How can I recover the deleted certificate

Khalil_Azouz · ‎01-05-2022

Hi,

I'm using SE050 Secure Element, and I think I deleted the device certificate by using DeleteAll API.

Is there any way to recover these Certificates?

Kan_Li · ‎01-09-2022

It depends. Actually only secure Objects that are trust provisioned by NXP are not deleted (i.e., all objects that have Origin set to ORIGIN_PROVISIONED), while this attribute is updated during applet runtime for Secure Objects of type AESKey, DESKey, HMACKey, ECKey and RSAKey only and does not get updated for other object types. so better save the certificates before issuing the DeleteAll command. You may use the following demos for that purpose.

Hope that helps,

Have a great day,
Kan

-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

View solution in original post

Khalil_Azouz · ‎01-09-2022

Hi @Kan_Li ,

Thank you for reply,

I also have another question, Is there any way to use "Se05x_API_DeleteAll" Api without removing those certificates?

Regards,

Khalil Azouz

Kan_Li · ‎01-09-2022

Hi @Khalil_Azouz ,

It depends. Actually only secure Objects that are trust provisioned by NXP are not deleted (i.e., all objects that have Origin set to ORIGIN_PROVISIONED), while this attribute is updated during applet runtime for Secure Objects of type AESKey, DESKey, HMACKey, ECKey and RSAKey only and does not get updated for other object types. so better save the certificates before issuing the DeleteAll command. You may use the following demos for that purpose.

Hope that helps,

Have a great day,
Kan

-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

Kan_Li · ‎01-05-2022

Hi @Khalil_Azouz ,

I think you might have to go through the EdgeLock 2GO service to restore them, please kindly refer to "se05x_mw_v04.01.00/simw-top/doc/nxp_iot_agent/doc/introduction.html#offline-provisioning-of-secure-objects" and https://www.nxp.com/products/security-and-authentication/secure-service-2go-platform/edgelock-2go:ED... for details.

Hope that helps,

Have a great day,
Kan

-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------