Read ECC Curvelist fails when SCP03 enabled

deang · ‎05-17-2023

Using Se05x_API_ReadECCurveList(). Fails when SCP03 is enabled, when SCP03 is not enabled does not fail. Is this expected behavior?

Dean

Kan_Li · ‎05-17-2023

Hi @deang ,

It should work with SCP03 enabled, may I have your test code as well as the log for a review? I may try to reproduce it here.

Thanks for your patience!

Have a great day,
Kan

-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

deang · ‎05-19-2023

Test code, kSE050_ECCurve_MAX_id == 0x43

static smStatus_t _create_curve_if_necessary(SE05x_ECCurve_t curve_id)
{
smStatus_t status = SM_NOT_OK;
uint8_t curveList[kSE050_ECCurve_MAX_id] = { 0 };
size_t curveListLen = sizeof(curveList);

// TODO: Fails when SCP03 is enabled. 5/17/2023 DAG.
status = Se05x_API_ReadECCurveList(&_se050_session_ctx, curveList, &curveListLen);

if (status != SM_OK) { <-- Fails here with SM_NOT_OK

return status

}
.... rest of function not show
}

Kan_Li · ‎05-21-2023

Hi @deang ,

I tried your code in the se05x_minial demo, it works just well, maybe the cause is due to the _se050_session_ctx was not referred correctly?

Have a great day,
Kan

-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

deang · ‎06-02-2023

Thanks Kan.

I'm using the Nano package. Digging further it looks like response isn't decrypted correctly, but the MAC check passes. Head-scratcher. I'll do some more digging.

Kan_Li · ‎06-04-2023

Hi @deang ,

Are you referring to the case when only PlatformSCP is enabled?

Have a great day,
Kan

-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

deang · ‎06-05-2023

Yes. When using PlatformSCP the call fails.

Kan_Li · ‎06-06-2023

Hi @deang ,

Thanks for the information! Actually I just found Se05x_API_ReadECCurveList() is not included in the nano package, so how did you put this function there? maybe it is software integration issue indeed.

Have a great day,
Kan

-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

deang · ‎06-06-2023

We ported Se05x_API_ReadECCurveList() from the full Plug&Trust stack.

Kan_Li · ‎06-06-2023

Hi @deang ,

Thanks for the clarification! Actually there is slight difference in the SE05X API implementation between the Nano and Full MW, how did you port it? Maybe you can sent me the code snippets for a review?

Have a great day,
Kan

-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

deang · ‎06-07-2023

I did compare the two versions of Se05X_API_ReadCurveList(), one in Nano package and the other in full MW stack. The only difference was calling DoAPDUTxRx() in Nano vs. DoAPDUTxRx_s_Case4() in full MW. The main difference seems to be setting the LE byte in the request. I tried forcing this byte on-off without any luck. In the Nano package, the actual call is successful (DoAPDUTxRx() return SM_OK), but when the response buffer is parsed, tlvGet_u8Buf() returns 1, an error. The response buffer looks incorrect.

Here's the response buffer (23 bytes) when the call fails (starting address 0x20001A4D):

On success here the response buffer (23 bytes):

Here's the code itself:

smStatus_t Se05x_API_ReadECCurveList(pSe05xSession_t session_ctx, uint8_t *data, size_t *pdataLen)
{
smStatus_t retStatus = SM_NOT_OK;
tlvHeader_t hdr = {{kSE05x_CLA, kSE05x_INS_READ, kSE05x_P1_CURVE, kSE05x_P2_LIST}};
size_t cmdbufLen = 0;
uint8_t *pCmdbuf = NULL;
int tlvRet = 0;
uint8_t *pRspbuf = NULL;
size_t rspbufLen = 0;

ENSURE_OR_GO_CLEANUP(session_ctx != NULL);

memset(session_ctx->apdu_buffer, 0, sizeof(session_ctx->apdu_buffer));

pCmdbuf = &session_ctx->apdu_buffer[0];
pRspbuf = &session_ctx->apdu_buffer[0];
rspbufLen = sizeof(session_ctx->apdu_buffer);

SMLOG_D("APDU - Se05x_API_ReadECCurveList [] \n");

retStatus = DoAPDUTxRx(session_ctx, &hdr, session_ctx->apdu_buffer, cmdbufLen, pRspbuf, &rspbufLen, 1);
if (retStatus == SM_OK) {
retStatus = SM_NOT_OK;
size_t rspIndex = 0;
tlvRet = tlvGet_u8buf(pRspbuf, &rspIndex, rspbufLen, kSE05x_TAG_1, data, pdataLen); /* */
if (0 != tlvRet) {
goto cleanup;
}
if ((rspIndex + 2) == rspbufLen) {
retStatus = (pRspbuf[rspIndex] << | (pRspbuf[rspIndex + 1]);
}
}
if (retStatus == SM_ERR_ACCESS_DENIED_BASED_ON_POLICY) {
SMLOG_I("Denied to ReadECCurveList");
}

cleanup:
return retStatus;
}

Kan_Li · ‎06-08-2023

Hi @deang ,

Thanks for the sharing ! I tried your code with the example of ex_se05x_crypto, and found a code issue as shown below, and it works well after fixing.

Hope that helps,

Have a great day,
Kan

-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

deang · ‎06-08-2023

That's not where the code is failing. tlvGet_u8buf() returns 1 vs. 0. Digging further, inside tlvGet_u8buf(), the line of code failing is:

if (got_tag != tag) { goto cleanup; }

The tag's incorrect b/c the response from the se050 seems garbled. You can see the good and bad response in my previous post.

Kan_Li · ‎06-08-2023

Hi @deang ,

Actually I could not reproduce your issue here, in your code, if tlvGet_u8buf() returns 1, Se05x_API_ReadECCurveList returns SM_NOT_OK, and "Error in Se05x_API_ReadECCurveList \n" will be printed, but in my test, this debug info doesn't come out. Maybe you can try it again with this little fix?

Have a great day,
Kan

-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------