- Forums
- Product Forums
- General Purpose MicrocontrollersGeneral Purpose Microcontrollers
- i.MX Forumsi.MX Forums
- QorIQ Processing PlatformsQorIQ Processing Platforms
- Identification and SecurityIdentification and Security
- Power ManagementPower Management
- Wireless ConnectivityWireless Connectivity
- RFID / NFCRFID / NFC
- Advanced AnalogAdvanced Analog
- MCX Microcontrollers
- S32G
- S32K
- S32V
- MPC5xxx
- Other NXP Products
- S12 / MagniV Microcontrollers
- Powertrain and Electrification Analog Drivers
- Sensors
- Vybrid Processors
- Digital Signal Controllers
- 8-bit Microcontrollers
- ColdFire/68K Microcontrollers and Processors
- PowerQUICC Processors
- OSBDM and TBDML
- S32M
- S32Z/E
-
- Solution Forums
- Software Forums
- MCUXpresso Software and ToolsMCUXpresso Software and Tools
- CodeWarriorCodeWarrior
- MQX Software SolutionsMQX Software Solutions
- Model-Based Design Toolbox (MBDT)Model-Based Design Toolbox (MBDT)
- FreeMASTER
- eIQ Machine Learning Software
- Embedded Software and Tools Clinic
- S32 SDK
- S32 Design Studio
- GUI Guider
- Zephyr Project
- Voice Technology
- Application Software Packs
- Secure Provisioning SDK (SPSDK)
- Processor Expert Software
- Generative AI & LLMs
-
- Topics
- Mobile Robotics - Drones and RoversMobile Robotics - Drones and Rovers
- NXP Training ContentNXP Training Content
- University ProgramsUniversity Programs
- Rapid IoT
- NXP Designs
- SafeAssure-Community
- OSS Security & Maintenance
- Using Our Community
-
- Cloud Lab Forums
-
- Knowledge Bases
- ARM Microcontrollers
- i.MX Processors
- Identification and Security
- Model-Based Design Toolbox (MBDT)
- QorIQ Processing Platforms
- S32 Automotive Processing Platform
- Wireless Connectivity
- CodeWarrior
- MCUXpresso Suite of Software and Tools
- MQX Software Solutions
- RFID / NFC
- Advanced Analog
-
- Home
- :
- Identification and Security
- :
- Secure Authentication
- :
- AESKey Session Authentication for SE050
AESKey Session Authentication for SE050
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
AESKey Session Authentication for SE050
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
I'm trying to establish an AESKey secure session with a SE050 board using the Java SmartCard I/O API but am running into authentication issues.
When I send the SCPExternalAuthenticate command, I consistently get a 6700 ("Wrong length") error regardless of what I try.
what works:
1. I can successfully select the SE050 applet
2. I can successfully create an AES key authentication object
3. I can successfully start a session using the created authentication object
4. The SCPInitializeUpdate command completes successfully
log:
Found terminal: Identiv uTrust 3700 F CL Reader
Card is present in Identiv uTrust 3700 F CL Reader
Successfully connected to SE050.
Selecting applet with command: 00A4040010A0000003965453000000010300000000
Select response: SW=9000, Data=0301016FFF010B
SE050 applet selected successfully.
Enter 4-byte object ID for your AES key (8 hex characters, e.g., 12345678):
88888881
Enter 16-byte AES key (32 hex characters):
404142434445464748494A4B4C4D4E4F
Creating session...
CreateSession command: 8004001B064104888888810C
CreateSession response: SW=9000, Data=4182000801A1883AD1C0DDE6
Session created. Session ID: 01A1883AD1C0DDE6
Host challenge: 0F935F37FFC7DD2C
SCPInitializeUpdate command: 8005000019100801A1883AD1C0DDE6410D80500000080F935F37FFC7DD2C
SCPInitializeUpdate response: SW=9000, Data=000000000000000000000003606897205702C2B9EF8AC6E05E6B26EB83
Key diversification data: 00000000000000000000
Key info: 00
Card challenge: 03606897205702C2
Card cryptogram: B9EF8AC6E05E6B26
Derived S-ENC key: E2D59DD0015AA32B377A5CC6EED41DE6
Derived S-MAC key: 3458D77ADD4D1BF923D10367959E4C4B
Derived S-RMAC key: BC7323AE62CF71AD7DC3C59D56D1AFA6
Expected card cryptogram: 88612A8EC56FA45C
Card cryptogram doesn't match expected value, but proceeding anyway...
Host cryptogram: 88612A8EC56FA45C
SCPExternalAuthenticate command: 8005000021100801A1883AD1C0DDE64115848203000888612A8EC56FA45C5AD68E843A534B64
SCPExternalAuthenticate response: SW=6700, Data=
Authentication failed.
my SE050 details:
Applet Select Response Information:
Major: 3
Minor: 1
Patch: 1
AppletConfig: 0x6fff
SE050 Variant: SE050E2 (FIPS mode enabled)
Secure Box version: 1.b
what i need to check when i SCPExternalAuthenticate?
thanks
Kan_Li
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @nana11 ,
Was your SE050 provisioned for demo purpose? Please kindly refer to se05x_mw_v04.05.01/simw-top/doc/demos/se05x/se05x_Delete_and_test_provision/Readme.html for more details.
Hope that helps,
Have a great day,
Kan
-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------
