Good evening,
If it is not a too complicated question to ask, I have the following problem:
after initializing the application context I need to generate a key pair for RSA-1024BIT for Encryption & Decryption.

I send the following Bytes (as described in table 18 in "Solution Reference Manual"):

Description of APDU:
0x38: GenKeyPair Command
0x41: Algorithm Identifier: RSA 1024 bit
0x0009: Length of InData
0x01, 0x0002
0xE0FC: (Ref.: Table 32) (Solution Reference Manual): Device Private RSA Key
0x02, 0x0001
0x02: Key Usage: Encryption / Decryption (Ref.: table: Table 22)

-But when I read the I2C register after receiving an ACK, I get following Bytes: 0x08 0x80 0x00 0x00 which basically means that the device is not busy (not executing a command) and it is not ready to give a response.

What do I do wrong?

Regards

Hi expert,

After the application is opened using the optiga_util_open_application function, when the application is closed using the optiga_util_close_application function, the status may return 0x800B through the callback.

0x0B of the lower 1bye indicated by this status is "Command out of sequence (0x0B)" written in Table 6-Error Codes of "OPTIGA ™ Trust M External Interface Response Status Codes" in "OPTIGA_Trust_M_V1_Solution_Reference_Manual_v1.13.pdf, page 87". I think.

Could you tell me the conditions and factors that set this status?

Currently, this status is not set every time, but the status may return 0 by the number of times the optiga_util_close_application function is executed or by inserting another command.

• Below is the Sequence
  Case of returning status 0x800B

1. Application open with optiga_util_open_application function
2. Shield Connection;
   Get Shared Secret with optiga_crypt_random function.
   Shared Secret writing with optiga_util_write_data function.
   The interface is not locked by the optiga_util_write_metadata function.
3. Close the application with the optiga_util_close_application function. At this time, status 0x800B is returned.

• Case of returning status 0x800B as above

1. Application open with optiga_util_open_application function
2. Shield Connection;
   Get Shared Secret with optiga_crypt_random function.
   Shared Secret writing with optiga_util_write_data function.
   The interface is not locked by the optiga_util_write_metadata function.
3. Get a 256-byte random number with the optiga_crypt_random function. At that time, status 0x0000 is returned.
4. Get a 256-byte random number with the optiga_crypt_random function. At that time, status 0x0000 is returned.
5. Application CLOSE with optiga_util_close_application function At that time, status 0x0000 is returned.

• Case of returning status 0x0000

1. Application open with optiga_util_open_application function
2. Shield Connection;
   Get Shared Secret with optiga_crypt_random function.
   Shared Secret writing with optiga_util_write_data function.
   The interface is not locked by the optiga_util_write_metadata function.
3. Close the application with the optiga_util_close_application function. At that time, it returns status 0x800B.
4. Close the application with the optiga_util_close_application function. At that time, it returns status 0x800B.
5. Close the application with the optiga_util_close_application function. At that time, status 0x0000 is returned.

There is a few seconds between each step. (Command transfer from Host terminal)
OPTIGA_COMMS_FULL_PROTECTION is set for OPTIGA_UTIL_SET_COMMS_PROTECTION_LEVEL at random number acquisition and application closing.
As a supplement, there is no requirement to open / close the application in real time, so open the application with Power ON and do not close the application until Power OFF.

I am using Optiga Trust M for IoT application and really new to this ASN.1 encoding. Is there any API which can be used to convert obtained r,s component from the chip to ASN.1 encoding? I could not find such API in TRM and Wiki.

Hi expert,

Files related to shield connection are in the following path.
\OPTIGA_Trust_M_V1_1.30.885\examples\optiga\usecases\example_pair_host_and_optiga_using_pre_shared_secret.c

Should I implement this file unchanged if I want to enable shield connection?

For example, if object metadata is read by “3. Read Platform Binding Shared secret (0xE140) data object metadata from OPTIGA using optiga_util_read_metadata.”(comment 3) and LcsO is LcsO ≧ LCSO_STATE_OPERATIONAL(comment 4), the random number generation in comment 5 and the random number writing to the platform binding secret object in comment 7 were not executed.

Is this correct behavior?

When this code is executed after startup (cold reset) and the Platform Binding Secret object metadata metadata is "LcsO ≥ LCSO_STATE_OPERATIONAL", the random number used in Sheild Connection is reset and the RAM has been erased by reset.

Does Shiled Connection work properly in that state?
I do not know the normal operation, so please let me know.

Hello,

I am trying to port trust M v3 on STM32.
For first attempt I am using bare metal architecture (without OS).

I followed the porting guide to implement the PAL : https://github.com/Infineon/optiga-trust-m/wiki/Porting-Guide
and I take a look to the old issue on the same topic : #10 (@darsh_patel)

I am testing optiga_communication() example to read the I2C state. (So far I write 0x82 and I read only 00 00 00 00)
I am facing issue on the receiver function error is --> ((upper_layer_callback_t)(p_i2c_context->upper_layer_event_handler)) (p_i2c_context->p_upper_layer_ctx , PAL_I2C_EVENT_ERROR);
Please find the main attached PAL files.

Do you agree that we don't need OS to establish basic communication with the trust M ?
Could you please help me to solve this issue ?

Thank you in advance.

pal_gpio.txt
pal_i2c.txt
pal_ifx_i2c_config.txt
pal_os_event.txt
pal_os_timer.txt

Hello Infineon's expert,
In using Infineon CA, is Infineon CA support OSCP?

Hello,

I'm verifying protected update feature for our use cases. I was able to use it successfully, however when I generate data set for a specific COUID, protected update is rejected with the Error 0x800F: OPTIGA device Invalid Manifest.

I do not know how to approach in troubleshooting this. Can you confirm that 'couid' option is functional, because I did not see it in examples or official documentation, only in help of protected_update_data_set.exe. Am I reading and providing correctly couid content?

Here is an example of what I'm doing.

