Signing & Decryption

SIGN

The Sign command enables you to generate digital signatures using Elliptic Curve Digital Signature Algorithm (ECDSA) with the secp256k1 curve.

The following is the Python object for this command:

class SignCommand:
    def __init__(self, 
                 p1: int, 
                 p2: int, 
                 data: bytes, 
                 pin: bytes = None, 
                 derivation_path: bytes = None):
        self.p1 = p1
        self.p2 = p2
        self.data = data
        self.pin = pin
        self.derivation_path = derivation_path

    def to_dict(self):
        return {
            "p1": self.p1,
            "p2": self.p2,
            "data": self.data.hex(),
            "pin": self.pin.hex() if self.pin else None,
            "derivation_path": self.derivation_path.hex() if self.derivation_path else None
        }

For example,
sign_command = SignCommand(
p1=0x01,
p2=0x02,
data=bytes.fromhex(“aabbccddeeff00112233445566778899aabbccddeeff00112233445566778899”),
pin=bytes.fromhex(“31323334353637383900”), # “123456789” padded with 0x00
derivation_path=bytes.fromhex(“8000002c8000003c80000000”)
)
print(sign_command.to_dict())

Application Protocol Data Unit (APDU) Components

The following table outlines the components of the Application Protocol Data Unit (APDU).

Field	Description	Value
CLA	This field specifies the class of the instruction.	0x80
INS	This field specifies the particular command or operation that the smart card or secure element should execute.	0xC0
P1	First parameter of the instruction that specifies the details about the operation being requested.	Key to use and derivation options. See the table below for more information.
P2	First parameter of the instruction that specifies the additional details about the operation being requested.	Signature type (ECDSA, EOSIO canonical, Schnorr). See the table below for more information.
Data	Key data	The hash to sign (32 bytes) Optionally: Path 32-bit integers list (whenP1 LSB = 1) Pin (in case not user auth, or no pinless)

The following table outlines the values for the P1 and P2 fields within the ADPU components

based on some conditions:

Field	Field Value	Description
P1 (Key to use)	0x00	Current key k1
	0x01	Derive with k1 + derive flag for source
	0x10	Current key r1
	0x11	Derive with r1 + derive flag for source
	0x03	Pinless path (k1 only)
P2 (Signature type)	0x00	ECDSA with canonical low S.
	0x01	ECDSA with filter signature to fit EOSIO standard.
	0x02	Bitcoin Schnorr BIP340 signature, only with k1.

Response

The following table outlines the possible responses that you will receive:

Response Code	Description
0x9000	Success
0x6A80	The length of the data is shorter than 32-bytes with current keys. The length of the data is shorter than 36 bytes. The path is not modulo 4 (with derive).
0x6A88	P1 is set to 0x03 but the pinless path is not defined.
0x6985	No key loaded
0x63Cx	Incorrect pin.
0x6700	The data is shorter than expected with the pin.
0x6B00	P1 or P2 is unknown. P2=2 and P1 not k1.
Response data	The response data consists of a public key and signature.