<?xml version="1.0" encoding="UTF-8"?>
<rss xmlns:content="http://purl.org/rss/1.0/modules/content/" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" xmlns:taxo="http://purl.org/rss/1.0/modules/taxonomy/" version="2.0">
  <channel>
    <title>topic Re: call to &amp;quot;GP_Select&amp;quot; and AccessManager in Secure Authentication</title>
    <link>https://community.nxp.com/t5/Secure-Authentication/call-to-quot-GP-Select-quot-and-AccessManager/m-p/1425255#M721</link>
    <description>&lt;P&gt;Hi&amp;nbsp;&lt;a href="https://community.nxp.com/t5/user/viewprofilepage/user-id/59276"&gt;@Kan_Li&lt;/a&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;Ok, I understand, thanks for answer.&lt;/P&gt;&lt;P&gt;I have two offtopic questions:&lt;/P&gt;&lt;P&gt;1. Does SE050 has any procedure to do factory reset? For example when I loose scp keys. Is it possible to reset device and restore factory settings? (with removing all existing private keys/certificates etc.)&lt;/P&gt;&lt;P&gt;2. The next&amp;nbsp; thing are below errors I can see on my system:&lt;/P&gt;&lt;P&gt;&lt;SPAN&gt;ambarella-i2c e400a000.i2c: No ACK from address 0x91&lt;/SPAN&gt;&lt;/P&gt;&lt;P&gt;&lt;SPAN&gt;Looks like this chip does not send ACK for read address (0x91) which is quite strange for me because it looks like SE050 works ok. May it be caused because accessManager send read requests too fast and do some retries?&lt;/SPAN&gt;&lt;/P&gt;&lt;P&gt;&lt;SPAN&gt;Regards&lt;/SPAN&gt;&lt;/P&gt;&lt;P&gt;&lt;SPAN&gt;EDIT:&lt;/SPAN&gt;&lt;/P&gt;&lt;P&gt;&lt;SPAN&gt;The second issue was caused by my hardware setup and I will resolved it but I still don't know how to restore my device if it will be possibly not reachable (for example when I lost scp keys).&lt;/SPAN&gt;&lt;/P&gt;</description>
    <pubDate>Fri, 11 Mar 2022 08:49:29 GMT</pubDate>
    <dc:creator>grzegorz2</dc:creator>
    <dc:date>2022-03-11T08:49:29Z</dc:date>
    <item>
      <title>call to "GP_Select" and AccessManager</title>
      <link>https://community.nxp.com/t5/Secure-Authentication/call-to-quot-GP-Select-quot-and-AccessManager/m-p/1422667#M712</link>
      <description>&lt;P&gt;Hi&lt;/P&gt;&lt;P&gt;I see a problem with accessManager and I want to ask what am I doing wrong.&lt;/P&gt;&lt;P&gt;When I build Plug &amp;amp; Trust software with these options:&lt;/P&gt;&lt;P&gt;PTMW_Host=Raspbian&lt;BR /&gt;PTMW_Applet=SE05X_A&lt;BR /&gt;CMAKE_BUILD_TYPE=Release&lt;BR /&gt;PTMW_HostCrypto=OPENSSL&lt;BR /&gt;PTMW_SCP=SCP03_SSS&lt;BR /&gt;PTMW_SMCOM=T1oI2C&lt;/P&gt;&lt;P&gt;Then I can run example "se05x_GetInfo" without any issues but if I want to use accessManager (which was build with above options) I have an error.&lt;/P&gt;&lt;P&gt;To run "se05x_GetInfo" I built Plug &amp;amp; Trust again with below options:&lt;/P&gt;&lt;P&gt;PTMW_Host=Raspbian&lt;BR /&gt;PTMW_Applet=SE05X_A&lt;BR /&gt;CMAKE_BUILD_TYPE=Release&lt;BR /&gt;PTMW_HostCrypto=OPENSSL&lt;BR /&gt;PTMW_SCP=None&lt;BR /&gt;PTMW_SMCOM=JRCP_V1_AM&lt;/P&gt;&lt;P&gt;I noticed that call to "GP_Select" fails in the example "se05x_GetInfo". I pasted output from this example below (accessmanager didn't print any errors):&lt;/P&gt;&lt;P&gt;# ./se05x_GetInfo&lt;BR /&gt;App :INFO :PlugAndTrust_v04.01.01_20220112&lt;BR /&gt;App :INFO :Running ./se05x_GetInfo&lt;BR /&gt;App :INFO :Using PortName='localhost:8040' (ENV: EX_SSS_BOOT_SSS_PORT=localhost:8040)&lt;BR /&gt;smCom :WARN :nxEnsure:'nSuccess != 1' failed. At Line:130 Function:getSocketParams&lt;BR /&gt;App :WARN :nxEnsure:'conn_ctx != NULL' failed. At Line:156 Function:sems_lite_session_open&lt;BR /&gt;App :WARN :No SemsLite Applet Available.