1. Read COID from the chip
   trustm_data -r 0xe0c2
   ========================================================
   UID [0xE0C2] [Size 0027] :
   CD 16 33 4D 01 00 1C 00 05 00 00 0A 09 1B 5C 00
   15 00 70 00 9A 80 10 10 70 24 40
   ========================================================

2. Generate data set for protected update, here is a partial output of the tool protected_update_data_set.exe
   Tool Version : 3.00.2490
   Info : Default values are set
   Info : User provided inputs
   Payload version : 1
   Trust anchor oid : E0EF
   Target oid : E140
   Co-Processor OID : CD16334D01001C000500000A091B5C00150070009A801010702440
   Signature Algorithm : ES_256
   Private key : my.key
   Type of Payload : metadata
   Shared secret : secret.txt
   Shared secret OID : F1DA
   Label : metadata
   Encryption algorithm : AES-CCM-16-64-128
   Length of seed : 64
   Content Reset : 0
   Meta Data : new-metadata.txt

Info : Setting value for data formatter
Payload version : 1
Trust anchor oid : E0EF
Target oid : E140
Digest algorithm : 29
Co-Processor OID : CD16334D01001C000500000A091B5C00150070009A801010702440
Signature Algorithm : FFFFFFF9
Type of Payload : FFFFFFFE
Length of seed : 40
Label : metadata
Shared secret OID : F1DA
....
Key Derivation Function : FFFEFF48
Content Reset : 0

Best regards,
Dzmitry

Hi *,

In regards to the code footprint listed in Wiki:
https://github.com/Infineon/optiga-trust-m/wiki/Code-Footprint

I am interested in getting to know if "ECC; Protected Update; RND; TLS PRF", which is listed to require 5.2 kB of flash can be further stripped down or is this available as one single package only?

E.g. if I am interested in ECC only, can I leave out the remaining options "Protected Update; RND; TLS PRF"?

To whom it might concern.

We are currently developing the new generation of one of our products and we have selected the Optiga Trust M as our crypto co-processor. Our initial prototype uses the Optiga Trust X but, since for the final model we're switching to the Trust M, we decided to open the issue here.

For the most part we want to use the Optiga Trust X/M to:

• Encrypt/decrypt data as fast as possible using AES128
• Eventually use ECDH to perform a key exchange.

The biggest problem we're facing is that our application processor does not support C as its programming language, but instead uses a scripting language. Because of this, we can't rely on Optiga's own's framework, but rather our own.

We're willing to write the code to support this, but currently we are struggling to have a simple communication going between our application processor and the TrustX in our prototype

For example, just trying to read the 0x82 register fails often, since the TrustX is unresponsive most of the time. We believe that this is probably because of the "Late Acknowledge Algorithm". We are confused with this algorithm since it says that the master should loop "as long as the slave doesn't respond with an ACK". How long can be the "as long as"? If we try to read continuously until the read is successful it can take 20ms sometimes, but, it can also take 1s.

Is there any special timing requirements or configuration we need to set to the chip in order to have a reliable I2C communication?

We wrote to Infineon support and they suggested we open and issue here.

Hi,

We want to use Trust-M in U-Boot for Secure Boot.
We want to get a certificate from Trust-M in Secure Boot.
Please tell me how to install Trust-M driver in U-Boot.

Do you need all or some of the files in this repository?
Is there any sample code or helpful code to use in U-Boot?

We use u-boot-imx.
https://source.codeaurora.org/external/imx/uboot-imx/tree/?h=imx_v2018.03_4.14.98_2.0.0_ga

Hi expert,

The chip contains TRNG. I plan to use only this feature.
If only this feature is used, I would be glad if I could just initialize the interface and TRNG.
Even if you initialize the extra functions, the software may be optimized, but I want to know the minimum functional unit first.

Hi expert,

Please allow me to ask about shared secret based handshake.

Please allow me to ask about "6.3.5 Shared secret based version (xxxx xxx1)" in "Infineon_I2C_Protocol_v2.02.pdf".
I have read this description, the handshake between master and slave looks like only once.

Is it correct?

1.Power On

2. Open the application and execute Shield Connection.
   There is no handshake, because
   OPTIGA_CRYPT_SET_COMMS_PROTECTION_LEVEL == OPTIGA_COMMS_NO_PROTECTION.

3. Get random numbers (first)
   Parameters;
   protection_level == OPTIGA_COMMS_FULL_PROTECTION
   It's a handshake.

Four. Get random numbers (second time)
Parameter: protection_level ==
OPTIGA_COMMS_FULL_PROTECTION
Do not handshake.

Sequence of No.3 and No.4
-Instance creation (optiga_crypt_create)
-Initialize instance protection level with OPTIGA_CRYPT_SET_COMMS_PROTECTION_LEVEL (OPTIGA_COMMS_FULL_PROTECTION)
-Initialize protocol version with OPTIGA_CRYPT_SET_COMMS_PROTOCOL_VERSION
-Get random number (secret) (optiga_crypt_random)

<No.3 log>
optiga_cmd_execute_handler
OPTIGA_CMD_EXEC_PREPARE_COMMAND
optiga_cmd_get_random_handler
Sending get random command ... ________________
[IFX-PRL]: Transceive txlen 6.
[IFX-PRL]: ifx_i2c_prl_event_handler 2.
[IFX-PRL]: PRL_STATE_START protection_level = 0x3 negotiation_state = 0x0
[IFX-PRL]: PRL_STATE_HANDSHAKE
[IFX-PRL]: Do Handshake.
// Handshake occurs
// The negotiation_state of context ifx_i2c_context_t is PRL_NEGOTIATION_NOT_DONE

optiga_crypt_destroy

<No.4 log>
optiga_cmd_execute_handler
OPTIGA_CMD_EXEC_PREPARE_COMMAND
optiga_cmd_get_random_handler
Sending get random command ... ________________
exit_status = 0x0
[IFX-PRL]: Transceive txlen 6.
[IFX-PRL]: ifx_i2c_prl_event_handler 2.
[IFX-PRL]: PRL_STATE_START protection_level = 0x3
negotiation_state = 0x1
[IFX-PRL]: PRL_STATE_TXRX
// No handshake occurs.
// The negotiation_state of context ifx_i2c_context_t is PRL_NEGOTIATION_DONE.

optiga_crypt_destroy

Hello,

We are using Optiga Trust M SLS32AIA chip for one of our project. Problem is that we can not find the chip on any I2C scanner app. We tried to read register values (For example registers: 0x82). We also checked hardware:

• Vin : 3.3V
• SCL/SDA Pins 3.3V in idle state
• RST at 3.3V

We can not figure out what is causing this:

• Can it be chip in sleep mode? In that all we need to do is just keep pinging IC until it replies?
• We are directly trying to read register 0x82, it this approach correct or we need to write 0x82 to address 0x80 to get response?
• If all fails then why chip is not detected on I2C scanner?

