Problems Creating an RSA Secure Object for the SE050

nullptr_123 · ‎12-08-2020

Hello,

I want to create a secure object containing an RSA key pair but it is not working and I do not understand why. The function returns the error code 0x6895 every time I try to write the secure object. I'm trying to create it using the SDK. I simply created the SDK example se05x_minimal and then called the functions needed to create the RSA secure object in the ex_sss_entry function. The file with the ex_sss_entry function is attached to this question (se05x_minimal.c). The object identifier that I used in the program has not been used for any other secure object.

To create the key array I used a python script that read the contents of a file that contains a private RSA key in PEM form. The python script (convertprivate.py) and the PEM file (prikeypem.zip) are both also attached to this question. I created the PEM file using openssl. I got the code for the python script by going through the ssscli files. I wanted to try using the ssscli to set the RSA key pair instead of the SDK but I couldn't get it to work.

I am using the OM-SE050ARD development board with the LPC55S69 development board. When debugging it, everything seems to work as described in the AN12413 APDU specification, so I don't understand why it isn't working. I have tried many things and nothing seems to work. Could you please help me find the problem?

Thank you in advance for your help.

Kan_Li · ‎12-09-2020

Hello @nullptr_123 ,

CLI tools can be used for inject keys such as RSA, please kindly refer to the following for details.

#) ``ssscli set rsa pair``::

Usage: ssscli set rsa pair [OPTIONS] keyid key

Set RSA Key Pair

keyid = 32bit Key ID. Should be in hex format. Example: 20E8A001

key = Can be raw key (DER format) or in file. For file, by default
filename with extension .pem considered as PEM format and others as DER
format.

Options:
--format TEXT Input key format. TEXT can be "DER" or "PEM"
--policy_name TEXT File name of the policy to be applied
--help Show this message and exit.

Please kindly refer to "SE-PLUG-TRUST-MW/simw-top/doc/pycli/doc/pre-steps.html" for more details.

Hope that helps,

Have a great day,
Kan

-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------