Genpersonalizationkey – Rainbow Electronics AT88SA100S User Manual

16

AT88SA100S [Preliminary]

8558A–SMEM–03/09

4.4.

GenPersonalizationKey

This command generates a decryption digest that will be used by the subsequent command (LoadSram) to decrypt the
key value that is to be written into the SRAM. This command must be run immediately prior to LoadSram within the
same watchdog cycle.

This command loads a transport key from an internal secure storage location and then uses that key along with an
input seed to generate a decryption digest using SHA-256. Neither the transport key nor the decryption digest can be
read from the chip. Upon completion, an internal bit is set indicating that the decryption digest has been generated and
is ready to use by LoadSram. This bit is cleared (and the digest lost) when the watchdog timer expires, the chip goes to
sleep or the power is cycled.

Table 15.

Input Parameters

Name

Size

Notes

Opcode GenPers

1 0x20

Param1

Zero

1

Must be 0x00

Param2

KeyID

2

Identification number of the personalization key to be loaded

Data Seed 16

Seed for digest generation. The least significant bit of the last
byte is ignored.

Table 16.

Output Parameter

Name

Size

Notes

Success 1

Upon successful execution, a value of 0 will be returned by the AT88SA100S
chip.

The SHA-256 message body used to create the decryption digest which is internally stored in the chip consists of the
following 512 bits:

256 bits

Stored Key[KeyID]

64 bits

All 1’s

127 bits

Input seed

1 bit

‘1’ pad

64 bits

length of message in bits, fixed at 512