According to

the buffer capacity must be passed to pal_os_datastore_read. This is not done here (uninitialized):

Hi,
We are running an application on Linux. This application accesses TrustM when using TLS.
At this time, the value of SecureMonitorCounter (SEC) is counted up.
If you continue to access TrustM, the SEC will be counted up and the response from TrustM will gradually slow down.
As a result, the performance of the application is reduced.

So we have some questions.
We are using SLS32AIA010MS chip, and we have confirmed OPTIGA_Trust_M_Solution_Reference_Manual (Rev3.15).

[Q1]
We would like to change the Security Monitor configuration described in OPTIGA_Trust_M_Solution_Reference_Manual 4.6.3.
However, the metadata for OID = 0xE0C9 looks like this and cannot be changed.
How can we change the Security Monitor configuration?

# trustm_metadata -r 0xE0C9
========================================================
[Size 0019] :
        20 11 C0 01 07 C4 01 08 D0 03 E1 FC 07 D1 01 00
        D3 01 FF
        LcsO:0x07, Max:8, C:LcsO<0x07, R:ALW, E:NEV,
========================================================

The following is reference information.

# trustm_data -r 0xE0C9
========================================================
[Size 0008] :
        32 00 05 01 00 00 00 00
========================================================

# trustm_chipinfo
Read Chip Info [0xE0C2]: Success.
========================================================
CIM Identifier             [bCimIdentifer]: 0xcd
Platform Identifer   [bPlatformIdentifier]: 0x16
Model Identifer         [bModelIdentifier]: 0x33
ID of ROM mask                  [wROMCode]: 0x9401
Chip Type                    [rgbChipType]: 0x00 0x1c 0x00 0x01 0x00 0x00
Batch Number              [rgbBatchNumber]: 0x0a 0x09 0xa4 0x13 0x00 0x0b
X-coordinate              [wChipPositionX]: 0x0042
Y-coordinate              [wChipPositionY]: 0x0078
Firmware Identifier [dwFirmwareIdentifier]: 0x80101071
Build Number                 [rgbESWBuild]: 24 40

Chip software build:
OPTIGA(TM) Trust M rev.3; Firmware Version: 3.00.2440
========================================================

[Q2]
The value of SEC cucurrent keeps increasing.
Even if I waited for a while and then accessed it, the SEC value did not decrease.
The SEC value is decremented over time for the Tmax value in OPTIGA_Trust_M_Solution_Reference_Manual Figure 28-Security Monitor flow diagram.
However, the value of SEC is not decremented. Is this behavior correct?
And, SEC does not return to 0 after rebooting. The SEC value is decrease.

[2021-08-23 09:44:16.581] # trustm_read_status
[2021-08-23 09:44:16.830] ========================================================
[2021-08-23 09:44:16.925] Global Life Cycle Status    [0xE0C0] [Size 0001] : 	07 
[2021-08-23 09:44:16.955] Global Security Status      [0xE0C1] [Size 0001] : 	20 
[2021-08-23 09:44:16.986] UID                         [0xE0C2] [Size 0027] : 
[2021-08-23 09:44:16.989] 	CD 16 33 94 01 00 1C 00 01 00 00 0A 09 A4 13 00 
[2021-08-23 09:44:16.989] 	0B 00 42 00 78 80 10 10 71 24 40 
[2021-08-23 09:44:17.005] Sleep Mode Activation Delay [0xE0C3] [Size 0001] : 	14 
[2021-08-23 09:44:17.022] Current Limitation          [0xE0C4] [Size 0001] : 	06 
[2021-08-23 09:44:17.054] Security Event Counter      [0xE0C5] [Size 0001] : 	13      (*******)
[2021-08-23 09:44:17.099] Max Com Buffer Size         [0xE0C6] [Size 0002] : 	06 15 
[2021-08-23 09:44:17.114] Application Life Cycle Sts  [0xF1C0] [Size 0001] : 	01 
[2021-08-23 09:44:17.145] Application Security Sts    [0xF1C1] [Size 0001] : 	20 
[2021-08-23 09:44:17.173] Application Error Codes     [0xF1C2] [Size 0001] : 	00 
[2021-08-23 09:44:17.173] ========================================================
[2021-08-23 09:45:10.915] 
[2021-08-23 09:45:22.310] 
[2021-08-23 09:45:22.562] ========================================================
[2021-08-23 09:45:22.670] [Size 0019] : 
[2021-08-23 09:45:22.674] 	20 11 C0 01 07 C4 01 08 D0 03 E1 FC 07 D1 01 00 
[2021-08-23 09:45:22.674] 	D3 01 FF 
[2021-08-23 09:45:22.674] 	LcsO:0x07, Max:8, C:LcsO<0x07, R:ALW, E:NEV, 
[2021-08-23 09:45:22.674] 
[2021-08-23 09:45:22.674] ========================================================
[2021-08-23 09:45:22.710] 

1.5h later

[2021-08-23 11:16:12.399] # trustm_read_status
[2021-08-23 11:16:12.647] ========================================================
[2021-08-23 11:16:12.735] Global Life Cycle Status    [0xE0C0] [Size 0001] : 	07 
[2021-08-23 11:16:12.770] Global Security Status      [0xE0C1] [Size 0001] : 	20 
[2021-08-23 11:16:12.806] UID                         [0xE0C2] [Size 0027] : 
[2021-08-23 11:16:12.806] 	CD 16 33 94 01 00 1C 00 01 00 00 0A 09 A4 13 00 
[2021-08-23 11:16:12.806] 	0B 00 42 00 78 80 10 10 71 24 40 
[2021-08-23 11:16:12.825] Sleep Mode Activation Delay [0xE0C3] [Size 0001] : 	14 
[2021-08-23 11:16:12.841] Current Limitation          [0xE0C4] [Size 0001] : 	06 
[2021-08-23 11:16:12.874] Security Event Counter      [0xE0C5] [Size 0001] : 	15       (*******) The value is not decrease.
[2021-08-23 11:16:12.922] Max Com Buffer Size         [0xE0C6] [Size 0002] : 	06 15 
[2021-08-23 11:16:12.941] Application Life Cycle Sts  [0xF1C0] [Size 0001] : 	01 
[2021-08-23 11:16:12.977] Application Security Sts    [0xF1C1] [Size 0001] : 	20 
[2021-08-23 11:16:13.005] Application Error Codes     [0xF1C2] [Size 0001] : 	00 
[2021-08-23 11:16:13.005] ========================================================


