SE050: key rotation demo: nxScp03_GP_InitializeUpdate returns 0x6a88

mfr64 · ‎11-30-2020

Hi Kan Li, all,
I fear the discussion at SE050-key-rotation-DoAPDUTxRx-s-Case4-returns-0x6a80 is considered closed. I have still the problem and some more background information would help to solve it.
I have trouble with the key rotation demo se05x_TP_PlatformSCP03keys.c.

Let me give you an update to what I did:
Compilation on Linux using build options SE05X_Auth := PlatfSCP03, SCP := SCP03_SSS. Demos se05x_Get_Info and se05x_minimal work well in SCP03 mode. The GP Initialize Update Command succeeds there.
Within se05x_TP_PlatformSCP03keys I left "#define EX_SSS_BOOT_SKIP_SELECT_APPLET 1" in, I just added debug output to verify I used the same old preprovisioned keys that work on other demos successfully.

Here debug information:
se05x_RotatePlatformSCP03Keys
App:INFO :PlugAndTrust_v02.12.00_20191122
App:INFO :Running ../simw-top_build/raspbian_native_se050_t1oi2c/bin/se05x_RotatePlatformSCP03Keys
App:INFO :If you want to over-ride the selection, use ENV=EX_SSS_BOOT_SSS_PORT or pass in command line arguments.
sss:INFO :atr (Len=35)
00 A0 00 00 03 96 04 03 E8 00 FE 02 0B 03 E8 08
01 00 00 00 00 64 00 00 0A 4A 43 4F 50 34 20 41
54 50 4F
scp:DEBUG:FN: nxScp03_AuthenticateChannel
scp:DEBUG: Output: hostChallenge (Len=8)
75 73 B3 26 35 5B 9B 2A
scp:DEBUG:FN: nxScp03_GP_InitializeUpdate
scp:DEBUG:Input:keyVersion 0b
scp:DEBUG: Input: hostChallenge (Len=8)
75 73 B3 26 35 5B 9B 2A
scp:DEBUG:Sending GP Initialize Update Command !!!
sss:WARN :nxEnsure:'ret == SM_OK' failed. At Line:4843 Function:sss_se05x_TXn
sss:INFO :Output:apduStatus 6a88
sss:INFO :Header: (Len=4)
80 50 0B 00
sss:INFO :Cmdbuf: (Len=8)
75 73 B3 26 35 5B 9B 2A
sss:INFO :Receivebuf: (Len=2)
6A 88
scp:ERROR:GP_InitializeUpdate Failure on communication Link 6A88
scp:ERROR:nxScp03_GP_InitializeUpdate fails with Status 3C3C0000
sss:ERROR:Could not set SCP03 Secure Channel
App:INFO :OLD_ENC (Len=16)
85 2B 59 62 E9 CC E5 D0 BE 74 6B 83 3B CC 62 87
App:INFO :OLD_MAC (Len=16)
DB 0A A3 19 A4 08 69 6C 8E 10 7A B4 E3 C2 6B 47
App:INFO :OLD_DEK (Len=16)
4C 2F 75 C6 A2 78 A4 AE E5 C9 AF 7C 50 EE A8 0C

Further down I add two more detailed logs of both se05x_RotatePlatformSCP03Keys and se05x_minimal.

Apparently nxScp03_GP_InitializeUpdate is called when the demo starts. But in difference to the earlier mentioned other demos, I get error message 6A 88, which means according to GP spec: "Referenced data not found".
The function "tp_PlatformKeys" of the Rotate Demo is not even called, the error comes before that (ex_sss_entry is after the error).

I understand from other discussion that the boot sequence has to be different when rotating keys, can you confirm that? What is the intended "to be"-effect of EX_SSS_BOOT_SKIP_SELECT_APPLET=1? It would help to know which APDU commands SHOULD be applied for rotating keys.
- Different options than: SE05X_Auth := PlatfSCP03 / SCP := SCP03_SSS ?
- Does the SE050´s Global Platform part require specific keys, different from the provisioned ones for SE050C1 (that work on other demos)?