&lt;BR /&gt;App :INFO :Running ./se05x_GetInfo&lt;BR /&gt;App :INFO :Using PortName='localhost:8040' (ENV: EX_SSS_BOOT_SSS_PORT=localhost:8040)&lt;BR /&gt;smCom :WARN :nxEnsure:'nSuccess != 1' failed. At Line:130 Function:getSocketParams&lt;BR /&gt;sss :INFO :Newer version of Applet Found&lt;BR /&gt;sss :INFO :Compiled for 0x30100. Got newer 0x30600&lt;BR /&gt;sss :WARN :Communication channel is Plain.&lt;BR /&gt;sss :WARN :!!!Not recommended for production use.!!!&lt;BR /&gt;App :WARN :#####################################################&lt;BR /&gt;App :INFO :uid (Len=18)&lt;BR /&gt;04 00 50 01 54 72 09 C9 9B 39 B1 04 33 03 89 99&lt;BR /&gt;00 00&lt;BR /&gt;App :WARN :#####################################################&lt;BR /&gt;App :INFO :Applet Major = 3&lt;BR /&gt;App :INFO :Applet Minor = 6&lt;BR /&gt;App :INFO :Applet patch = 0&lt;BR /&gt;App :INFO :AppletConfig = 61D2&lt;BR /&gt;App :INFO :WithOut ECDAA&lt;BR /&gt;App :INFO :With ECDSA_ECDH_ECDHE&lt;BR /&gt;App :INFO :WithOut EDDSA&lt;BR /&gt;App :INFO :WithOut DH_MONT&lt;BR /&gt;App :INFO :With HMAC&lt;BR /&gt;App :INFO :WithOut RSA_PLAIN&lt;BR /&gt;App :INFO :With RSA_CRT&lt;BR /&gt;App :INFO :With AES&lt;BR /&gt;App :INFO :With DES&lt;BR /&gt;App :INFO :WithOut PBKDF&lt;BR /&gt;App :INFO :WithOut TLS&lt;BR /&gt;App :INFO :WithOut MIFARE&lt;BR /&gt;App :INFO :With I2CM&lt;BR /&gt;App :INFO :Internal = 010B&lt;BR /&gt;App :ERROR:Could not select ISD.&lt;BR /&gt;App :ERROR:se05x_GetInfoPlainApplet Example Failed !!!...&lt;BR /&gt;App :INFO :ex_sss Finished&lt;BR /&gt;App :ERROR:ex_sss_entry Failed&lt;BR /&gt;App :ERROR:!ERROR! ret != 0.&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;I also using OpenSSL plugin, I can generate and use private keys on SE050 with accessManager without any issues but I wanted to ask why this call fails when I am using accessManager, am I missing something?&lt;/P&gt;&lt;P&gt;Another thing is that I see many errors related with I2C&lt;/P&gt;&lt;P&gt;ambarella-i2c e400a000.i2c: No ACK from address 0x91, 0:0!&lt;/P&gt;&lt;P&gt;Regards&lt;/P&gt;</description>
      <pubDate>Thu, 03 Mar 2022 12:37:48 GMT</pubDate>
      <guid>https://community.nxp.com/t5/Secure-Authentication/call-to-quot-GP-Select-quot-and-AccessManager/m-p/1422667#M712</guid>
      <dc:creator>grzegorz2</dc:creator>
      <dc:date>2022-03-03T12:37:48Z</dc:date>
    </item>
    <item>
      <title>Re: call to "GP_Select" and AccessManager</title>
      <link>https://community.nxp.com/t5/Secure-Authentication/call-to-quot-GP-Select-quot-and-AccessManager/m-p/1423260#M713</link>
      <description>&lt;P&gt;Hi&amp;nbsp;&lt;a href="https://community.nxp.com/t5/user/viewprofilepage/user-id/196301"&gt;@grzegorz2&lt;/a&gt;&amp;nbsp;,&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;Actually it is the expected behavior for the case of&amp;nbsp;&lt;SPAN&gt;se05x_GetInfo working with AccessManager. Indeed&amp;nbsp;the access manager intentionally does not support additional GP select commands. Reason is that in normal operation a client sending a GP select would interrupt the potential open sessions from other client as the IoT applet gets deselected.&amp;nbsp; Allowing the AccessManager for supporting the GP select commands is under discussion,&amp;nbsp;&lt;/SPAN&gt;&lt;SPAN&gt;but there will for sure be no fast solution.&lt;/SPAN&gt;&lt;/P&gt;