PowerOFF
PowerOn

[2021-08-23 11:23:52.719] # trustm_read_status
[2021-08-23 11:23:53.015] ========================================================
[2021-08-23 11:23:53.259] Global Life Cycle Status    [0xE0C0] [Size 0001] : 	07 
[2021-08-23 11:23:53.321] Global Security Status      [0xE0C1] [Size 0001] : 	20 
[2021-08-23 11:23:53.396] UID                         [0xE0C2] [Size 0027] : 
[2021-08-23 11:23:53.397] 	CD 16 33 94 01 00 1C 00 01 00 00 0A 09 A4 13 00 
[2021-08-23 11:23:53.397] 	0B 00 42 00 78 80 10 10 71 24 40 
[2021-08-23 11:23:53.439] Sleep Mode Activation Delay [0xE0C3] [Size 0001] : 	14 
[2021-08-23 11:23:53.481] Current Limitation          [0xE0C4] [Size 0001] : 	06 
[2021-08-23 11:23:53.548] Security Event Counter      [0xE0C5] [Size 0001] : 	0E        (*******) After restart, but the value is not 0.
[2021-08-23 11:23:53.624] Max Com Buffer Size         [0xE0C6] [Size 0002] : 	06 15 
[2021-08-23 11:23:53.671] Application Life Cycle Sts  [0xF1C0] [Size 0001] : 	01 
[2021-08-23 11:23:53.738] Application Security Sts    [0xF1C1] [Size 0001] : 	20 
[2021-08-23 11:23:53.805] Application Error Codes     [0xF1C2] [Size 0001] : 	00 
[2021-08-23 11:23:53.805] ========================================================


PowerOFF
1min wait
PowerOn

[2021-08-23 11:37:09.685] # trustm_read_status 
[2021-08-23 11:37:09.942] ========================================================
[2021-08-23 11:37:10.099] Global Life Cycle Status    [0xE0C0] [Size 0001] : 	07 
[2021-08-23 11:37:10.142] Global Security Status      [0xE0C1] [Size 0001] : 	20 
[2021-08-23 11:37:10.191] UID                         [0xE0C2] [Size 0027] : 
[2021-08-23 11:37:10.193] 	CD 16 33 94 01 00 1C 00 01 00 00 0A 09 A4 13 00 
[2021-08-23 11:37:10.193] 	0B 00 42 00 78 80 10 10 71 24 40 
[2021-08-23 11:37:10.223] Sleep Mode Activation Delay [0xE0C3] [Size 0001] : 	14 
[2021-08-23 11:37:10.260] Current Limitation          [0xE0C4] [Size 0001] : 	06 
[2021-08-23 11:37:10.304] Security Event Counter      [0xE0C5] [Size 0001] : 	03       (*******) After restart, but the value is not 0.
[2021-08-23 11:37:10.367] Max Com Buffer Size         [0xE0C6] [Size 0002] : 	06 15 
[2021-08-23 11:37:10.406] Application Life Cycle Sts  [0xF1C0] [Size 0001] : 	01 
[2021-08-23 11:37:10.449] Application Security Sts    [0xF1C1] [Size 0001] : 	20 
[2021-08-23 11:37:10.498] Application Error Codes     [0xF1C2] [Size 0001] : 	00 
[2021-08-23 11:37:10.498] ========================================================

[Q3]
The SEC value does not count up from 0xF7.
After communicating with TrustM for a while, the SEC value will no longer count up from 0xF7.
OPTIGA_Trust_M_Solution_Reference_Manual 4.6.4 states that the maximum value of SEC is 255, but it does not reach that level.

[2021-08-23 12:42:11.639] # trustm_read_status 
[2021-08-23 12:42:11.886] ========================================================
[2021-08-23 12:42:16.703] Global Life Cycle Status    [0xE0C0] [Size 0001] : 	07 
[2021-08-23 12:42:16.733] Global Security Status      [0xE0C1] [Size 0001] : 	20 
[2021-08-23 12:42:16.763] UID                         [0xE0C2] [Size 0027] : 
[2021-08-23 12:42:16.765] 	CD 16 33 94 01 00 1C 00 01 00 00 0A 09 A4 13 00 
[2021-08-23 12:42:16.765] 	0B 00 42 00 78 80 10 10 71 24 40 
[2021-08-23 12:42:16.782] Sleep Mode Activation Delay [0xE0C3] [Size 0001] : 	14 
[2021-08-23 12:42:16.798] Current Limitation          [0xE0C4] [Size 0001] : 	06 
[2021-08-23 12:42:16.834] Security Event Counter      [0xE0C5] [Size 0001] : 	F7      (*******)
[2021-08-23 12:42:16.880] Max Com Buffer Size         [0xE0C6] [Size 0002] : 	06 15 
[2021-08-23 12:42:16.896] Application Life Cycle Sts  [0xF1C0] [Size 0001] : 	01 
[2021-08-23 12:42:16.943] Application Security Sts    [0xF1C1] [Size 0001] : 	20 
[2021-08-23 12:42:16.968] Application Error Codes     [0xF1C2] [Size 0001] : 	00 
[2021-08-23 12:42:16.968] ========================================================
[2021-08-23 12:42:20.319] # trustm_read_status 
[2021-08-23 12:42:20.574] ========================================================
[2021-08-23 12:42:25.385] Global Life Cycle Status    [0xE0C0] [Size 0001] : 	07 
[2021-08-23 12:42:25.412] Global Security Status      [0xE0C1] [Size 0001] : 	20 
[2021-08-23 12:42:25.449] UID                         [0xE0C2] [Size 0027] : 
[2021-08-23 12:42:25.452] 	CD 16 33 94 01 00 1C 00 01 00 00 0A 09 A4 13 00 
[2021-08-23 12:42:25.452] 	0B 00 42 00 78 80 10 10 71 24 40 
[2021-08-23 12:42:25.463] Sleep Mode Activation Delay [0xE0C3] [Size 0001] : 	14 
[2021-08-23 12:42:25.479] Current Limitation          [0xE0C4] [Size 0001] : 	06 
[2021-08-23 12:42:25.515] Security Event Counter      [0xE0C5] [Size 0001] : 	F7      (*******) The value is not increase.
[2021-08-23 12:42:25.559] Max Com Buffer Size         [0xE0C6] [Size 0002] : 	06 15 
[2021-08-23 12:42:25.574] Application Life Cycle Sts  [0xF1C0] [Size 0001] : 	01 
[2021-08-23 12:42:25.623] Application Security Sts    [0xF1C1] [Size 0001] : 	20 
[2021-08-23 12:42:25.650] Application Error Codes     [0xF1C2] [Size 0001] : 	00 
[2021-08-23 12:42:25.650] ========================================================

Hi Sir,

We want to use Trust M in Android 10 for IoT gateway application.
Does Infineon offer Trust M driver and example code for Android?
if no, please assist me how to do.