Kind regards and many many thanks for any suggestion or help,
Markus

_____________________

Here a more deep log file with all traffic going via I2C interface:

pi@raspberrypi:~/SE050-PLUG-TRUST_MW_v02.12.00/simw-top_build/raspbian_native_se050_t1oi2c/bin $ ./se05x_RotatePlatformSCP03Keys
App:INFO :PlugAndTrust_v02.12.00_20191122
App:INFO :Running ./se05x_RotatePlatformSCP03Keys
App:INFO :If you want to over-ride the selection, use ENV=EX_SSS_BOOT_SSS_PORT or pass in command line arguments.
smCom:DEBUG:I2CInit: opening /dev/i2c-4

smCom:DEBUG:I2C driver: PEC flag cleared

smCom:DEBUG:I2C driver supports plain i2c-level commands.

smCom:DEBUG:Done with rv = 0d
smCom:DEBUG:TX (axI2CRead): (Len=260)
BC 23 FD 76 08 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 53 8C 28 21 18 4B FD 76 00 00 00 00
58 8D DC 7E 60 8D DC 7E CC 8D DC 7E 1C 20 01 00
B4 8D DC 7E 20 DB FA 76 60 8D DC 7E BC 4A FD 76
05 00 00 00 08 24 FD 76 01 00 00 00 00 00 00 00
01 00 00 00 60 49 FD 76 05 00 00 00 08 24 FD 76
01 00 00 00 00 00 00 00 00 00 00 00 60 49 FD 76
18 4B FD 76 60 49 FD 76 FF FF FF FF 60 23 FD 76
E4 3C BE 76 40 1D FD 76 18 4B FD 76 60 49 FD 76
FF FF FF FF 00 00 00 00 C4 2F BE 76 40 1D FD 76
00 00 00 00 18 18 FB 76 40 1D FD 76 00 8E DC 7E
20 DC BD 76 00 00 00 00 FC 60 06 00 01 00 00 00
C0 F4 FC 76 00 00 00 00 00 00 00 00 00 40 FD 76
14 8E DC 7E 0C 31 FB 76 08 24 FD 76 01 00 00 00
01 00 00 00 00 00 00 00 24 8E DC 7E E4 3C BE 76
00 60 06 00 00 00 00 00 50 33 01 00 00 00 00 00
00 00 00 00
smCom:DEBUG:TX (axI2CWrite) > (Len=5)
5A CF 00 37 7F
smCom:DEBUG:Done with rv = 0c
smCom:DEBUG:Done with rv = 0c
smCom:DEBUG:TX (axI2CRead): (Len=2)
A5 EF
smCom:DEBUG:Done with rv = 0c
smCom:DEBUG:TX (axI2CRead): (Len=1)
23
smCom:DEBUG:Done with rv = 0c
smCom:DEBUG:TX (axI2CRead): (Len=37)
00 A0 00 00 03 96 04 03 E8 00 FE 02 0B 03 E8 08
01 00 00 00 00 64 00 00 0A 4A 43 4F 50 34 20 41
54 50 4F 87 77
smCom:DEBUG:TX (axI2CWrite) > (Len=10)
5A 00 05 00 A4 04 00 00 1E 3C
smCom:DEBUG:Done with rv = 0c
smCom:DEBUG:Done with rv = 0d
smCom:DEBUG:TX (axI2CRead): (Len=2)
00 00
smCom:DEBUG:Done with rv = 0d
smCom:DEBUG:TX (axI2CRead): (Len=2)
00 00
smCom:DEBUG:Done with rv = 0d
smCom:DEBUG:TX (axI2CRead): (Len=2)
00 00
smCom:DEBUG:Done with rv = 0d
smCom:DEBUG:TX (axI2CRead): (Len=2)
00 00
smCom:DEBUG:Done with rv = 0d
smCom:DEBUG:TX (axI2CRead): (Len=2)
00 00
smCom:DEBUG:Done with rv = 0c
