here is the call graph for this function:

optiga_cmd_event_trigger_execute()

_STATIC_H void optiga_cmd_event_trigger_execute

(

void *

p_ctx

)

Here is the call graph for this function:

optiga_cmd_execute()

_STATIC_H void optiga_cmd_execute	(	optiga_cmd_t *	me,
		uint8_t	cmd_param,
		optiga_cmd_handler_t	cmd_hdlrs,
		optiga_cmd_state_t	start_state,
		void *	input
	)

Here is the call graph for this function:

optiga_cmd_execute_handler()

_STATIC_H void optiga_cmd_execute_handler	(	void *	p_ctx,
		optiga_lib_status_t	event
	)

Here is the call graph for this function:

optiga_cmd_gen_keypair()

optiga_lib_status_t optiga_cmd_gen_keypair	(	optiga_cmd_t *	me,
		uint8_t	cmd_param,
		optiga_gen_keypair_params_t *	params
	)

Generates ECC or RSA key-pair.

Generate ECC/RSA key-pair by issuing Generate KeyPair command to OPTIGA.

• Acquires the OPTIGA session/lock for optiga_crypt_ecc_generate_keypair/optiga_crypt_rsa_generate_keypair.
  
• Forms the Generate KeyPair command based on inputs.
• Issues the Generate KeyPair command through optiga_comms_transceive.
• Releases the OPTIGA lock on successful completion of asynchronous operation.
  

Precondition

• Application on OPTIGA must be opened using optiga_cmd_open_application before using this API.

Note

• Error codes from lower layers will be returned as it is.

Parameters

[in]	me	Valid instance of optiga_cmd_t created using optiga_cmd_create.
[in]	cmd_param	Param of Generate KeyPair Command APDU. Must be valid argument, otherwise OPTIGA returns an error.
[in]	params	InData of Generate KeyPair Command APDU, must not be NULL.

Return values

OPTIGA_LIB_SUCCESS	Successful invocation.
OPTIGA_CMD_ERROR	Error occurred before invoking Generate KeyPair command. Error in the asynchronous state machine.
OPTIGA_CMD_ERROR_MEMORY_INSUFFICIENT	Error due to insufficient buffer size. APDU length formed is greater than OPTIGA_MAX_COMMS_BUFFER_SIZE. Length of the buffer to copy the key is less than actual length of key.

Here is the call graph for this function:

optiga_cmd_gen_keypair_handler()

_STATIC_H optiga_lib_status_t optiga_cmd_gen_keypair_handler

(

optiga_cmd_t *

me

)

TLV formation for private key OID

Update OID based on input param

TLV formation for key usage

TLV formation for export key

Here is the call graph for this function:

optiga_cmd_get_data_object()

optiga_lib_status_t optiga_cmd_get_data_object	(	optiga_cmd_t *	me,
		uint8_t	cmd_param,
		optiga_get_data_object_params_t *	params
	)

Reads data or metadata of the specified data object.

Reads data or metadata of the specified data object, by issuing the GetDataObject command, based on input parameters.

• Acquires the OPTIGA lock for optiga_util_read_data/optiga_util_read_metadata.
  
• Forms the ReadData/ReadMetaData commands based on inputs.
  
• Issues the ReadData/ReadMetaData command through optiga_comms_transceive.
  
• In case the data to be read by the user is greater than the OPTIGA_MAX_COMMS_BUFFER_SIZE, the data is retrieved by internal chaining (by calling GetDataObject command multiple times).
• Releases the OPTIGA lock on successful completion of asynchronous operation.
  

Precondition

• Application on OPTIGA must be opened using optiga_cmd_open_application before using this API.
  

Note

• Error codes from lower layers will be returned as it is.
  

Parameters

[in]	me	Valid instance of optiga_cmd_t created using optiga_cmd_create.
[in]	cmd_param	Param of Get Data Command APDU. Must be valid argument, otherwise OPTIGA returns an error.
[in]	params	InData of Get Data Command APDU, must not be NULL.

Return values

OPTIGA_CMD_SUCCESS	Successful invocation.
OPTIGA_CMD_ERROR	Error occurred before invoking GetDataObject command. Error in the asynchronous state machine.
OPTIGA_CMD_ERROR_MEMORY_INSUFFICIENT	Error due to insufficient buffer size. APDU length formed is greater than OPTIGA_MAX_COMMS_BUFFER_SIZE. Data received from OPTIGA is greater than the buffer size provided by user.