Thanks.

Hi,

The chip is able to generate RSA key pairs and it is possible to export the private and the public key. Would it be also possible to extract only the public key from an already generated private key, which is stored in a key slot of the Optiga?

Best regards

Hi all,

Linux is not compiling with latest revision where some ordre in a enum has been changed in definition and not in linux.

Could you fix it ?

/home/jp/mbedtls-2.28/trustm/optiga-trust-m/pal/linux/target/ultra96/pal_ifx_i2c_config.c:44:1: warning: missing initializer for field ‘upper_layer_event_handler’ of ‘pal_linux_t’ {aka ‘struct pal_linux’} [-Wmissing-field-initializers]
pal_linux_t linux_events = {"/dev/i2c-1", 0};
^~~~~~~~~~~
In file included from /home/jp/mbedtls-2.28/trustm/optiga-trust-m/pal/linux/target/ultra96/pal_ifx_i2c_config.c:42:
/home/jp/mbedtls-2.28/trustm/optiga-trust-m/pal/linux/pal_linux.h:57:12: note: ‘upper_layer_event_handler’ declared here
void * upper_layer_event_handler;
^~~~~~~~~~~~~~~~~~~~~~~~~
/home/jp/mbedtls-2.28/trustm/optiga-trust-m/pal/linux/target/ultra96/pal_ifx_i2c_config.c:58:5: error: initialization of ‘void *’ from ‘int’ makes pointer from integer without a cast [-Werror=int-conversion]
0x30,
^~~~
/home/jp/mbedtls-2.28/trustm/optiga-trust-m/pal/linux/target/ultra96/pal_ifx_i2c_config.c:58:5: note: (near initialization for ‘optiga_pal_i2c_context_0.p_upper_layer_ctx’)
/home/jp/mbedtls-2.28/trustm/optiga-trust-m/pal/linux/target/ultra96/pal_ifx_i2c_config.c:62:5: error: initialization of ‘unsigned char’ from ‘void *’ makes integer from pointer without a cast [-Werror=int-conversion]
NULL
^~~~
/home/jp/mbedtls-2.28/trustm/optiga-trust-m/pal/linux/target/ultra96/pal_ifx_i2c_config.c:62:5: note: (near initialization for ‘optiga_pal_i2c_context_0.slave_address’)
cc1: all warnings being treated as errors
make[2]: *** [library/hw/trustm/CMakeFiles/trustm.dir/build.make:297: library/hw/trustm/CMakeFiles/trustm.dir///__/trustm/optiga-trust-m/pal/linux/target/ultra96/pal_ifx_i2c_config.c.o] Error 1
make[1]: *** [CMakeFiles/Makefile2:465: library/hw/trustm/CMakeFiles/trustm.dir/all] Error 2
make: *** [Makefile:141: all] Error 2

Best regards
JP Fassino

Is it possibleto get a random number in a specified range?
For example a number between 1-6.

Good morning,
I'm working in a project with SLS32AIA cryptochip module and I'm integrating "Open Source Host Code for OPTIGA™ Trust M libraries" into my ESP32 source.
I'm started from the example attached to the library but I have some troubles:

1. Calling the "optiga_util_create" initialization function cause an ESP32 hard fail (guru meditation error), to avoid it I need to comment row 212 from pal_os_event.c.

2. Solved this first one I call "optiga_util_open_application" function and wait for an initialization, but the related callback is never called. Both I2C lines remains in idle.

I've already checked that the SLS32AIA is working properly, writing to that directly from ESP32 ecosystem.

Maybe could you support me?

Best regards,
Stefano

Hi,

If multiple concurrently running applications (on Linux for instance) use this application, do the applications need to implement any sort of mutual exclusion or does the library handle this? If it needs to be implemented in the application, what granularity does it need to be implemented in (especially given that the library works asynchronously)?

Ok, now works. I've checked immediately after call intead of wait for callback... :-D

Now I have two keys (public and private) but doesn't match. I suppose I'm using wrong part of public key. Which is the format of public key after the generation?

For example private key is: TAG[2] + KEY[32]

Originally posted by @stefanomologni in #43 (comment)

Question/Issue:
The close application API once executed, will set the HW reset pin to LOW. For applications that are using HW reset pin, after perform some crypto operation(SEC counter > 0), will make the SEC counter not reducing after IDLE > tmax as the RESET pin is held low.
@pwiegele
@ayushev

Discussed in #60

Question/Issue:

We want to use optiga_crypt_ecdh with a non-volatile key of the chip.

I see the following, using a OPTIGA_ECC_CURVE_NIST_P_256 public key:

• optiga_crypt_ecdh on OPTIGA_KEY_ID_E0F0 -> error 0x8024
• optiga_crypt_ecdh on OPTIGA_KEY_ID_E0F1, OPTIGA_KEY_ID_E0F2, OPTIGA_KEY_ID_E0F3 - -> error 0x800B

My guess is OPTIGA_KEY_ID_E0F0 does not have OPTIGA_KEY_USAGE_KEY_AGREEMENT usage set. And possibly that the other keys are not of type. NIST P-256.

Could you confirm our guess?
Is there a way/workaround to do ECDH with a nonvolatile P-256 keys?

Context

For reference, examples/optiga/example_optiga_crypt_ecdh.c works well.
We are using the SLS32AIA010MK chip.

Where did you expect to find the answer?

I was expecting to either find:

• a function to dump the current type / usage of a key ID
• a documentation of the pre-preprogrammed keys
  I was looking for this information in OPTIGA_Trust_M_Solution_Reference_Manual_v3.15.pdf .

Thanks!

Prerequisites

Can you reproduce the problem reliably?

Yes

Did you check current release notes for known issues?

Yes

Description:

Optiga queue scheduler stops running after a 10 minute benchmark.