&lt;P&gt;&lt;SPAN&gt;For time being, the AccessManager does not support GetInfo.&lt;/SPAN&gt;&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;&lt;SPAN&gt;Hope that makes sense,&lt;/SPAN&gt;&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;Have a great day,&lt;BR /&gt;Kan&lt;/P&gt;
&lt;P&gt;&lt;BR /&gt;-------------------------------------------------------------------------------&lt;BR /&gt;Note:&lt;BR /&gt;- If this post answers your question, please click the "Mark Correct" button. Thank you!&lt;BR /&gt;- We are following threads for 7 weeks after the last post, later replies are ignored&lt;BR /&gt;Please open a new thread and refer to the closed one, if you have a related question at a later point in time.&lt;BR /&gt;-------------------------------------------------------------------------------&lt;/P&gt;</description>
      <pubDate>Fri, 04 Mar 2022 10:59:03 GMT</pubDate>
      <guid>https://community.nxp.com/t5/Secure-Authentication/call-to-quot-GP-Select-quot-and-AccessManager/m-p/1423260#M713</guid>
      <dc:creator>Kan_Li</dc:creator>
      <dc:date>2022-03-04T10:59:03Z</dc:date>
    </item>
    <item>
      <title>Re: call to "GP_Select" and AccessManager</title>
      <link>https://community.nxp.com/t5/Secure-Authentication/call-to-quot-GP-Select-quot-and-AccessManager/m-p/1424473#M719</link>
      <description>&lt;P&gt;Hi&amp;nbsp;&lt;a href="https://community.nxp.com/t5/user/viewprofilepage/user-id/59276"&gt;@Kan_Li&lt;/a&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;Thanks for clarification.&lt;/P&gt;&lt;P&gt;I was looking at this GetInfo example because I wanted to get some information about this chip:&lt;/P&gt;&lt;P&gt;&lt;SPAN&gt;Configuration ID, Patch ID, Platform build ID, ROM ID and I wanted to know if FIPS mode is active or not. If I understand correctly getting all of this information is not possible in my setup? Is there another way to get this information without calling GP_Select?&lt;/SPAN&gt;&lt;/P&gt;</description>
      <pubDate>Tue, 08 Mar 2022 09:33:34 GMT</pubDate>
      <guid>https://community.nxp.com/t5/Secure-Authentication/call-to-quot-GP-Select-quot-and-AccessManager/m-p/1424473#M719</guid>
      <dc:creator>grzegorz2</dc:creator>
      <dc:date>2022-03-08T09:33:34Z</dc:date>
    </item>
    <item>
      <title>Re: call to "GP_Select" and AccessManager</title>
      <link>https://community.nxp.com/t5/Secure-Authentication/call-to-quot-GP-Select-quot-and-AccessManager/m-p/1424880#M720</link>
      <description>&lt;P&gt;Hi&amp;nbsp;&lt;a href="https://community.nxp.com/t5/user/viewprofilepage/user-id/196301"&gt;@grzegorz2&lt;/a&gt;&amp;nbsp;,&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;I am sorry, but&amp;nbsp;&lt;SPAN&gt;GP_Select is needed to fetch such info, and you have to run the GetInfo demo without AccessManager.&lt;/SPAN&gt;&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;&lt;SPAN&gt;Sorry for the inconvenience that might cause.&lt;/SPAN&gt;&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;Have a great day,&lt;BR /&gt;Kan&lt;/P&gt;
&lt;P&gt;&lt;BR /&gt;-------------------------------------------------------------------------------&lt;BR /&gt;Note:&lt;BR /&gt;- If this post answers your question, please click the "Mark Correct" button. Thank you!&lt;BR /&gt;- We are following threads for 7 weeks after the last post, later replies are ignored&lt;BR /&gt;Please open a new thread and refer to the closed one, if you have a related question at a later point in time.&lt;BR /&gt;-------------------------------------------------------------------------------&lt;/P&gt;</description>