Here is the call graph for this function:

optiga_cmd_get_data_object_handler()

_STATIC_H optiga_lib_status_t optiga_cmd_get_data_object_handler

(

optiga_cmd_t *

me

)

Here is the call graph for this function:

optiga_cmd_get_error_code_handler()

_STATIC_H optiga_lib_status_t optiga_cmd_get_error_code_handler

(

optiga_cmd_t *

me

)

Here is the call graph for this function:

optiga_cmd_get_random()

optiga_lib_status_t optiga_cmd_get_random	(	optiga_cmd_t *	me,
		uint8_t	cmd_param,
		optiga_get_random_params_t *	params
	)

Generates random data or pre-master secret for RSA key exchange.

Generates random data or pre-master secret for RSA key exchange, by issuing the GetRandom command to OPTIGA.

• Acquires the OPTIGA session/lock for optiga_crypt_rsa_generate_pre_master_secret/optiga_crypt_random.
  
• For pre-master secret, it acquires a session, else acquires the lock.
• Forms the GetRandom command based on inputs.
  
• Issues the GetRandom command through optiga_comms_transceive.
  
• Releases the OPTIGA lock on successful completion of asynchronous operation.
  

Precondition

• Application on OPTIGA must be opened using optiga_cmd_open_application before using this API.
  

Note

• Error codes from lower layers will be returned as it is.
  

Parameters

[in]	me	Valid instance of optiga_cmd_t created using optiga_cmd_create.
[in]	cmd_param	Param of Get Random Command APDU. Must be valid argument, otherwise OPTIGA returns an error.
[in]	params	InData of Get Random Command APDU, must not be NULL.

Return values

OPTIGA_CMD_SUCCESS	Successful invocation.
OPTIGA_CMD_ERROR	Error occurred before invoking GetRandom command. Error in the asynchronous state machine.
OPTIGA_CMD_ERROR_MEMORY_INSUFFICIENT	APDU length formed is greater than OPTIGA_MAX_COMMS_BUFFER_SIZE.

Here is the call graph for this function:

optiga_cmd_get_random_handler()

_STATIC_H optiga_lib_status_t optiga_cmd_get_random_handler

(

optiga_cmd_t *

me

)

APDU header size + length of random OID size in case of param 0x04 0x41, Length and prepending optional data

Copy the random data length

Copy the data to buffer

TLV formation for key usage

Here is the call graph for this function:

optiga_cmd_open_application()

optiga_lib_status_t optiga_cmd_open_application	(	optiga_cmd_t *	me,
		uint8_t	cmd_param,
		void *	params
	)

Opens the OPTIGA Application.

Opens the OPTIGA Application by issuing the OpenApplication command.

• Acquires the OPTIGA lock for optiga_util_open_application.
  
• Invokes optiga_comms_open API to initialize OPTIGA and to establish the communication channel.
  
• Forms the OpenApplication commands based on inputs.
  
• Issues the OpenApplication command using optiga_comms_transceive.
  
• Releases the OPTIGA lock on successful completion of asynchronous operation.
  

Precondition

• None

Note

• This function must be mandatorily invoked before starting any interactions with OPTIGA after the reset.
• Error codes from lower layers will be returned as it is.
  

Parameters

[in]	me	Valid instance of optiga_cmd_t created using optiga_cmd_create.
[in]	cmd_param	Param of Command APDU. Must be valid argument, otherwise OPTIGA returns an error.
[in]	params	Secure connection related information, must not be NULL.

Return values

OPTIGA_CMD_SUCCESS	Successful invocation.
OPTIGA_CMD_ERROR	Error occurred before invoking OpenApplication command. Error in the asynchronous state machine.
OPTIGA_CMD_ERROR_MEMORY_INSUFFICIENT	APDU length formed is greater than OPTIGA_MAX_COMMS_BUFFER_SIZE.

Here is the call graph for this function:

optiga_cmd_open_application_handler()

_STATIC_H optiga_lib_status_t optiga_cmd_open_application_handler

(

optiga_cmd_t *

me

)

optiga context restore operation

Here is the call graph for this function:

optiga_cmd_prepare_apdu_header()

_STATIC_H void optiga_cmd_prepare_apdu_header	(	uint8_t	cmd,
		uint8_t	param,
		uint16_t	in_data_length,
		uint8_t *	p_apdu_buffer
	)

optiga_cmd_prepare_tag_header()

_STATIC_H void optiga_cmd_prepare_tag_header	(	uint8_t	tag,
		uint16_t	tag_length,
		uint8_t *	buffer,
		uint16_t *	position
	)

optiga_cmd_queue_assign_slot()

_STATIC_H void optiga_cmd_queue_assign_slot	(	const optiga_cmd_t *	me,
		uint8_t *	queue_index_store
	)

optiga_cmd_queue_deassign_slot()

_STATIC_H void optiga_cmd_queue_deassign_slot

(

optiga_cmd_t *

me

)

optiga_cmd_queue_get_count_of()

