Manualshelf

Datasheet

ManualsBrandsMAXIM INTEGRATED ManualsIntegrated Circuits (ICs)4 kBit 256 x 16
11121314151617181920
AN156
18 of 23
unsigned certificate is when using a DS1961S/DS2432, which requires knowledge of the secret to write to
it. Whether signed or unsigned, the format of the certificate remains the same. Figure 32 illustrates how to
manually format a certificate file as specified in AN151.
Creating a New Certificate Figure 32
The certificate’s signature is produced on the coprocessor using the Sign Data command. The command
has a few variable inputs. The first of which is the data page that is to be signed. In this case, that page is
the actual account file (as constructed in Figure 32), which is written to the signing page of the
scratchpad. The rest of the inputs are all stored on the scratchpad of the coprocessor (referred to as the
coprocessor’s “signing scratchpad”). The first parameter stored on the scratchpad is the value of the write
cycle counter for the part (incremented by 1, since the data that it will be verified with is about to be
written). Next is the page number of the user token’s memory pages that will hold the account file. This is
followed by least significant 56 bits of the user token’s address (64-bit Rom ID minus the CRC8). The
last parameter is the 3-byte constant challenge set when the coprocessor was initialized.
Setting up the Coprocessor’s Scratchpad for Data Signing Figure 33
/* eCertificate, see format in AN151 */
uchar acctData[32];
acctData[0] = 29; // file length
acctData[1] = 0x01; // data type code or algorithm (0x01 dynamic eCash)
memcpy(acctData, copr.initSignature, 20); // Initial Signature
acctData[22] = 0x8B; acctData[23] = 0x48; // Conversion factor (ISO4217)
acctData[24] = 0xE8; acctData[25] = 0x03; acctData[26] = 0; // Account Balance ($10)
acctData[27] = 0; acctData[28] = 0; // TransactionID
acctData[29] = 0x00; // file continuation pointer
acctData[30] = 0x00; accountData[31] = 0x00; // ~CRC16
uchar signScratchpad[32];
int wcc;
/* need to get the value of the write-cycle counter. */
user.writeCycleCounter = ReadAuthPageSHA18(user.portnum, user.accountPageNumber,
user.accountFile.raw, NULL,TRUE);
/* and increment it since we are about to write to the device */
int wcc = user->writeCycleCounter + 1;
/* assign the wcc to the coprocessor’s “signing” scratchpad */
signScratchpad[8] = (wcc&0x0ff);
signScratchpad[9] = ((wcc>>=8)&0x0ff);
signScratchpad[10] = ((wcc>>=8)&0x0ff);
signScratchpad[11] = ((wcc>>=8)&0x0ff);
/* get the page number of the account file and Rom ID of the user token */
signScratchpad[12] = (byte)user.accountPageNumber;
System.arraycopy(owc18.getAddress(),0,signScratchpad, 13, 7);
/* get the signing challenge */
System.arraycopy(signingChlg, 0, signScratchpad, 20, 3);