Steps to Reproduce:

1. Event task running with priority 4

2. Main task running with priority 3

3. Timer that triggers event runs with its own peripheral and IRQ and wakes event task with xSemaphoreGiveFromISR

4. Run a benchmark code with continuous signature and verify

Additional info:
Shielded connection is currently disabled.

Actual Result:

When we call for example optiga_crypt_ecc_generate_keypair it calls optiga_cmd_execute with state OPTIGA_CMD_EXEC_PREPARE_COMMAND and substate OPTIGA_CMD_EXEC_REQUEST_LOCK.

            case OPTIGA_CMD_EXEC_REQUEST_LOCK:
            case OPTIGA_CMD_EXEC_REQUEST_SESSION:
            {
                *exit_loop = TRUE;
                if (me->cmd_sub_execution_state == OPTIGA_CMD_EXEC_REQUEST_SESSION)
                {
                    me->exit_status = optiga_cmd_request_session(me);
                }
                else
                {
                    me->exit_status = optiga_cmd_request_lock(me, OPTIGA_CMD_QUEUE_REQUEST_LOCK);
                }
                if (OPTIGA_LIB_SUCCESS != me->exit_status)
                {
                    EXIT_STATE_WITH_ERROR(me,*exit_loop);
                    break;
                }

                me->cmd_sub_execution_state = OPTIGA_CMD_EXEC_PREPARE_APDU;
                break;
            }

After 'optiga_cmd_request_lock' the queue scheduler may be triggered, thus processing the next phase while OPTIGA_CMD_EXEC_PREPARE_APDU hasn't been set yet.
I found this condition while logging each phase and subphase.
I saw that in normal condition a subphase OPTIGA_CMD_EXEC_REQUEST_LOCK is followed by OPTIGA_CMD_EXEC_PREPARE_APDU, but when the library gets stuck i see two consecutive OPTIGA_CMD_EXEC_REQUEST_LOCK.
By wrapping each optiga_crypt function with enter/exit critical the benchmark nevers stops.

Shouldn't each api be wrapped with a mutex since both the event task and an application task may call optiga_cmd_execute?
Or is it wrong that i see the queue scheduler always running (even if i'm not encrypting anything)?

Frequency (1/1, 1/50, 1/100):

1/1

Build/Commit:

optiga-trust-m-release-v3.1.2

Target:

STM32F7

Windows

Compiler:

IAR 8.32

Environment

FreeRTOS

Hi,

I have a question regarding locking down access to data objects: I understand from the solution reference manual that access to the actual object can be restricted by setting change/read/execute AC together with LcsO. However, I don't understand what prevents a future metadata update? Couldn't I just undo the restricting AC?

Do you have a guide on which objects should have their life cycle states set to "op" before devices with Trust M leave the factory?

Hi,

for the nrf5x PAL I need to set a lower level for the DL_MAX_FRAME_SIZE defined in ifx_i2c_config.h:69, because the hardware doesn't support transfer sizes this large.
However, the macro doesn't seem to have any effect on the number of bytes in one I2C transfer.

I verified this by looking for the error message produced here.

For debugging, I think this should also be reproducable on other platforms by adding the same check inside their PAL and setting DL_MAX_FRAME_SIZE=250 for example.

Hi

We are following the porting steps as mentioned

https://github.com/Infineon/optiga-trust-m/wiki/Porting-Guide

I2C communication verified using "test_optiga_communication()" example, and its working fine.

Please find the modified attached pal_os_event.c and pal_os_timer.c
pal_os_event.txt
pal_os_timer.txt

We are facing issue with below mentioned call,

while (OPTIGA_LIB_BUSY == optiga_lib_status)
{
//Wait until the optiga_util_read_data operation is completed
}

Thanks,
Darshak

Good evening,
I am not sure if it is the right place to ask this but:
I try to communicate with the chip on Shield2Go M using Atmega16(it is the master). The program is written in c.
I just try to address it using the standart address 0x30 (I also tried every single address from 0 to (255&0b11111110) but all I get is always NACK.

As for the Dev. Kit I broke it in half and connected it like this: (VCC to VCC, GND to GND, RST to VCC(I wont reset it), SDA to SDA with 10k pull-up and SCL to SCL using 10k pull-up; the SCL frequency is 100kHz)

I witnessed a similiar problem here: https://arduino.stackexchange.com/questions/51785/problem-using-optiga-trust-x-i2c
However, I still cannot find out what the problem is.

Thank you for your time.

Thanks, I got what you answered cleared up and now I got another question. I have gotten both storage of keys, signing of digest, and verification of it to work great using the optiga chip. I however do not wanna rely on the optiga chip for verification of digest. I have therefore tried the inbuilt function of openssl dgst, but I cant get it to work. Do you have any clue what kind of conversion you have to do(if any) of public key, signature and digest from the pure hex format they are given in using the optiga sign function and generate_key function. That is to get them to work with the openssl dgst command. A programmatic approach not relying on the optiga chip is also very welcome if you have any. THe way I understand it the public key is encoded in ASN.1 format, and the signature is encoded in just pure HEX-format?

Originally posted by @KjetilSekse in #70 (comment)

Dear all,
I'm trying to generate a new ECC keypair into OPTIGA chip. The code snippet is:

    _optiga_key_id = OPTIGA_KEY_ID_E0F0;
    
    return_status = optiga_crypt_ecc_generate_keypair(me,
                                                              OPTIGA_ECC_CURVE_NIST_P_384,
                                                              (uint8_t)OPTIGA_KEY_USAGE_SIGN,
                                                              FALSE,
                                                              &optiga_key_id,
    														  pub_key,
                                                              pub_key_size);_

This returns error 0x8007, but if I change position with optiga_key_id = OPTIGA_KEY_ID_E0F1; than works fine. Why?

Best regards,
Stefano

Hello,

We’re running the Infineon Trust M attached to an i.MX6 running Linux 4.9.11 built with GCC version 7.3.0

We’re using yocto to build all the software and the recipe is :

CFLAGS_prepend = "-I${STAGING_INCDIR} -fPIC"

do_compile () {
oe_runmake -C ${WORKDIR}/git workaround_patch

 oe_runmake -C ${WORKDIR}/git 'CC=${CC}'

}

Now we’re seeing that to make the code work correctly we need to change:

optiga_lib_status needs to be a volatile

which implies our compiler options don’t match what you’ve used in testing on the Raspberry PI.

