Is there any 'Rollback option' for NXP se050 smart card eval. board present?

priyanka_priyad · ‎10-21-2020

I am using NXP se050 smartcard eval. board with MCU MSP430.

I have written a C code for MCU where, I am trying to delete the UsedID from the smart card and recreating the same UserID with some other PIN Value.

My question now is, if the electricity goes off and Processing aborts in middle where the UserID is deleted but not recreated, what will happen to the smart card? Will it discard the half processing and be rolled back to its previous stage or not?

Is there any way, we can ensure that the full processing executes or nothing executes if the process is interrupted in between?

Thanks,

Priyanka

Kan_Li · ‎10-27-2020

Hi @priyanka_priyad ,

Actually it is more likely an application issue. The SE050 is characterized for the specified operating supply voltage range of 1.62 V to 3.6 V. and from the host side, there should be a LVD(low voltage detection) module to monitor the VCC level, usually the warning level is at 2.5v or so, and before the VCC drops from 2.5V to 1.62V, there should be enough time for the host to terminate the communication with SE050.

Have a great day,
Kan

-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

msjcard · ‎10-27-2020

Hi @Kan_Li -

That might work for a wired application with stable battery, but sometimes the low-level stuff is fairly hidden away and inaccessible (without re-writing the MW stuff) to deal with something like this. In any event, the delete/add APDUs are two different calls and there is a possibility however remote that a power reset could occur between them.

Also, the SE050 supports connectivity via NFC - simply moving the antenna/reader at the wrong time could get you in that state.

If he can't update the PIN object (by setting the policy to WRITE), then he's going to have to build a transaction model on top of the available APDUS:

1) Add new users and PIN
2) add that authentication policy to all of the appropriate objects
3) delete the old authentication policy from all of the appropriate objects
4) delete the old user and PIN

That will require a userid change, but at least is recoverable.

Mike

Kan_Li · ‎11-05-2020

Hello @msjcard ,

Actually tearing such as suddenly turning off power during execution is still possible in the four steps, the exact effect always depends on the time when the tearing itself happens. The object can after the POR still be there or not depending on the timing, you can only be sure the object is created/deleted after you got a success message from the secure element.

Hope that makes sense,

Have a great day,
Kan

-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

msjcard · ‎10-22-2020

AFAICT there is no "transaction" model that would match what you're trying to do.

Why aren't you either a) adding a new user of a different name, then deleting the old users, or b) changing the PIN of the existing user? Either of those would leave you in a recoverable state.

Mike

priyanka_priyad · ‎10-23-2020

Changing the PIN of the existing user (UserID secure object) is exactly what I want to do.

I have loaded some binary files on my se050 smart card and I want to lock this file using a PIN so that only only the user who know the PIN can access it.

For that purpose I created a UserID Object (to be used as a PIN), and I put read policies on my binary files so that a person who knows the PIN can only read the binary files.

And this works perfectly.

Now, I want to change the value of the PIN, but I am not able to do this as UserID doesn't allow the update functionality.

So, I want to know which other secure object can be used in this case? I was thinking to use AESKey but it looks like it is something about encryption and decryption of secret data, but I don't want to do that. I only want to secure my binary files using a PIN (just like in our cell phones)

Thanks.

msjcard · ‎10-23-2020

The SE050 documentation is slightly confusing on this point. It says that you can't change the size of the components of an authentication object. But it also says that you can set a POLICY_OBJ_ALLOW_WRITE policy on those objects.

Maybe try creating a UserID with the write and read policies applied and then try writing the UserID with a new PIN of the same length as the old PIN. The default policy is read only which would possibly explain why you can't update the PIN.

Other than that, you're probably out of luck.

Mike