_STATIC_H uint8_t optiga_cmd_queue_get_count_of	(	const optiga_context_t *	p_optiga,
		uint8_t	slot_member,
		uint8_t	state_to_check
	)

optiga_cmd_queue_get_state_of()

_STATIC_H uint8_t optiga_cmd_queue_get_state_of	(	const optiga_cmd_t *	me,
		uint8_t	slot_member
	)

optiga_cmd_queue_reset_slot()

_STATIC_H void optiga_cmd_queue_reset_slot

(

const optiga_cmd_t *

me

)

Here is the call graph for this function:

optiga_cmd_queue_scheduler()

_STATIC_H void optiga_cmd_queue_scheduler

(

void *

p_optiga

)

Here is the call graph for this function:

optiga_cmd_queue_update_slot()

_STATIC_H void optiga_cmd_queue_update_slot	(	optiga_cmd_t *	me,
		uint8_t	request_type
	)

Here is the call graph for this function:

optiga_cmd_release_lock()

optiga_lib_status_t optiga_cmd_release_lock

(

const optiga_cmd_t *

me

)

Releases the OPTIGA cmd lock.

Releases the OPTIGA cmd lock.

• Release the OPTIGA lock acquired by the instance.
  
• If OPTIGA cmd lock request register in not empty, invoke the next registered caller handler with corresponding context.
  

Precondition

• None

Note

• None

Parameters

[in]

me

Valid instance of optiga_cmd_t created using optiga_cmd_create.

Return values

OPTIGA_CMD_SUCCESS

Successful release of the access layer lock.

Here is the call graph for this function:

optiga_cmd_release_session()

optiga_lib_status_t optiga_cmd_release_session

(

optiga_cmd_t *

me

)

Here is the call graph for this function:

optiga_cmd_request_lock()

optiga_lib_status_t optiga_cmd_request_lock	(	optiga_cmd_t *	me,
		uint8_t	lock_type
	)

Here is the call graph for this function:

optiga_cmd_request_session()

optiga_lib_status_t optiga_cmd_request_session

(

optiga_cmd_t *

me

)

Here is the call graph for this function:

optiga_cmd_restore_context()

_STATIC_H optiga_lib_status_t optiga_cmd_restore_context

(

const optiga_cmd_t *

me

)

Here is the call graph for this function:

optiga_cmd_session_assign()

_STATIC_H void optiga_cmd_session_assign

(

optiga_cmd_t *

me

)

optiga_cmd_session_available()

_STATIC_H bool_t optiga_cmd_session_available

(

const optiga_context_t *

p_optiga

)

optiga_cmd_session_free()

_STATIC_H void optiga_cmd_session_free

(

optiga_cmd_t *

me

)

optiga_cmd_set_data_object()

optiga_lib_status_t optiga_cmd_set_data_object	(	optiga_cmd_t *	me,
		uint8_t	cmd_param,
		optiga_set_data_object_params_t *	params
	)

Writes data or metadata to the specified data object.

Writes data or metadata to the specified data object, by issuing the SetDataObject command, based on input parameters.

• Acquires the OPTIGA lock for optiga_util_write_data/optiga_util_write_metadata.
  
• Forms the SetData/SetMetaData commands based on inputs.
  
• Issues the SetData/SetMetaData command through optiga_comms_transceive.
  
• In case the data to be written by the user is greater than the OPTIGA_MAX_COMMS_BUFFER_SIZE, the data is written to the OPTIGA by internal chaining (by calling SetDataObject command multiple times).
  
• Releases the OPTIGA lock on successful completion of asynchronous operation.
  

Precondition

• Application on OPTIGA must be opened using optiga_cmd_open_application before using this API.
  

Note

• In case of failure, it is possible that partial data is written into the data object.
  In such a case, the user should decide if the data has to be re-written.
• Error codes from lower layers will be returned as it is.
  

Parameters

[in]	me	Valid instance of optiga_cmd_t created using optiga_cmd_create.
[in]	cmd_param	Param of Set Data Command APDU. Must be valid argument, otherwise OPTIGA returns an error.
[in]	params	InData of Set Data Command APDU, must not be NULL.

Return values

OPTIGA_CMD_SUCCESS	Successful invocation.
OPTIGA_CMD_ERROR	Error occurred before invoking SetDataObject command. Error in the asynchronous state machine.
OPTIGA_CMD_ERROR_MEMORY_INSUFFICIENT	APDU length formed is greater than OPTIGA_MAX_COMMS_BUFFER_SIZE.