      <pubDate>Wed, 09 Mar 2022 02:19:26 GMT</pubDate>
      <guid>https://community.nxp.com/t5/Secure-Authentication/call-to-quot-GP-Select-quot-and-AccessManager/m-p/1424880#M720</guid>
      <dc:creator>Kan_Li</dc:creator>
      <dc:date>2022-03-09T02:19:26Z</dc:date>
    </item>
    <item>
      <title>Re: call to "GP_Select" and AccessManager</title>
      <link>https://community.nxp.com/t5/Secure-Authentication/call-to-quot-GP-Select-quot-and-AccessManager/m-p/1425255#M721</link>
      <description>&lt;P&gt;Hi&amp;nbsp;&lt;a href="https://community.nxp.com/t5/user/viewprofilepage/user-id/59276"&gt;@Kan_Li&lt;/a&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;Ok, I understand, thanks for answer.&lt;/P&gt;&lt;P&gt;I have two offtopic questions:&lt;/P&gt;&lt;P&gt;1. Does SE050 has any procedure to do factory reset? For example when I loose scp keys. Is it possible to reset device and restore factory settings? (with removing all existing private keys/certificates etc.)&lt;/P&gt;&lt;P&gt;2. The next&amp;nbsp; thing are below errors I can see on my system:&lt;/P&gt;&lt;P&gt;&lt;SPAN&gt;ambarella-i2c e400a000.i2c: No ACK from address 0x91&lt;/SPAN&gt;&lt;/P&gt;&lt;P&gt;&lt;SPAN&gt;Looks like this chip does not send ACK for read address (0x91) which is quite strange for me because it looks like SE050 works ok. May it be caused because accessManager send read requests too fast and do some retries?&lt;/SPAN&gt;&lt;/P&gt;&lt;P&gt;&lt;SPAN&gt;Regards&lt;/SPAN&gt;&lt;/P&gt;&lt;P&gt;&lt;SPAN&gt;EDIT:&lt;/SPAN&gt;&lt;/P&gt;&lt;P&gt;&lt;SPAN&gt;The second issue was caused by my hardware setup and I will resolved it but I still don't know how to restore my device if it will be possibly not reachable (for example when I lost scp keys).&lt;/SPAN&gt;&lt;/P&gt;</description>
      <pubDate>Fri, 11 Mar 2022 08:49:29 GMT</pubDate>
      <guid>https://community.nxp.com/t5/Secure-Authentication/call-to-quot-GP-Select-quot-and-AccessManager/m-p/1425255#M721</guid>
      <dc:creator>grzegorz2</dc:creator>
      <dc:date>2022-03-11T08:49:29Z</dc:date>
    </item>
    <item>
      <title>Re: call to "GP_Select" and AccessManager</title>
      <link>https://community.nxp.com/t5/Secure-Authentication/call-to-quot-GP-Select-quot-and-AccessManager/m-p/1434713#M734</link>
      <description>&lt;P&gt;Hi&amp;nbsp;&lt;a href="https://community.nxp.com/t5/user/viewprofilepage/user-id/59276"&gt;@Kan_Li&lt;/a&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;Does SE050 has a procedure for factory cleanup/reset all data? I'm afraid that I will lost whole device SE050 when I lost my SCP keys because I will not able to connect to SE050 in that case. Is it possible to restore SE050 without SCP keys?&lt;/P&gt;&lt;P&gt;Regards&lt;/P&gt;</description>
      <pubDate>Mon, 28 Mar 2022 09:12:48 GMT</pubDate>
      <guid>https://community.nxp.com/t5/Secure-Authentication/call-to-quot-GP-Select-quot-and-AccessManager/m-p/1434713#M734</guid>
      <dc:creator>grzegorz2</dc:creator>
      <dc:date>2022-03-28T09:12:48Z</dc:date>
    </item>
    <item>
      <title>Re: call to "GP_Select" and AccessManager</title>
      <link>https://community.nxp.com/t5/Secure-Authentication/call-to-quot-GP-Select-quot-and-AccessManager/m-p/1435266#M737</link>
