SE050 APDU - ECDSA

キャンセル
次の結果を表示 
表示  限定  | 次の代わりに検索 
もしかして: 

SE050 APDU - ECDSA

2,378件の閲覧回数
julian_sauer
Contributor III

I am trying get the Public Key (FastSCPGetECKAPublicKey) from the SE050 Dev Board and proofing the private Key possession with a ECDSA Signature from this Public Key (FastSCPGetECKAPublicKey).

Do I need to create a CryptoObject (in the Docu it is mentioned the FastSCPGetECKAPublicKey already created)?

Where can I find good example project only using APDU Commands (Soft Reset, Select Applet etc.) to communicate with the SE050?

Is "creating a Session" necessary for retrieving the public Key and Signing a Random Message or can this happen sessionless?

 

Best regards

Julian

タグ(2)
2 返答(返信)

2,200件の閲覧回数
michaelsalfer
NXP Employee
NXP Employee

Hello Julian,

creating a session with the command CreateSession is not necessary to do a signature.

the command FastSCPGetECKAPublicKey (now called ECKeySessionGetECKAPublicKey) is only used to fetch the public key when needed for session creation with Elliptic Curve authentication or for ImportExternalObject.

The mechanism of encrypted session creation is best shown when compiling the examples with authentication enabled - so call cmake with -DSE05X_Auth=ECKey and the examples will execute with authentication. Prerequisite is that the example authentication keys have been provisioned before using the example se05x_Delete_and_test_provision.

In case you are not interested in the ECKey authentication but just like to do a signature then I recommend the example ex_ecc of the Plug & Trust Middleware.

It shows creating a signature using 

sss_asymmetric_sign_digest(&ctx_asymm, digest, digestLen, signature, &signatureLen);

Reading the public key works as shown in ex_ecdh works using

sss_key_store_get_key(&pCtx->ks, &keyPair, publicKey, &publicKeyLen, &publicKeyBitLen);

To see the APDUs created by these functions just enable debug logging in nxLog_Default_Config.h with

#define NX_LOG_ENABLE_DEFAULT_DEBUG 1

and execute the examples to see which APDUs are exchanged.

Kind regards,

Michael

2,200件の閲覧回数
julian_sauer
Contributor III

Hi Michael,

thank you - the plug and trust examples are great

best regards

Julian

0 件の賞賛
返信