Generate Key
The Generate Key command is used to create cryptographic key pairs within the Cryptnox smart card, ensuring that private keys are generated and stored securely without ever leaving the card. This process is fundamental for various security applications, including SSH authentication and hardware wallet functionalities.
The following code snippet outlines the Python object for this command:
def generate_seed(pin: str) -> bytes:
# Generate new seed on the card
card.generate_seed(pin)
For example, generate_seed administration(“1234”).
Application Protocol Data Unit (APDU) Components
The following table outlines the components of the Application Protocol Data Unit (APDU).
Field | Description | Value |
CLA | This field specifies the class of the instruction. | 0x80 |
INS | This field specifies the particular command or operation that the smart card or secure element should execute. | 0xD4 |
P1 | First parameter of the instruction that specifies the details about the operation being requested. | 0x00 |
P2 | First parameter of the instruction that specifies additional details about the operation being requested. | 0x00 |
Data | Key data | PIN (if no user auth, 9 bytes 0x00 right-padded). Refer to the ‘Data Values’ table below for more conditions around this field. |
📘 Prerequisites
- Secure channel must be open.
- The user PIN must be provided if no the user keys were not authenticated.
Response
The following table outlines the possible responses that you will receive:
Response Code | Description |
0x9000 | Success |
0x63Cx | PIN is not valid. |
0x6986 | A key/seed administration is already loaded. We recommend performing a reset if you receive this response. |
📘 Note
- You cannot erase the current wallet seed key. You can only reset it with the PUK. The Load Key command can be performed only once after a card reset.
- This command validates the pin after a successful loading. You are not required to re-verify the pin during an active session.
- The state of the card after execution is the same as if a Load Key command had been performed. The key source is set to ‘S’ using this command.