Atmel AT88SA10HS [DATASHEET] 14
8595H−CRYPTO−9/2012
6.2 HOST1
Completes the two block SHA-256 digest started by HOST0 and leaves the resulting digest within the internal memory of the
AT88SA10HS. This command returns an error if HOST0 has not been successfully run previously within this Wake cycle.
As a security precaution, this command does not return the digest. A subsequent command is required to compare the
response generated by the client with the one generated by the host.
Table 6-3. Input Parameters
Name Size Notes
Opcode
HOST1 1 0x40
Param1
Mode 1 Controls composition of message, see below for details.
Param2
Zero 2 Must be 0x0000.
Data
OtherInfo 13 Input portion of message to be digested.
Table 6-4. Output Parameters
Name Size Notes
Success 1 Upon successful completion of HOST1, a value of zero will be returned by AT88SA10HS.
The contents of the second block to be digested are listed below.
Note: To simplify this documentation; the bit addresses for OtherInfo are listed in the table below
32-bits OtherInfo[0-31] Opcode, param1 and param2 values sent to AT88SA100S/AT88SA102S.
64-bits Fuse[0-63] If enabled by bit five of the input mode parameter and if Fuse[87] is burned, else forced to
zero.
24-bits OtherInfo[32-55] Status fuse values from ATSA100S/AT88SA102S, or zeros.
8-bits Fuse[88-95] Fuse MfrID, should match between AT88SA10HS and AT88SA100S/AT88SA102S.
32-bits OtherInfo[56-87] Fuse SN from AT88SA100S/AT88SA102S (Fuse[96-127]), or zeros.
16-bits ROM MfrID Should match between AT88SA10HS and AT88SA100S/AT88SA102S.
16-bits OtherInfo[88-103] ROM SN from AT88SA100S/AT88SA102S, or zeros.
These bits are followed by the necessary ‘1’ bit, ‘0’ padding and 64-bit length as specified in the SHA-256 specification.
6.2.1.1 Mode Encoding
Bit five of the mode is used to indicate whether or not the secret fuse bits are to be included in the calculation. The remaining
bits of the mode field are ignored by AT88SA10HS and should be zero.
Table 6-5. Mode Encoding
Bit[5] Fuse Block
0 No fuse values inserted.
1 Insert the values of Fuse[0-63] in the message.
If Fuse[87] has not been burned, then the values of Fuse[0-63] will be replaced by zeros in the above message generation
step as a security measure.