      <description>&lt;P&gt;Hi&amp;nbsp;&lt;a href="https://community.nxp.com/t5/user/viewprofilepage/user-id/196301"&gt;@grzegorz2&lt;/a&gt;&amp;nbsp;,&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;Yes, there is such kind of demo available , you may refer to "simw-top/doc/demos/se05x/se05x_Delete_and_test_provision/Readme.html" for more details.&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;The binary can be found in "simw-top\binaries\PCWindows", for example,&amp;nbsp;VCOM-None-se050_Delete_and_test_provision, with the help of FRDM-K64 board with "se05x_vcom-T1oI2C-frdmk64f.bin" pre-installed(locates in "simw-top\binaries\MCU\se05x"). You may refer to&amp;nbsp;&lt;A href="https://www.nxp.com/docs/en/application-note/AN12398.pdf" target="_blank"&gt;https://www.nxp.com/docs/en/application-note/AN12398.pdf&lt;/A&gt;&amp;nbsp;for more details.&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;Hope that helps,&lt;/P&gt;&lt;P&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;Have a great day,&lt;BR /&gt;Kan&lt;/P&gt;&lt;P&gt;&lt;BR /&gt;-------------------------------------------------------------------------------&lt;BR /&gt;Note:&lt;BR /&gt;- If this post answers your question, please click the "Mark Correct" button. Thank you!&lt;BR /&gt;- We are following threads for 7 weeks after the last post, later replies are ignored&lt;BR /&gt;Please open a new thread and refer to the closed one, if you have a related question at a later point in time.&lt;BR /&gt;-------------------------------------------------------------------------------&lt;/P&gt;</description>
      <pubDate>Tue, 29 Mar 2022 06:49:26 GMT</pubDate>
      <guid>https://community.nxp.com/t5/Secure-Authentication/call-to-quot-GP-Select-quot-and-AccessManager/m-p/1435266#M737</guid>
      <dc:creator>Kan_Li</dc:creator>
      <dc:date>2022-03-29T06:49:26Z</dc:date>
    </item>
    <item>
      <title>Re: call to "GP_Select" and AccessManager</title>
      <link>https://community.nxp.com/t5/Secure-Authentication/call-to-quot-GP-Select-quot-and-AccessManager/m-p/1436029#M739</link>
      <description>&lt;P&gt;Hi&amp;nbsp;&lt;a href="https://community.nxp.com/t5/user/viewprofilepage/user-id/59276"&gt;@Kan_Li&lt;/a&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;Thanks for answer but it doesn't work for me. Maybe I don't understand something. Firstly I ran "se05x_RotatePlatformSCP03Keys" with commented out original SCP keys so I left my device with these keys:&lt;/P&gt;&lt;P&gt;ENC 404142434445464748494a4b4c4d4e4f&lt;BR /&gt;MAC 404142434445464748494a4b4c4d4e4f&lt;BR /&gt;DEK 404142434445464748494a4b4c4d4e4f&lt;/P&gt;&lt;P&gt;Everything works when I use these keys but let's assume that I want to reset this device to factory state because I lost these keys (so I'm expecting that everything will be removed from the device and SCP keys will be automatically restored to the original ones).&lt;/P&gt;&lt;P&gt;Regarding to the "Readme.rst" I built the example "se05x_Delete_and_test_provision" with flag "SE05X_Auth=None" and tried to run and this is the output:&lt;/P&gt;&lt;P&gt;# ./se05x_Delete_and_test_provision /dev/i2c-2&lt;BR /&gt;App :INFO :PlugAndTrust_v04.01.01_20220112&lt;BR /&gt;App :INFO :Running ./se05x_Delete_and_test_provision&lt;BR /&gt;App :INFO :Using PortName='/dev/i2c-2' (CLI)&lt;BR /&gt;sss :INFO :atr (Len=35)&lt;BR /&gt;00 A0 00 00 03 96 04 03 E8 00 FE 02 0B 03 E8 08&lt;BR /&gt;01 00 00 00 00 64 00 00 0A 4A 43 4F 50 34 20 41&lt;BR /&gt;54 50 4F&lt;BR /&gt;sss :INFO :Newer version of Applet Found&lt;BR /&gt;sss :INFO :Compiled for 0x30100. Got newer 0x30600&lt;BR /&gt;sss :WARN :Communication channel is Plain.