Could you elaborate on what compiler options are used for the RPI3 or if the change is better [also any other changes ?] File details below of the changes.

--- git/trustm_helper/include/trustm_helper.h-old 2021-02-09 09:40:30.861357292 +0000
+++ git/trustm_helper/include/trustm_helper.h 2021-02-09 08:46:49.029489413 +0000
@@ -113,7 +113,7 @@
// *********** Extern
extern optiga_util_t * me_util;
extern optiga_crypt_t * me_crypt;
-extern optiga_lib_status_t optiga_lib_status;
+extern volatile optiga_lib_status_t optiga_lib_status;
extern uint16_t trustm_open_flag;
extern uint8_t trustm_hibernate_flag;

only in patch2:
unchanged:
--- git/trustm_helper/trustm_helper.c-old 2021-02-09 09:39:35.737359553 +0000
+++ git/trustm_helper/trustm_helper.c 2021-02-09 08:47:15.297488336 +0000
@@ -48,7 +48,7 @@
*************************************************************************/
optiga_util_t * me_util;
optiga_crypt_t * me_crypt;
-optiga_lib_status_t optiga_lib_status;
+volatile optiga_lib_status_t optiga_lib_status;
uint16_t trustm_open_flag = 0;
uint8_t trustm_hibernate_flag = 0;

Hello, It says in the reference manual that Public key certificate 1 (0xE0E0) which is issued by infineon usually can be reused to provision customer specific certificate. I however am not able to change the metadata of the object to be able to write to it. The metadata I have used can be seen below. Do you have any suggestions to change the metadata, or how do I go forward if I want to override the data in the object with a self chosen public key/certificate?

const uint8_t metadata_customer_certificate[]= {0x20, 0x0B, // Length of metadata excluding this line in elements (0x09)
0xc0, 0x01, 0x01, // State of the register is creation
0xE1 , 0x01, 0x30, // set key container access as read in creation and init
0xD0, 0x01, 0x00, // Always allow to change this register: WRITE = ALW
0xD1, 0x01, 0x00, // Always allow to read from this register: READ = ALW
};

Hi,

Is there any API available to verify the certificate?

For a time being I want to verify the certificate present in "0xE0E0" with test CA provided by Infineon if this verifies successfully then in future I want to add and verify my device certificate sing with my intermediate CA.

Regards,
Arjun

Basically, this code seemed to call the handler with the scheduler from the OS event to access the device, and call the callback function after accessing the device data. Since we only use random numbers, we want to create a device that directly obtains random numbers. Is there a feasible method at the Physical Abstract Layer level?

Hi expert,

I'm reading solution reference manual of trust m but I can't understand clarify one contents. it's "Manifest data". What does Manifest data? How does Manifest data use to?

I am exporting the generated public key like below. But this can not be converted to pem format. Any idea?

Generate Key Pair RSA 1024. Store Private Key on Board ...
[OK] | Command executed in 799 ms
Public Key Length: 144
Public Key :
0x000000: 03 81 8d 00 30 81 89 02 81 81 00 9d df 7c 3f a3 ....0........|?.
0x000010: 34 28 5e 2d be de 05 f6 7e c7 8a ab c8 47 c2 8f 4(^-........G..
0x000020: 14 85 c5 30 59 59 28 8a 3c 7a 1c f3 67 5f 44 dc ...0YY(.<z..g_D.
0x000030: f6 1b c7 4e 7e c7 f2 5a e3 f4 19 51 ca 31 d0 b8 ...N..Z...Q.1..
0x000040: a7 6e 7f a7 82 f1 5b 48 dc ab 04 b1 23 96 7b c7 .n....[H....#.{.
0x000050: ad 2b 24 e7 e6 aa 83 61 14 04 4a 82 4f 32 3f 61 .+$....a..J.O2?a
0x000060: 3e c6 6e fc e2 03 db ae 07 95 82 b1 01 ae ef 19 >.n.............
0x000070: 3f 8e cf 25 07 f0 b3 d6 08 05 ea 38 be 33 74 6a ?..%.......8.3tj
0x000080: 3a 54 78 68 b2 d9 47 67 1d f2 a1 02 03 01 00 01 :Txh..Gg........

Hi @ayushev. Can you please tell me if there is an official PAL in works for nRF5x SoCs?

As a part of oproduct launch, we're putting our products through UL testing, which requires us to submit BOM and Layout to UL for evaluation.

Our products have a long lifecycle(5-8 years) and I'd like to put Trust M V3 in our design. However, I can't seem to find a reseller for V3.

May I know who should I approach to buy Trust M V3?

Hi,

I have questions around the pal_os_event API. I'm seeing a bunch of race conditions and segmentation faults when opening and closing the util application more than once in the lifetime of a process. This, however, is required when multiple processes need to access the secure element hardware.

I traced my problems down to a use-after-free bug. The cmd module initializes a pal_os_event instance:

How am I expected to use this library if I need to open and close the application multiple times in the lifetime of the same process?

I'm suspecting that these issues lead to the inclusion of the various "workarounds" in cli-optiga-trust-m:
https://github.com/Infineon/cli-optiga-trust-m/blob/febc10e2ce619b9d21aaea3ef1d689439b4fff37/trustm_engine/trustm_engine_common.h#L44-L56
Those are not documented and commit messages à la "Fix some bug." (Infineon/linux-optiga-trust-m@42a102b) are not really helpful.

Hi,
I have used trust-m HSM for AWS freeRTOS to a new platform I referred freertos programming guide and porting guide of trust-m to do that.

Now my issue is, I m facing certificate parsing error in mbedtls_x509_crt_parse() function call while performing TLS_Connect() in iot_tls.c file , Mbedtls version string is "mbed TLS 2.16.0" one from optiga source it self.

Further deep debugging found that from mbedtls_asn1_get_tag() function receveing MBEDTLS_ERR_ASN1_OUT_OF_DATA .

I have attached my mbedtls/config.h here for reference and after debugging I enabled MBEDTLS_X509_ALLOW_EXTENSIONS_NON_V3 and MBEDTLS_X509_ALLOW_UNSUPPORTED_CRITICAL_EXTENSION macro but still no luck.

I have created a certificate from the one-click method from AWS console and then used tools/certificate_configuration/CertificateConfigurator.html tool to get freeRTOS supported aws_clientcredential_keys.h file and replace in my code.