smCom:DEBUG:TX (axI2CRead): (Len=2)
A5 00
smCom:DEBUG:Done with rv = 0c
smCom:DEBUG:TX (axI2CRead): (Len=1)
14
smCom:DEBUG:Done with rv = 0c
smCom:DEBUG:TX (axI2CRead): (Len=22)
6F 10 84 08 A0 00 00 01 51 00 00 00 A5 04 9F 65
01 FF 90 00 95 F6
sss:INFO :atr (Len=35)
00 A0 00 00 03 96 04 03 E8 00 FE 02 0B 03 E8 08
01 00 00 00 00 64 00 00 0A 4A 43 4F 50 34 20 41
54 50 4F
sss:INFO :SCP03 SSS section
scp:DEBUG:FN: nxScp03_AuthenticateChannel
scp:DEBUG: Output: hostChallenge (Len=8)
10 22 1B 84 31 0A 14 07
scp:DEBUG:FN: nxScp03_GP_InitializeUpdate
scp:DEBUG:Input:keyVersion 0b
scp:DEBUG: Input: hostChallenge (Len=8)
10 22 1B 84 31 0A 14 07
scp:DEBUG:Sending GP Initialize Update Command !!!
smCom:DEBUG:TX (axI2CWrite) > (Len=18)
5A 40 0D 80 50 0B 00 08 10 22 1B 84 31 0A 14 07
70 FE
smCom:DEBUG:Done with rv = 0c
smCom:DEBUG:Done with rv = 0d
smCom:DEBUG:TX (axI2CRead): (Len=2)
00 00
smCom:DEBUG:Done with rv = 0d
smCom:DEBUG:TX (axI2CRead): (Len=2)
00 00
smCom:DEBUG:Done with rv = 0d
smCom:DEBUG:TX (axI2CRead): (Len=2)
00 00
smCom:DEBUG:Done with rv = 0d
...
Looping about 10seconds (until timeout?), then:
...
smCom:DEBUG:TX (axI2CRead): (Len=2)
00 00
smCom:DEBUG:Done with rv = 0d
smCom:DEBUG:TX (axI2CRead): (Len=2)
00 00
smCom:DEBUG:Done with rv = 0d
smCom:DEBUG:TX (axI2CRead): (Len=2)
00 00
smCom:DEBUG:Done with rv = 0d
smCom:DEBUG:TX (axI2CRead): (Len=2)
00 00
smCom:DEBUG:Done with rv = 0d
smCom:DEBUG:TX (axI2CRead): (Len=2)
00 00
smCom:DEBUG:Done with rv = 0d
smCom:DEBUG:TX (axI2CRead): (Len=2)
00 00
smCom:DEBUG:Done with rv = 0c
smCom:DEBUG:TX (axI2CRead): (Len=2)
A5 40
smCom:DEBUG:Done with rv = 0c
smCom:DEBUG:TX (axI2CRead): (Len=1)
02
smCom:DEBUG:Done with rv = 0c
smCom:DEBUG:TX (axI2CRead): (Len=4)
6A 88 8D 30
sss:WARN :nxEnsure:'ret == SM_OK' failed. At Line:4848 Function:sss_se05x_TXn
sss:INFO :Output:apduStatus 6a88
sss:INFO :Header: (Len=4)
80 50 0B 00
sss:INFO :Cmdbuf: (Len=8)
09 A1 CE EE D4 84 44 BC
sss:INFO :Receivebuf: (Len=2)
6A 88
scp:ERROR:GP_InitializeUpdate Failure on communication Link 6A88
scp:ERROR:nxScp03_GP_InitializeUpdate fails with Status 3C3C0000
sss:ERROR:Could not set SCP03 Secure Channel
App:INFO :OLD_ENC (Len=16)
85 2B 59 62 E9 CC E5 D0 BE 74 6B 83 3B CC 62 87
App:INFO :OLD_MAC (Len=16)
DB 0A A3 19 A4 08 69 6C 8E 10 7A B4 E3 C2 6B 47
App:INFO :OLD_DEK (Len=16)
4C 2F 75 C6 A2 78 A4 AE E5 C9 AF 7C 50 EE A8 0C
