nRF5 SDK v14.1.0
Infineon OPTIGA Trust E Authentication Example

The Infineon OPTIGA Trust E Authentication Application is an example that demonstrates strong cryptographic authentication using an Infineon OPTIGA Trust E hardware security module.

Please visit OPTIGA Trust E product website for more information about the Infineon OPTIGA Trust E.

Note
This example application verifies the digital signature on the nRF52. In a productive system, it depends on the system's security requirements and the system's security architecture, among other factors, which controller is the verifying party (e.g., a remote server, a cloud service or a smartphone).

The example application uses the following two Infineon libraries:

The example application conducts the following steps, utilizing the Infineon OPTIGA Trust E command library:

  1. Initialize the Infineon OPTIGA Trust E hardware module using optiga_open_application().
  2. Retrieve 16 bytes of cryptographic-quality random numbers from the Infineon OPTIGA Trust E using optiga_get_random().
  3. Sign the previously retrieved random numbers on the Infineon OPTIGA Trust E using optiga_set_auth_scheme() and optiga_sign().
  4. Retrieve the public key certificate from the Infineon OPTIGA Trust E using optiga_read_certificate().

Finally, the signature is verified using the public key from the certificate. The verification is conducted using mbedtls. The result of the verification is indicated with the corresponding NRF_LOG_RAW_INFO statement.

Setup

You can find the source code and the project file of the examples in the following folder: <InstallFolder>\examples\crypto\ifx_optiga_auth

Testing

You can also test the application with the Master Control Panel by performing the following steps:

Note
The application executes the described procedure once and then waits for an external reset.

Test the application by observing the debugging output via SEGGER J-Link RTT Viewer:

  1. Enable the NRF logging module by defining NRF_LOG_ENABLED. Furthermore, define the preferred logging frontend, e.g., NRF_LOG_BACKEND_SERIAL_USES_RTT=1 for the SEGGER J-Link RTT Viewer.
  2. Compile and program the application.
  3. Turn on SEGGER RTT Viewer and observe the output.
  4. Restart the app on the nRF52 to observe the process again.

Alternatively, use a debugger in a supported IDE to step through the example application code in main.c and the library files.

Documentation feedback | Developer Zone | Subscribe | Updated