FAQs
English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

Replacing initial ISD keyset (KVN 0xFF)

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED
Jump to solution

Replacing initial ISD keyset (KVN 0xFF)

Jump to solution
‎05-07-2024 02:45 AM
1,349 Views
nc-adnan
Contributor I

Hi,

Using the JCOP 4.5 P71 (JCOP-ID-2) product, we would like to replace the initial ISD keys (SCP03, AES), which have the Key Version Number is 255 (0xFF), with new keys having a different KVN, for example 0x01.

I have found an example JCShell scripts, but we are using a different tool in production to send the APDU commands so I would like to understand which GlobalPlatform APDU commands to use and how.

Example in JCShell script:

 

# update the key-set
# the keys are defined in the authISD script
if ${replaceKeyset}
  put-keyset  -m replace -r ${replaceKeyset;q} ${newKeySet}
else
  put-keyset  -r 255 ${newKeySet}
end

 

In the GlobalPlatform Card Specification v2.3.1, the PUT KEY command to replace existing keys does not allow the value 0xFF to be specified in the P1 parameter.

Is KVN 0xFF a special case? How can we replace the keys in this case?

Thanks,

JCOP-ID-2

JCOP-ID-2
JCOP-ID-2
End-to-End Services
VIEW PRODUCT PAGE
0 Kudos
Reply
1 Solution

Jump to solution
‎05-07-2024 06:45 PM
1,322 Views
Kan_Li
NXP TechSupport
NXP TechSupport

Hi @nc-adnan ,

 

Actually P71 is not a mass market product so the related technical discussion is not allowed here. Would you please create a private ticket instead? Please kindly refer to the following for details.

https://www.nxp.com/video/tutorial-for-nxp-support-case-portal:NCP-VIDEO 

 

Have a great day,
Kan


-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

View solution in original post

0 Kudos
Reply
1 Reply

Jump to solution
‎05-07-2024 06:45 PM
1,323 Views
Kan_Li
NXP TechSupport
NXP TechSupport

Hi @nc-adnan ,

 

Actually P71 is not a mass market product so the related technical discussion is not allowed here. Would you please create a private ticket instead? Please kindly refer to the following for details.

https://www.nxp.com/video/tutorial-for-nxp-support-case-portal:NCP-VIDEO 

 