sss:DEBUG:FN: sss_symmetric_context_init
sss:DEBUG:Input:algorithm 0a
sss:DEBUG:Input:mode 01
sss:DEBUG:FN: sss_cipher_one_go
sss:DEBUG: Input: IV (Len=0)
sss:DEBUG: Input: srcData (Len=0)
sss:DEBUG:FN: sss_cipher_one_go
sss:DEBUG: Input: IV (Len=0)
sss:DEBUG: Input: srcData (Len=0)
sss:DEBUG:FN: sss_symmetric_context_free
sss:DEBUG:FN: sss_symmetric_context_init
sss:DEBUG:Input:algorithm 0a
sss:DEBUG:Input:mode 01
sss:DEBUG:FN: sss_cipher_one_go
sss:DEBUG: Input: IV (Len=0)
sss:DEBUG: Input: srcData (Len=0)
sss:DEBUG:FN: sss_cipher_one_go
sss:DEBUG: Input: IV (Len=0)
sss:DEBUG: Input: srcData (Len=0)
sss:DEBUG:FN: sss_symmetric_context_free
sss:DEBUG:FN: sss_symmetric_context_init
sss:DEBUG:Input:algorithm 0a
sss:DEBUG:Input:mode 01
sss:DEBUG:FN: sss_cipher_one_go
sss:DEBUG: Input: IV (Len=0)
sss:DEBUG: Input: srcData (Len=0)
sss:DEBUG:FN: sss_cipher_one_go
sss:DEBUG: Input: IV (Len=0)
sss:DEBUG: Input: srcData (Len=0)
sss:DEBUG:FN: sss_symmetric_context_free
smCom:DEBUG:TX (axI2CWrite) > (Len=80)
5A 00 4B 80 D8 0B 81 46 0B 88 11 10 4D BD 61 CD
46 F4 79 A8 C2 0E CE 1D 10 72 16 8C 03 75 0D 4D
88 11 10 D6 6A EF 4E A7 52 30 7B 42 F3 25 65 39
7E 3A 5F 03 89 1F B6 88 11 10 34 88 2F 97 33 4F
73 EE 15 55 FA 76 E2 52 70 96 03 EE 6D D4 E1 6B
smCom:DEBUG:Done with rv = 0c
smCom:DEBUG:Done with rv = 0d
smCom:DEBUG:TX (axI2CRead): (Len=2)
00 00
smCom:DEBUG:Done with rv = 0d
smCom:DEBUG:TX (axI2CRead): (Len=2)
00 00
smCom:DEBUG:Done with rv = 0c
smCom:DEBUG:TX (axI2CRead): (Len=2)
A5 00
smCom:DEBUG:Done with rv = 0c
smCom:DEBUG:TX (axI2CRead): (Len=1)
02
smCom:DEBUG:Done with rv = 0c
smCom:DEBUG:TX (axI2CRead): (Len=4)
69 82 08 A3
sss:WARN :nxEnsure:'ret == SM_OK' failed. At Line:4848 Function:sss_se05x_TXn
sss:INFO :Output:apduStatus 6982
sss:INFO :Header: (Len=4)
80 D8 0B 81
sss:INFO :Cmdbuf: (Len=70)
0B 88 11 10 4D BD 61 CD 46 F4 79 A8 C2 0E CE 1D
10 72 16 8C 03 75 0D 4D 88 11 10 D6 6A EF 4E A7
52 30 7B 42 F3 25 65 39 7E 3A 5F 03 89 1F B6 88
11 10 34 88 2F 97 33 4F 73 EE 15 55 FA 76 E2 52
70 96 03 EE 6D D4
sss:INFO :Receivebuf: (Len=2)
69 82
App:INFO :ex_sss Finished
smCom:DEBUG:TX (axI2CWrite) > (Len=5)
5A C5 00 47 82
smCom:DEBUG:Done with rv = 0c
smCom:DEBUG:Done with rv = 0c
smCom:DEBUG:TX (axI2CRead): (Len=2)
A5 E5
smCom:DEBUG:Done with rv = 0c
smCom:DEBUG:TX (axI2CRead): (Len=1)
00
smCom:DEBUG:Done with rv = 0c
smCom:DEBUG:TX (axI2CRead): (Len=2)
87 67

