Secure Authenticationのトピックchange read policy for shared secret https://community.nxp.com/t5/Secure-Authentication/change-read-policy-for-shared-secret/m-p/1286207#M505 <P>Hi,</P><P>I am trying to implement the mbedtls_ecdh_compute_shared with the SE050.&nbsp;<BR />You can find the implementation in the attached file. I followed more or less the implementation in ecdh_alt_ax.c, except that I only covered the case for&nbsp;<SPAN>MBEDTLS_ECP_DP_SECP256R1.<BR /></SPAN></P><P><SPAN>Now on the last function call which is&nbsp;</SPAN><SPAN>sss_key_store_get_key i get&nbsp;SM_ERR_ACCESS_DENIED_BASED_ON_POLICY using session-less access.</SPAN></P><P><SPAN>According to the APDU spec (SE050 APDU Specification -&nbsp;3.7.1.4 Table 11) symmetric keys do not have the policy object&nbsp;POLICY_OBJ_ALLOW_READ but the implementation in the plug and trust MW in ecdh_alt_ax.c does read the shared secret anyways. (have not tried to run it though)</SPAN></P><P><SPAN>How can I read the key and write it to the mbedtls context?</SPAN></P><P>Thank you!</P> Tue, 08 Jun 2021 12:49:27 GMT ziml 2021-06-08T12:49:27Z change read policy for shared secret https://community.nxp.com/t5/Secure-Authentication/change-read-policy-for-shared-secret/m-p/1286207#M505 <P>Hi,</P><P>I am trying to implement the mbedtls_ecdh_compute_shared with the SE050.&nbsp;<BR />You can find the implementation in the attached file. I followed more or less the implementation in ecdh_alt_ax.c, except that I only covered the case for&nbsp;<SPAN>MBEDTLS_ECP_DP_SECP256R1.<BR /></SPAN></P><P><SPAN>Now on the last function call which is&nbsp;</SPAN><SPAN>sss_key_store_get_key i get&nbsp;SM_ERR_ACCESS_DENIED_BASED_ON_POLICY using session-less access.</SPAN></P><P><SPAN>According to the APDU spec (SE050 APDU Specification -&nbsp;3.7.1.4 Table 11) symmetric keys do not have the policy object&nbsp;POLICY_OBJ_ALLOW_READ but the implementation in the plug and trust MW in ecdh_alt_ax.c does read the shared secret anyways. (have not tried to run it though)</SPAN></P><P><SPAN>How can I read the key and write it to the mbedtls context?</SPAN></P><P>Thank you!</P> Tue, 08 Jun 2021 12:49:27 GMT https://community.nxp.com/t5/Secure-Authentication/change-read-policy-for-shared-secret/m-p/1286207#M505 ziml 2021-06-08T12:49:27Z