&lt;BR /&gt;sss :WARN :!!!Not recommended for production use.!!!&lt;BR /&gt;sss :WARN :nxEnsure:'ret == SM_OK' failed. At Line:6884 Function:sss_se05x_TXn&lt;BR /&gt;App :ERROR:# se05x_Delete_and_test_provision !!! Only for testing. NOT FOR PRODUCTION USE!!!!&lt;BR /&gt;sss :WARN :nxEnsure:'ret == SM_OK' failed. At Line:6884 Function:sss_se05x_TXn&lt;BR /&gt;App :WARN :kSE05x_AppletResID_UNIQUE_ID Missing. Injecting Dummy KEY!.&lt;BR /&gt;sss :WARN :nxEnsure:'ret == SM_OK' failed. At Line:6884 Function:sss_se05x_TXn&lt;BR /&gt;App :INFO :sw_status=0x6985&lt;BR /&gt;sss :WARN :nxEnsure:'ret == SM_OK' failed. At Line:6884 Function:sss_se05x_TXn&lt;BR /&gt;App :ERROR:Failed Se05x_API_DeleteAll&lt;BR /&gt;App :INFO :ex_sss Finished&lt;BR /&gt;App :ERROR:ex_sss_entry Failed&lt;BR /&gt;App :ERROR:!ERROR! ret != 0.&lt;/P&gt;&lt;P&gt;I'm using evaluation kit with SE050F so it should require SCP mode but such reset procedure must work in plain mode (because I don't have SCP keys). Is it possible?&lt;/P&gt;&lt;P&gt;We want to use SE050 on our cameras and generate SCP keys on each camera separately. In case when we lost keys because somebody will flash camera again or trigger a factory reset etc. we will lost these keys so it must be a procedure to restore this SE050 to the factory state. If it will be not possible we must set the same SCP keys on all cameras and keep them forever which looks insecure&lt;/P&gt;&lt;P&gt;Regards&lt;/P&gt;</description>
      <pubDate>Wed, 30 Mar 2022 09:03:17 GMT</pubDate>
      <guid>https://community.nxp.com/t5/Secure-Authentication/call-to-quot-GP-Select-quot-and-AccessManager/m-p/1436029#M739</guid>
      <dc:creator>grzegorz2</dc:creator>
      <dc:date>2022-03-30T09:03:17Z</dc:date>
    </item>
    <item>
      <title>Re: call to "GP_Select" and AccessManager</title>
      <link>https://community.nxp.com/t5/Secure-Authentication/call-to-quot-GP-Select-quot-and-AccessManager/m-p/1436732#M742</link>
      <description>&lt;P&gt;Hi&amp;nbsp;&lt;a href="https://community.nxp.com/t5/user/viewprofilepage/user-id/196301"&gt;@grzegorz2&lt;/a&gt;&amp;nbsp;,&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;What do you mean with "&lt;SPAN&gt;&amp;nbsp;reset this device to factory state&lt;/SPAN&gt;" ? Did you send the&amp;nbsp;DeleteAll command to SE050? Please kindly clarify.&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;&lt;SPAN&gt;The example "se05x_Delete_and_test_provision" can also be built with flag "SE05X_Auth=value other than None", for example , you may find the file of "VCOM-PlatfSCP03-se050_Delete_and_test_provision.exe" in "simw-top\binaries\PCWindows" as a reference, and of course, you may use your own platform keys with this bin file, as mentioned below:&lt;/SPAN&gt;&lt;/P&gt;
&lt;P&gt;&lt;SPAN&gt;PS C:\se050_middleware\simw-top\binaries\PCWindows&amp;gt; .\VCOM-PlatfSCP03-se050_Delete_and_test_provision.exe&lt;BR /&gt;App :INFO :PlugAndTrust_v04.01.00_20211214&lt;BR /&gt;App :INFO :Running C:\se050_middleware\simw-top\binaries\PCWindows\VCOM-PlatfSCP03-se050_Delete_and_test_provision.exe&lt;BR /&gt;App :INFO :Using PortName='\\.\COM7' (gszCOMPortDefault)&lt;BR /&gt;&lt;FONT color="#FF0000"&gt;App :INFO :If you want to over-ride the selection, use ENV=EX_SSS_BOOT_SSS_PORT or pass in command line arguments.&lt;/FONT&gt;&lt;BR /&gt;App :WARN :Using SCP03 keys from:'C:\nxp\SE05X\plain_scp.txt' (FILE=C:\nxp\SE05X\plain_scp.txt)&lt;/SPAN&gt;&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;Hope that helps,&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;Have a great day,&lt;BR /&gt;Kan&lt;/P&gt;
