 English |
|
|
|
|
|
|
|
| ATAES132_14 Datasheet, PDF (49/171 Pages) ATMEL Corporation – 32K AES Serial EEPROM Specification | |||
| |||
| ◁ |
7.13
KeyCreate Command
The KeyCreate command generates a 16-byte random number, and stores it in either the Key Memory or in the
VolatileKey Register. The newly generated key is then encrypted with the parent key and returned to the Host
along with a MAC.
If Mode bit 0 is 1b, then the target key is in the Key Memory:
ï¬ KeyConfig[ChildKeyID].Child must be 1b.
ï¬ The KeyCreate command KeyID field contains the ChildKeyID.
ï¬ KeyConfig[ChildKeyID].LinkPointer contains the ParentKeyID.
If Mode bit 0 is 0b, then the target key is VolatileKey:
ï¬ KeyConfig[ParentKeyID].Parent must be 1b.
ï¬ The KeyCreate command KeyID field contains the ParentKeyID.
ï¬ The VolUsage field specifies VolatileKey usage restrictions, as defined in Section 4.3, VolatileKey
Configuration.
If KeyConfig[ParentKeyID].AuthKey bit is 1b or the KeyConfig[EKeyID].ChildAuth bit is 1b, then prior
authentication is required using the KeyID stored in KeyConfig[ParentKeyID].LinkPointer.
InMAC and OutMAC are both calculated using the parent key (ParentKeyID). If KeyConfig[ChildKeyID].ChildMac
is 1b, then an InMAC must be provided; otherwise, InMAC will be ignored.
A valid Nonce is required to run the KeyCreate command. If the KeyConfig[ParentKeyID].RandomNonce bit is 1b,
then the Nonce must be random.
If the LockConfig Register is unlocked (0x55), then the random number generator is latched in Test mode, and
the KeyCreate command will generate nonrandom key values. If the LockConfig Register is locked (0x00), then
the RNG generates random numbers and the KeyCreate command functions normally.
The KeyImport command can be used to load a key generated by the KeyCreate command (see Section 7.14,
KeyImport Command).
There is one Random Number Generator (RNG) Seed Register in the EEPROM memory,
which is used by the KeyCreate, Nonce, and Random commands. The RNG Seed
Register is subject to the same Write endurance limitations as the other bytes in the
EEPROM (see Section 9.2, Reliability for the EEPROM specifications). The application
developer must not exceed the Write endurance limit.
ATAES132 [Datasheet]
49
Atmel-8760C-CryptoAuth-ATAES132-Datasheet_102013
|
▷ |
German
Russian
Spanish
Italian
Polish
Chinese
Japanese
Korean
French
Portuguese