nRF5 SDK v14.0.0
OPTIGA Trust E Authentication Example
This information applies to the nRF52840 SoC only.

The Infineon OPTIGA Trust E Authentication Application is an example that demonstrates strong cryptographic authentication using the Infineon OPTIGA Trust E hardware security module.

For more information about Infineon OPTIGA Trust E, see OPTIGA Trust E product website.

Note
This example application verifies the digital signature on the nRF52. In a productive system, it depends on the system's security requirements and the system's security architecture, among other factors, which controller is the verifying party (e.g., a remote server, a cloud service, or a smartphone).

The application uses two Infineon libraries:

The example application conducts the following steps, utilizing the Infineon OPTIGA Trust E command library:

  1. Initialize the Infineon OPTIGA Trust E hardware module using optiga_open_application().
  1. Retrieve 16 Bytes of cryptographic-quality random numbers from the Infineon OPTIGA Trust E using optiga_get_random().
  1. Sign the previously retrieved random numbers on the Infineon OPTIGA Trust E using optiga_set_auth_scheme() and optiga_sign().
  1. Retrieve the public key certificate from the Infineon OPTIGA Trust E using optiga_read_certificate().

Finally, the signature is verified using the public key from the certificate. The verification is conducted using mbedtls. The result of the verification is indicated with the corresponding NRF_LOG_RAW_INFO statement.

Setup

You can find the source code and the project file of the example in the following folder: <InstallFolder>\examples\crypto\ifx_optiga_auth

Testing

Note
The application executes the described procedure once and then waits for an external reset.

Test the application by observing the debugging output via SEGGER J-Link RTT Viewer:

  1. Enable the NRF logging module by defining NRF_LOG_ENABLED. Furthermore, define the preferred logging frontend, e.g., NRF_LOG_BACKEND_SERIAL_USES_RTT=1 for the SEGGER J-Link RTT Viewer.
  2. Compile and program the application.
  3. Turn on SEGGER RTT Viewer and observe the output.
  4. Restart the app on the nRF52 to observe the process again.

Alternatively, use a debugger in a supported IDE to step through the example application code in main.c and the library files.

Documentation feedback | Developer Zone | Subscribe | Updated