Have a great day,
Kan


-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

0 Kudos
Reply
%3CLINGO-SUB%20id%3D%22lingo-sub-1860419%22%20slang%3D%22en-US%22%20mode%3D%22CREATE%22%3EReplacing%20initial%20ISD%20keyset%20(KVN%200xFF)%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1860419%22%20slang%3D%22en-US%22%20mode%3D%22CREATE%22%3E%3CP%3E%3CSPAN%3EHi%2C%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3CSPAN%3EUsing%20the%20JCOP%204.5%20P71%20(JCOP-ID-2)%20product%2C%20we%20would%20like%20to%20replace%20the%20initial%20ISD%20keys%20(SCP03%2C%20AES)%2C%20which%20have%20the%20Key%20Version%20Number%20is%20255%20(0xFF)%2C%20with%20new%20keys%20having%20a%20different%20KVN%2C%20for%20example%200x01.%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3CSPAN%3EI%20have%20found%20an%20example%20JCShell%20scripts%2C%20but%20we%20are%20using%20a%20different%20tool%20in%20production%20to%20send%20the%20APDU%20commands%20so%20I%20would%20like%20to%20understand%20which%20GlobalPlatform%20APDU%20commands%20to%20use%20and%20how.%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3CSPAN%3EExample%20in%20JCShell%20script%3A%3C%2FSPAN%3E%3C%2FP%3E%3CBR%20%2F%3E%3CPRE%20class%3D%22lia-code-sample%20language-markup%22%3E%3CCODE%3E%23%20update%20the%20key-set%0A%23%20the%20keys%20are%20defined%20in%20the%20authISD%20script%0Aif%20%24%7BreplaceKeyset%7D%0A%20%20put-keyset%20%20-m%20replace%20-r%20%24%7BreplaceKeyset%3Bq%7D%20%24%7BnewKeySet%7D%0Aelse%0A%20%20put-keyset%20%20-r%20255%20%24%7BnewKeySet%7D%0Aend%3C%2FCODE%3E%3C%2FPRE%3E%3CBR%20%2F%3E%3CP%3E%3CSPAN%3EIn%20the%20GlobalPlatform%20Card%20Specification%20v2.3.1%2C%20the%20%3C%2FSPAN%3E%3CFONT%20face%3D%22andale%20mono%2Ctimes%22%3EPUT%20KEY%3C%2FFONT%3E%3CSPAN%3E%26nbsp%3Bcommand%20to%20replace%20existing%20keys%20does%20not%20allow%20the%20value%200xFF%20to%20be%20specified%20in%20the%20P1%20parameter.%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3CSPAN%3EIs%20KVN%200xFF%20a%20special%20case%3F%20How%20can%20we%20replace%20the%20keys%20in%20this%20case%3F%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3CSPAN%3EThanks%2C%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%3CSPAN%3E%3CA%20href%3D%22https%3A%2F%2Fcommunity.nxp.com%2Ft5%2Fc-pwmxy87654%2FJCOP-ID-2%2Fpd-p%2FJCOP-ID-2%22%20class%3D%22lia-product-mention%22%20data-product%3D%22529-1%22%20target%3D%22_blank%22%3EJCOP-ID-2%3C%2FA%3E%3C%2FSPAN%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1860922%22%20slang%3D%22en-US%22%20mode%3D%22CREATE%22%3ERe%3A%20Replacing%20initial%20ISD%20keyset%20(KVN%200xFF)%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1860922%22%20slang%3D%22en-US%22%20mode%3D%22CREATE%22%3E%3CP%3EHi%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fcommunity.nxp.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F233179%22%20target%3D%22_blank%22%3E%40nc-adnan%3C%2FA%3E%26nbsp%3B%2C%3C%2FP%3E%0A%3CBR%20%2F%3E%0A%3CP%3EActually%20P71%20is%20not%20a%20mass%20market%20product%20so%20the%20related%20technical%20discussion%20is%20not%20allowed%20here.%20Would%20you%20please%20create%20a%20private%20ticket%20instead%3F%20Please%20kindly%20refer%20to%20the%20following%20for%20details.%3C%2FP%3E%0A%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fwww.nxp.com%2Fvideo%2Ftutorial-for-nxp-support-case-portal%3ANCP-VIDEO%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fwww.nxp.com%2Fvideo%2Ftutorial-for-nxp-support-case-portal%3ANCP-VIDEO%3C%2FA%3E%26nbsp%3B%3C%2FP%3E%0A%3CBR%20%2F%3E%0A%3CP%3EHave%20a%20great%20day%2C%3CBR%20%2F%3EKan%3C%2FP%3E%0A%3CP%3E%3CBR%20%2F%3E-------------------------------------------------------------------------------%3CBR%20%2F%3ENote%3A%3CBR%20%2F%3E-%20If%20this%20post%20answers%20your%20question%2C%20please%20click%20the%20%22Mark%20Correct%22%20button.%20Thank%20you!%3CBR%20%2F%3E-%20We%20are%20following%20threads%20for%207%20weeks%20after%20the%20last%20post%2C%20later%20replies%20are%20ignored%3CBR%20%2F%3EPlease%20open%20a%20new%20thread%20and%20refer%20to%20the%20closed%20one%2C%20if%20you%20have%20a%20related%20question%20at%20a%20later%20point%20in%20time.%3CBR%20%2F%3E-------------------------------------------------------------------------------%3C%2FP%3E%3C%2FLINGO-BODY%3E