Connection Authentication, AES 32 byte key

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Connection Authentication, AES 32 byte key

1,560 Views
deang
Contributor III

Can you authenticate with a 32 byte AES key vs. 16 byte key?  I am able to connect using kSSS_AuthType_AESKey   OK when the key is 16 bytes, fails when I try a 32 byte key.

 

Thanks,

Dean G.

0 Kudos
3 Replies

1,521 Views
deang
Contributor III

Digging further, the SCP03 protocol spec from GlobalPlatform, Card spec V2.3, Amendment D Versin 1.1.2 March 2019 (Document GPC_SPE_014) does allow for 32 byte keys.  But this is the official spec, what is actually supported by NXP is "implementation specific".  So while the spec says Yes 32 byte keys allowed, NXP just didn't implement it.  That's my guess.

0 Kudos

1,553 Views
Kan_Li
NXP TechSupport
NXP TechSupport

Hi @deang ,

 

Did you build the application based on the MW? Is it possible to share part of your code for Connection Authentication? We may try to reproduce this issue here.

 

Thanks for your patience!

 

Have a great day,
Kan


-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

 

0 Kudos

1,547 Views
deang
Contributor III

Hi Kan,

 

Yes I am using the MW.  The attached source file (Test_SE_project.c) contains my test code.  Ignore all of the other test code, the init_se050() function is where authentication is failing when using 256 AES key vs. 128.   Use the SE_AUTH_AES authentication type, the keys are set in create_aes_authkey(),  the aes_auth_key is used.  If I set to 32 bytes it fails.

Dean

0 Kudos