Manualshelf

Datasheet

ManualsBrandsMAXIM INTEGRATED ManualsIntegrated Circuits (ICs)4 kBit 256 x 16
11121314151617181920
AN156
19 of 23
Signing Data with SHAIB.C Module Figure 34
The helper method shown in Figure 34 can be broken down into the necessary low-level methods used to
implement signing data. Figure 35 illustrates this process for creating a data signature
Signing Data with Coprocessor with SHA18 Module Figure 35
For the data in the account file byte array to be a valid account file, it must have an inverted, two-byte
CRC16 at the end of the file. More detail on what makes a valid file on the 1-Wire File Structure can be
found in AN114.
Adding Inverted CRC16 to 1-Wire File Figure 36
Writing the account file to the data page of the DS1963S user token is fairly easy. There is a utility
function provided for writing a page of data, the exact function which is used to write the account data to
the coprocessor for signing in the above code block.
3.3 Authenticating the User Token
Authenticating the user token involves a simple challenge-response scheme. First, the coprocessor is used
to generate a 3-byte, pseudo-random challenge. This challenge is then written to the scratchpad of the
user token and the Read Authenticated Page command is issued (see DS1963S data sheet). This returns
the entire contents of the memory page followed by the value of the write cycle counter for the page and
the write cycle counter for the secret location. The scratchpad of the DS1963S user token will contain the
20-byte SHA result of the user’s unique authentication secret, the page number the data was read from,
/* calculate the inverted CRC16 */
setcrc16(user.portnum, user.accountPageNumber);
for (i = 0; i < 30; i++)
crc16 = docrc16(user.portnum,user.accountFile.raw[i]);
crc16 = ~crc16;
/* now the file is ready to be written */
user.accountFile.file.crc16[0] = (uchar)crc16;
user.accountFile.file.crc16
[1] = (uchar)(crc16>>8);
int addr = copr.signPageNumber<<5; // physical address of the page
uchar buffer[32];
/* write the account data to the signing page of the coprocessor */
WriteDataPageSHA18(copr.portnum, copr.signPageNumber, user.accountFile.raw, FALSE);
/* write the signScratchpad to the scratchpad of the coprocessor */
WriteScratchpadSHA18(copr.portnum, addr, signScratchpad, 32, TRUE);
/* sign the data and read the signature*/
SHAFunction18(copr.portnum, SHA_SIGN_DATA_PAGE, addr, TRUE);
ReadScratchpadSHA18(copr.portnum, 0, 0, buffer, TRUE);
/* place the resulting signature in the certificate */
System.arraycopy(user.accountFile.signature, &buffer[8], 20);
/* sign the data with the coprocessor and set the value of certificate signature */
CreateDataSignature(copr, user->accountFile.raw, signScratchpad,
user->accountFile.file.signature, TRUE);