&lt;P&gt;&lt;BR /&gt;-------------------------------------------------------------------------------&lt;BR /&gt;Note:&lt;BR /&gt;- If this post answers your question, please click the "Mark Correct" button. Thank you!&lt;BR /&gt;- We are following threads for 7 weeks after the last post, later replies are ignored&lt;BR /&gt;Please open a new thread and refer to the closed one, if you have a related question at a later point in time.&lt;BR /&gt;-------------------------------------------------------------------------------&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;</description>
      <pubDate>Thu, 31 Mar 2022 05:46:15 GMT</pubDate>
      <guid>https://community.nxp.com/t5/Secure-Authentication/call-to-quot-GP-Select-quot-and-AccessManager/m-p/1436732#M742</guid>
      <dc:creator>Kan_Li</dc:creator>
      <dc:date>2022-03-31T05:46:15Z</dc:date>
    </item>
    <item>
      <title>Re: call to "GP_Select" and AccessManager</title>
      <link>https://community.nxp.com/t5/Secure-Authentication/call-to-quot-GP-Select-quot-and-AccessManager/m-p/1436942#M744</link>
      <description>&lt;P&gt;Hi&amp;nbsp;&lt;a href="https://community.nxp.com/t5/user/viewprofilepage/user-id/59276"&gt;@Kan_Li&lt;/a&gt;&amp;nbsp;&lt;/P&gt;&lt;P&gt;&lt;STRONG&gt;What do you mean with "&amp;nbsp;reset this device to factory state" ?&lt;/STRONG&gt;&lt;/P&gt;&lt;P&gt;If I buy a new SE050F it has some default configuration such as SCP keys defined in document "AN12436&lt;BR /&gt;SE050 configurations" and some provisioned objects under IDs reserved for Applet etc.&lt;/P&gt;&lt;P&gt;During lifetime of this device I will change SCP keys or add some private ec keys to SE050F or other objects. "Reset to factory state" I mean that this is a procedure that will restore this SE050F to the same state just after I bought it. So I will expect that all my uploaded objects will be removed and SCP keys that I changed will be also removed (and default SCP keys will be set according to the AN12436 document).&lt;/P&gt;&lt;P&gt;But I have a problem with this because I don't see a possibility to do it.&lt;/P&gt;&lt;P&gt;Of course I found DeleteAll function in "simw-top/hostlib/hostLib/se05x_03_xx_xx/se05x_APDU_impl.h"&lt;/P&gt;&lt;P&gt;smStatus_t Se05x_API_DeleteAll(&lt;STRONG&gt;pSe05xSession_t session_ctx&lt;/STRONG&gt;)&lt;/P&gt;&lt;P&gt;But this function requires session_ctx. To have this session_ctx I have to open session. To open session I have to provide SCP keys and this is a problem because &lt;STRONG&gt;I don't have &lt;/STRONG&gt;my SCP keys. I can't open session in plain text because this SE050F&amp;nbsp;&lt;STRONG&gt;requires SCP&lt;/STRONG&gt; mode.&lt;/P&gt;&lt;P&gt;So when SE050F requires SCP session (plain text mode is rejected) and I changed SCP keys and I lost these keys then this SE050F is unusable because I'm unable to connect to it and this is no "reset to factory" procedure to back it to the working state (I expected that this procedure will remove all my existing objects because of security reasons). Am I correct? Looks like "DeleteAll" still needs opened session (so proper SCP keys are required) to be executed but maybe I misunderstood something.