Here is the call graph for this function:

optiga_cmd_set_data_object_handler()

_STATIC_H optiga_lib_status_t optiga_cmd_set_data_object_handler

(

optiga_cmd_t *

me

)

Here is the call graph for this function:

optiga_cmd_set_object_protected()

optiga_lib_status_t optiga_cmd_set_object_protected	(	optiga_cmd_t *	me,
		uint8_t	cmd_param,
		optiga_set_object_protected_params_t *	params
	)

Writes protected object fragments to OPTIGA.

Writes manifest or data fragement(s) to the specified data object, by issuing the SetObjectProtected command, in a securely.

• Acquires the strict sequence for optiga_util_protected_update_start.
  
• Forms the SetObjectProtected commands based on inputs.
  
• Issues the SetObjectProtected command through optiga_comms_transceive.
  
• Releases the strict sequence in case of an error or after optiga_util_protected_update_final is successfully completed.

Precondition

• Application on OPTIGA must be opened using optiga_cmd_open_application before using this API.
  

Note

• Error codes from lower layers will be returned as it is.
  

Parameters

[in]	me	Valid instance of optiga_cmd_t created using optiga_cmd_create.
[in]	cmd_param	Param of Set Object Protected APDU. Must be valid argument, otherwise OPTIGA returns an error.
[in]	params	InData of Set Object Protected APDU, must not be NULL.

Return values

OPTIGA_CMD_SUCCESS	Successful invocation.
OPTIGA_CMD_ERROR	Error occurred before invoking SetObjectProtected command. Error in the asynchronous state machine.
OPTIGA_CMD_ERROR_MEMORY_INSUFFICIENT	APDU length formed is greater than OPTIGA_MAX_COMMS_BUFFER_SIZE.
OPTIGA_CMD_ERROR_INVALID_INPUT	Continue and final APDU command invoked without strict lock acquired for the instance.

Release the strict sequence

Here is the call graph for this function:

optiga_cmd_set_object_protected_handler()

_STATIC_H optiga_lib_status_t optiga_cmd_set_object_protected_handler

(

optiga_cmd_t *

me

)

Here is the call graph for this function:

optiga_cmd_set_shielded_connection_option()

void optiga_cmd_set_shielded_connection_option	(	optiga_cmd_t *	me,
		uint8_t	value,
		uint8_t	shielded_connection_option
	)

optiga_cmd_store_context()

_STATIC_H optiga_lib_status_t optiga_cmd_store_context

(

const optiga_cmd_t *

me

)

Here is the call graph for this function:

optiga_cmd_verify_sign()

optiga_lib_status_t optiga_cmd_verify_sign	(	optiga_cmd_t *	me,
		uint8_t	cmd_param,
		optiga_verify_sign_params_t *	params
	)

Verifies the signature over the given digest.

Verifies the signature over the given digest by issuing VerifySign command.

• Acquires the OPTIGA lock for optiga_crypt_ecdsa_verify/optiga_crypt_rsa_verify.
  
• Forms the VerifySign command based on inputs and invokes the optiga_comms_transceive to send the same to OPTIGA.
• Releases the OPTIGA lock on successful completion of asynchronous operation.
  

Precondition

• Application on OPTIGA must be opened using optiga_cmd_open_application before using this API.
  

Note

• Error codes from lower layers will be returned as it is.
  

Parameters

[in]	me	Valid instance of optiga_cmd_t created using optiga_cmd_create.
[in]	cmd_param	Param of VerifySign Command APDU. Must be valid argument, otherwise OPTIGA returns an error.
[in]	params	Parameters for InData of VerifySign Command APDU, must not be NULL.

Return values

OPTIGA_CMD_SUCCESS	Successful invocation.
OPTIGA_CMD_ERROR	Error occurred before invoking VerifySign command. Error in the asynchronous state machine.
OPTIGA_CMD_ERROR_MEMORY_INSUFFICIENT	APDU length formed is greater than OPTIGA_MAX_COMMS_BUFFER_SIZE.

Here is the call graph for this function:

optiga_cmd_verify_sign_handler()

_STATIC_H optiga_lib_status_t optiga_cmd_verify_sign_handler

(

optiga_cmd_t *

me

)

Here is the call graph for this function:

Variable Documentation

g_hibernate_datastore_id_list

_STATIC_H uint16_t g_hibernate_datastore_id_list[] = {OPTIGA_HIBERNATE_CONTEXT_ID}

g_optiga

_STATIC_H optiga_context_t g_optiga = {0}

g_optiga_list

_STATIC_H optiga_context_t* g_optiga_list[] = {&g_optiga}

g_optiga_unique_application_identifier

const uint8_t g_optiga_unique_application_identifier[]

Initial value:

=
{
    0xD2, 0x76, 0x00, 0x00, 0x04, 0x47, 0x65, 0x6E, 0x41, 0x75, 0x74, 0x68, 0x41, 0x70, 0x70, 0x6C,
}