帮助
英语(美国) | English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

ReadObject and verifySessionUserID command not working

取消
开启建议
自动建议可通过在您键入时建议可能的匹配,而快速缩小您的搜索结果范围。
显示结果 
显示  仅  | 搜索替代 
您的意思是: 

ReadObject and verifySessionUserID command not working

‎11-21-2019 04:33 AM
2,103 次查看
priyanka_priyad
Contributor II

Hello,

 

I am using NXP SE050 smartcard with kinetics K64 evaluation board. 

I have tested various commands from NXP APDUSpecifications document. But I am having problem with policies and sessions.

I have created a new User session, and created a binary file in this session with read policies, but when I try to read that file, it is giving the error "command not allowed".

Is there any thing extra that needs to be added in the ReadObject command while trying to read the binary file with read policy?

 

Further, I am not able to verify the session with verifySessionUserID command after creating a new User Session, it gives the error "Conditions not satisfied".

I don't know is there something that I am missing in writing these command APDUs Or there are some additional APDUs that I need to send before sending above mentioned commands or APDUs?

标记 (1)
回复
5 回复数

‎11-25-2019 12:09 AM
1,998 次查看
Kan_Li
NXP TechSupport
NXP TechSupport

Hello,

Would you please give more details on your implementation? Thanks for your patience!

Have a great day,
Kan


-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

0 项奖励
回复

‎11-25-2019 01:56 AM
1,998 次查看
priyanka_priyad
Contributor II

Hello Kan,

Thanks for your reply.

I am using Plug & Trust Middleware toolchain with Kinetics K64 evaluation board and OM se050 smartcard evaluation board.  

And I am sending APDUs using APDU player which is a compiler present in the se05_middleware folder from NXP.

I have created an Authentication object(UserID)
APDU: 804107000E1202000341040F7FFFFF42020FFE

CLA: 80 INS: 41, P1: 07, P2: 00 

pastedImage_10.png



and then created a session using this user ID.
APDU: 8004001B0641040F7FFFFF0A

CLA: 80 INS: 04, P1: 00, P2: 1B 
pastedImage_11.png


Now, when I want to open this session using VerifySessionUserID command
APDU: 8005000015100801F144DFECE5FD8E41098004002C0441020FFE00

CLA: 80 INS: 05, P1: 00, P2: 00 

Note: I have wrapped VerifySessionUserID  command in ProcessSessionCmd command.

pastedImage_13.png

pastedImage_12.png



it gives me error 'SW_CONDITIONS_NOT_SATISFIED'. 

I don't understand why am I getting this error when I am writing the correct UserID value and also the correct auth object ID ?

Because as explained in the document, we get this error only when our userID is not correct.

Thanks,

Priyanka

0 项奖励
回复

‎11-27-2019 12:20 AM
1,998 次查看
Kan_Li
NXP TechSupport
NXP TechSupport

Hi Priyanka,

The cause is due to you use APDU player to launch CreateSession and VerifySession separately. That would make the session id you got from CreateSession  became invalid when you start a new apdu player to run the VerifySession command. but if you run VerifySession right after CreateSession within the same APDU player demo, the device returns 9000.

pastedImage_1.png

For test purpose, I updated the session id info in the apdu player demo as below:

pastedImage_2.png

Hope that helps,

Have a great day,
Kan


-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

回复

‎11-27-2019 03:16 AM
1,998 次查看
priyanka_priyad
Contributor II

Thank you so much for your reply.

I have a question here:

The first command (createSession) that you are executing, is giving 8-byte session ID in response (01AE6F94E279C8A0). But in the next (verifySessionUserID command) you are putting the session ID that i used in the example I sent you in my first question.

And I also tried adding the above code lines in my apdu_player.c file but it is giving the error (identifier session_id is undefined). From where I can get this session_id? Is this the session_id from the response of the createSession command?

Thank you

Priyanka

0 项奖励
回复

‎11-27-2019 11:00 PM
1,998 次查看
Kan_Li
NXP TechSupport
NXP TechSupport

Hi Priyanka,

The session ID put in verifySessionUserID command is just for dummy purpose, the 8-byte session ID in response (01AE6F94E279C8A0) is the really session ID I got in that test, so before launching verifySessionUserID command, I replaced the dummy session ID with the one I got from the response of createSession command.

Please refer to the attachment for more details.

Hope that helps,

Have a great day,
Kan


-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

apdu_player.c.zip
apdu_player_demo.txt.zip
回复