In SE050 generate the AES Key using APDU & T=1 over I2C protocol

chirag123 · ‎09-06-2024

Using SE050 I want to generate AES 128 key and write this key into SE050,

I am referring to the AN12543 and UM11225 documents for guidance.

Could someone assist me with the correct I2C data format to use for generating and writing the AES key into the SE050?

Kan_Li · ‎09-09-2024

Run the demo of ex_sss_symmetric with verbose log option , you may easily have an example of APDU command to generate the AES Key inside SE.

Have a great day,
Kan

-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

chirag123 · ‎09-09-2024

Hi, @Kan_Li
First off all thank you for your response,
I want to use the SE050 with a custom MCU, and for generate AES Key I need to implement the APDU package to generate and store it in the SE.
Could you please provide a link to any example code or documentation where the APDU package example is available for generate AES key into SE and store key into SE?

Kan_Li · ‎09-10-2024

Hi @chirag123 ,

The example is in the MW ,you may find it in simw-top\sss\ex\symmetric.

Have a great day,
Kan

-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

chirag123 · ‎09-13-2024

Hii,
I go throw simw-top\sss\ex\symmetric example but I am having trouble understanding which parameters to use in the APDU command to generate an AES 128-bit key.

please help me for this.if possible then please give me flow how to create the AES 128 key in SE050 and read this key from the SE050

Kan_Li · ‎09-19-2024

Hi @chirag123 ，

It is not recommended using raw APDU command in your application, as it can be easily probed via the I2C lines, you have to secure the channel at first, and such kind of functionalities have all been implemented in the MW(https://www.nxp.com/webapp/Download?colCode=SE05x-PLUG-TRUST-MW&appType=license ), you may simply develop your own application code based on the MW which will help you with the command frame construction , no need to take additional time to develop another similar MW.

Hope that makes sense,

Have a great day,
Kan

-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

chirag123 · ‎10-03-2024

Hi,
In our existing product, we are using an STM32, and we want to add the SE050 to generate an AES-256 key and read it from the SE050.

Since the middleware does not support STM32, could you provide a driver that allows us to interface the SE050 with the STM32 and generate the AES-256 key?

I tried finding the driver in SE05x-PLUG-TRUST-MW & appType=license but was unable to find out it.

Also, if possible, please provide a custom APDU package for generating the AES-256 key

Kan_Li · ‎10-08-2024

Hi @chirag123 ,

The MW is the correct choice but as STM is not supported so you have to do some porting before use it, and for your case, it is recommended to start the porting with the nano version of MW. Please kindly refer to https://github.com/NXPPlugNTrust/nano-package#porting for details.

Have a great day,
Kan

-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

chirag123 · ‎10-08-2024

Hi,
Thank you for your response,
In our existing product, we are using a Nordic MCU and STM32. Can we directly interface the SE050 with the Nordic MCU, or do we need to implement porting for both MCUs?
As per below document Nordic nRF52 support SE050?
https://stip.tech/wp-
content/uploads/2021/02/Webinar_presentation.pdf

Kan_Li · ‎10-09-2024

Hi @chirag123 ,

Actually it mainly depends on your application requirement, from my point of view, if both Nordic MCU and STM32 can support I2C interface, either of them may directly interface the SE050.

Have a great day,
Kan

-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

chirag123 · ‎10-09-2024

We are using the simw-nanopkg as a reference to try generating an AES-256 key.

We're working with a Nordic MCU and using the nRF Connect SDK with VS Code.

We manually added the simw-nanopkg files into the nRF Connect SDK in VS Code, but encountered many errors and are working to resolve them.

It would be very helpful if you could suggest the necessary files or any guidance from your side.

Kan_Li · ‎10-10-2024

Hi @chirag123 ,

Basically the following source files in the platform folder need to be updated with your custom MCU SDK drivers, and you may compare the files between different platform folders for more details.

Have a great day,
Kan

-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

chirag123 · ‎10-10-2024

Hi,
We manually added the simw-nanopkg files into the nRF Connect SDK in VS Code, but encountered many errors and are working to resolve them.

we got error on se05x_scp03_crypto_mbdetls.c file,below files we are not able to find out in simw-nanopkg files.

#include "mbedtls/ctr_drbg.h"
#include "mbedtls/cmac.h"
#include "mbedtls/aes.h"
#include "mbedtls/ecp.h"
#include "mbedtls/ecdh.h"
#include "mbedtls/ctr_drbg.h"
#include "mbedtls/entropy.h"
#include "mbedtls/pk.h"
#include "mbedtls/platform.h"

Kan_Li · ‎10-11-2024

Hi @chirag123 ,

Such files should be provided by the MCU SDK, for your case, if the nRF Connect SDK supports mbedtls, you may find those files in it, similar as the K64 SDK.

frdmk64f-sdk\middleware\mbedtls\include\mbedtls

Hope that makes sense,

Have a great day,
Kan

-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------