&lt;/P&gt;&lt;P&gt;I'm unable to run any Windows binary. This SE050F is mounted on the camera with Linux and connected with I2C bus only. I don't even have python on this system (I can't use "ssscli") so I can use only Linux binaries which can send commands via I2C bus.&lt;/P&gt;&lt;P&gt;&lt;STRONG&gt;The example "se05x_Delete_and_test_provision" can also be built with flag "SE05X_Auth=value other than None"&lt;/STRONG&gt;&lt;/P&gt;&lt;P&gt;I tried but it doesn't work because I still need to provide SCP keys that &lt;STRONG&gt;I don't have.&lt;/STRONG&gt;&lt;/P&gt;&lt;P&gt;What we wanted to do is just generate SCP keys on this camera internally and there is a possibility to lost them. If SE050 can't be used without these lost SCP keys then we will have to set the same (and of course well known by us) SCP keys on hundreds of cameras.&lt;/P&gt;&lt;P&gt;Thanks for help&lt;/P&gt;&lt;P&gt;Regards&lt;/P&gt;</description>
      <pubDate>Thu, 31 Mar 2022 09:14:23 GMT</pubDate>
      <guid>https://community.nxp.com/t5/Secure-Authentication/call-to-quot-GP-Select-quot-and-AccessManager/m-p/1436942#M744</guid>
      <dc:creator>grzegorz2</dc:creator>
      <dc:date>2022-03-31T09:14:23Z</dc:date>
    </item>
    <item>
      <title>Re: call to "GP_Select" and AccessManager</title>
      <link>https://community.nxp.com/t5/Secure-Authentication/call-to-quot-GP-Select-quot-and-AccessManager/m-p/1437303#M747</link>
      <description>&lt;P&gt;Hi&amp;nbsp;&lt;a href="https://community.nxp.com/t5/user/viewprofilepage/user-id/196301"&gt;@grzegorz2&lt;/a&gt;&amp;nbsp;,&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;Thanks for the clarification! I understand now, but after checking with the expert, if you have lost the&amp;nbsp;&lt;/P&gt;
&lt;P&gt;the PlatfromSCP keys which are set on SE050F there is no way to recover.&amp;nbsp;&lt;/P&gt;
&lt;P&gt;But as preventive measure e.g. an additional Platform SCP keyset can be created on the SE. This works exactly like rotating the Platform SCP keys, but on the put-key command you specify a different (new) keyset number (e.g. 12) instead of the existing one (11). This stored keys could be e.g. set in factory and be kept there in a backup system to allow to recover communication to the SE using the alternative keyset.&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;Hope that helps,&lt;/P&gt;
&lt;P&gt;&amp;nbsp;&lt;/P&gt;
&lt;P&gt;Have a great day,&lt;BR /&gt;Kan&lt;/P&gt;
&lt;P&gt;&lt;BR /&gt;-------------------------------------------------------------------------------&lt;BR /&gt;Note:&lt;BR /&gt;- If this post answers your question, please click the "Mark Correct" button. Thank you!&lt;BR /&gt;- We are following threads for 7 weeks after the last post, later replies are ignored&lt;BR /&gt;Please open a new thread and refer to the closed one, if you have a related question at a later point in time.&lt;BR /&gt;-------------------------------------------------------------------------------&lt;/P&gt;</description>
      <pubDate>Fri, 01 Apr 2022 02:09:20 GMT</pubDate>
      <guid>https://community.nxp.com/t5/Secure-Authentication/call-to-quot-GP-Select-quot-and-AccessManager/m-p/1437303#M747</guid>
      <dc:creator>Kan_Li</dc:creator>
      <dc:date>2022-04-01T02:09:20Z</dc:date>
    </item>
  </channel>
</rss>