Also if I apply Linux parse command with OpenSSL,

openssl x509 -in x.y.z-certificate.pem.crt -text -noout

it's working and showing output as an attached file.

is there anything I m missing here?

Any guidance will be appreciable.
openssl_output.txt
config.txt

Thanks

When open in pal_i2c_init (pal/linux/pal_i2c.c) fails, this error is not handled. Even when handling the error, calling optiga_util_open_application freezes. This is what I changed in order to handle the error:

/usr/src/trustm_lib # git diff -- pal/linux/pal_i2c.c
diff --git a/pal/linux/pal_i2c.c b/pal/linux/pal_i2c.c
index 4d6d5ad..c1c7ba7 100644
--- a/pal/linux/pal_i2c.c
+++ b/pal/linux/pal_i2c.c
@@ -38,6 +38,7 @@
 #include <fcntl.h>
 #include <sys/ioctl.h>
 #include <unistd.h>
+#include <errno.h>
 
 #include "optiga/pal/pal_i2c.h"
 #include "pal_linux.h"
@@ -153,33 +154,47 @@ void i2c_master_arbitration_lost_callback(void)
 
 pal_status_t pal_i2c_init(const pal_i2c_t* p_i2c_context)
 {
-       int32_t ret = PAL_I2C_EVENT_ERROR;
-       pal_linux_t *pal_linux;
+       pal_status_t status = PAL_STATUS_FAILURE;
+       pal_linux_t *pal_linux = (pal_linux_t *) p_i2c_context->p_i2c_hw_config;
+    LOG_HAL("pal_i2c_init\n");
        do
        {
-               pal_linux = (pal_linux_t*) p_i2c_context->p_i2c_hw_config;
                pal_linux->i2c_handle = open(pal_linux->i2c_if, O_RDWR);
-               LOG_HAL("IFX OPTIGA TRUST X Logs \n");
-
+        if (pal_linux->i2c_handle == -1)
+        {
+                       LOG_HAL("open returned an error = %d (%s)\n", errno, strerror(errno));
+            break;
+        }
+
                // Assign the slave address
-               ret = ioctl(pal_linux->i2c_handle, I2C_SLAVE, p_i2c_context->slave_address);
-               if(PAL_STATUS_SUCCESS != ret)
+               int ret = ioctl(pal_linux->i2c_handle, I2C_SLAVE, p_i2c_context->slave_address);
+               if (ret == -1)
                {
-                       LOG_HAL((uint32_t)pal_linux->i2c_handle, "ioctl returned an error = ", ret);
+                       LOG_HAL("ioctl returned an error = %d (%s)\n", errno, strerror(errno));
                        break;
                }
-
-               //start_transceive_thread();
-       }while(0);
-    return ret;
+
+               status = PAL_STATUS_SUCCESS;
+       } while(0);
+    return status;
 }
 
 
 pal_status_t pal_i2c_deinit(const pal_i2c_t* p_i2c_context)
 {
-       LOG_HAL("pal_i2c_deinit\n. ");
-
-    return PAL_STATUS_SUCCESS;
+    pal_status_t status = PAL_STATUS_SUCCESS;
+    pal_linux_t *pal_linux = (pal_linux_t *) p_i2c_context->p_i2c_hw_config;
+       LOG_HAL("pal_i2c_deinit\n");
+       if (pal_linux->i2c_handle >= 0)
+    {
+        int ret = close(pal_linux->i2c_handle);
+        if (ret == -1)
+        {
+                       LOG_HAL("close returned an error = %d (%s)\n", errno, strerror(errno));
+            status = PAL_STATUS_FAILURE;
+        }
+    }
+    return status;
 }

At every startup certificates located in OPTIGA overwritten by certificate defined in code. It's ok, but memory in OPTIGA alow only 100cycles of write (https://github.com/Infineon/optiga-trust-m/blob/master/documents/OPTIGA_Trust_M_V1_Solution_Reference_Manual_v1.13.pdf Page 113).

Hello,
looks like I fixed it. The frame umber was missing in FCTR. I have another question though:

Should I close an application after every command?
Or which sequence is correct:

a) OpenApplication->GenKeyPair->CloseAppl->OpenAppl->EncryptAsym->CloseAppl
b) OpenAppl->GenKeyPair->EncryptAsym->CloseAppl

Regards

Originally posted by @INfinnnnn in #41 (comment)

Hi,
we are currently trying to implement a DTLS implementation for the Optiga Trust M. For this we would need a key pair for the server (OpenSSL). We would like to create this with the test CA, but we don't have the private key. Is there a way to get it? At Optiga Trust X it was included in the "Starter pack".
Kind regards,
Rouven

Hi,
I'm trying to use optiga_crypt_ecc_generate_keypair function in order to generate keys. For public key no problem, but I need to export also private key to test it, but I can't.

I set export_private_key as TRUE, but in public_key buffer the function export only public key. Where I'm wrong?

Thanks,
Stefano

Is your feature request related to a problem?

Nope, just that the GPIO sysfs support has been deprecated since kernel version 4.8

Describe the solution you'd like

use libgpiod instead

Additional context

implementation draft:
awidegreen@e841742

I noticed the following lint line, which shall ignore unused variables

//lint --e{715} suppress "The unused p_i2c_context variable is kept for future enhancements"
_STATIC_H void pal_i2c_release(const void * p_i2c_context)
{

However, if you compile your application with an GCC compiler using -Werror (warnings as errors), which you do in some RTOSs by default, you will get compiler errors again.
So you will end up with (void) my_unused_variable anyways. I'm not familiar with your lint'ing system, but I can imagine it could eat (void) p_i2c_context and you could avoid the error poping up at two places :)

Hi. I am currently using the optiga chip as a security chip on a PCB-board for a big project. I have been reading through the libraries and documentation, but I dont find anywhere an explanation of metadata and what the different numbers indicate there but some through several examples. How do you for example set read/write access through writing metadata to an object etc? Also when I am trying to read from register 0xE0E0 after saving a generated ECC-key there I get no result and the error code: 0x0107 which means there was a presentation layer handshake error. I also get this exact same error when I use the example code from your github "example_read_data_from_optiga" with all relevant code through linking as well. Any ideas to what the cause of this error could be would be greatly appreciated. The error as written in the terminal can be seen below. Also a link to explanation of metadata for the optiga chip would be awesome (if it exists). Thanks in advance