_____________

To compare with:

pi@raspberrypi:~/SE050-PLUG-TRUST_MW_v02.12.00/simw-top_build/raspbian_native_se050_t1oi2c/bin/se05x_minimal
App:INFO :PlugAndTrust_v02.12.00_20191122
App:INFO :Running ./se05x_minimal
App:INFO :If you want to over-ride the selection, use ENV=EX_SSS_BOOT_SSS_PORT or pass in command line arguments.
smCom:DEBUG:I2CInit: opening /dev/i2c-4

smCom:DEBUG:I2C driver: PEC flag cleared

smCom:DEBUG:I2C driver supports plain i2c-level commands.

smCom:DEBUG:Done with rv = 0d
smCom:DEBUG:TX (axI2CRead): (Len=260)
BC 33 F8 76 08 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 53 8C 28 21 18 5B F8 76 00 00 00 00
28 0D D3 7E 30 0D D3 7E 9C 0D D3 7E 1C 20 01 00
84 0D D3 7E 20 EB F5 76 30 0D D3 7E BC 5A F8 76
05 00 00 00 08 34 F8 76 01 00 00 00 00 00 00 00
01 00 00 00 60 59 F8 76 05 00 00 00 08 34 F8 76
01 00 00 00 00 00 00 00 00 00 00 00 60 59 F8 76
18 5B F8 76 60 59 F8 76 FF FF FF FF 60 33 F8 76
E4 4C B9 76 40 2D F8 76 18 5B F8 76 60 59 F8 76
FF FF FF FF 00 00 00 00 C4 3F B9 76 40 2D F8 76
00 00 00 00 18 28 F6 76 40 2D F8 76 D0 0D D3 7E
20 EC B8 76 00 00 00 00 FC 50 06 00 01 00 00 00
C0 04 F8 76 00 00 00 00 00 00 00 00 00 50 F8 76
E4 0D D3 7E 0C 41 F6 76 08 34 F8 76 01 00 00 00
01 00 00 00 00 00 00 00 F4 0D D3 7E E4 4C B9 76
00 50 06 00 00 00 00 00 50 33 01 00 00 00 00 00
00 00 00 00
smCom:DEBUG:TX (axI2CWrite) > (Len=5)
5A CF 00 37 7F
smCom:DEBUG:Done with rv = 0c
smCom:DEBUG:Done with rv = 0c
smCom:DEBUG:TX (axI2CRead): (Len=2)
A5 EF
smCom:DEBUG:Done with rv = 0c
smCom:DEBUG:TX (axI2CRead): (Len=1)
23
smCom:DEBUG:Done with rv = 0c
smCom:DEBUG:TX (axI2CRead): (Len=37)
00 A0 00 00 03 96 04 03 E8 00 FE 02 0B 03 E8 08
01 00 00 00 00 64 00 00 0A 4A 43 4F 50 34 20 41
54 50 4F 87 77
smCom:DEBUG:TX (axI2CWrite) > (Len=10)
5A 00 05 00 A4 04 00 00 1E 3C
smCom:DEBUG:Done with rv = 0c
smCom:DEBUG:Done with rv = 0d
smCom:DEBUG:TX (axI2CRead): (Len=2)
00 00
smCom:DEBUG:Done with rv = 0d
smCom:DEBUG:TX (axI2CRead): (Len=2)
00 00
smCom:DEBUG:Done with rv = 0d
smCom:DEBUG:TX (axI2CRead): (Len=2)
00 00
smCom:DEBUG:Done with rv = 0d
smCom:DEBUG:TX (axI2CRead): (Len=2)
00 00
smCom:DEBUG:Done with rv = 0c
smCom:DEBUG:TX (axI2CRead): (Len=2)
A5 00
smCom:DEBUG:Done with rv = 0c
smCom:DEBUG:TX (axI2CRead): (Len=1)
14
smCom:DEBUG:Done with rv = 0c
smCom:DEBUG:TX (axI2CRead): (Len=22)
6F 10 84 08 A0 00 00 01 51 00 00 00 A5 04 9F 65
01 FF 90 00 95 F6
smCom:DEBUG:TX (axI2CWrite) > (Len=26)
5A 40 15 00 A4 04 00 0F A0 00 00 03 96 54 53 00
00 00 01 03 00 00 00 00 B8 78
smCom:DEBUG:Done with rv = 0c
smCom:DEBUG:Done with rv = 0d
smCom:DEBUG:TX (axI2CRead): (Len=2)
00 00
smCom:DEBUG:Done with rv = 0d
Waiting short time ...
smCom:DEBUG:TX (axI2CRead): (Len=2)
00 00
smCom:DEBUG:Done with rv = 0c
smCom:DEBUG:TX (axI2CRead): (Len=2)
A5 40
smCom:DEBUG:Done with rv = 0c
smCom:DEBUG:TX (axI2CRead): (Len=1)
09
smCom:DEBUG:Done with rv = 0c
smCom:DEBUG:TX (axI2CRead): (Len=11)
03 01 00 6F FF 01 0B 90 00 1C D9
sss:INFO :atr (Len=35)
00 A0 00 00 03 96 04 03 E8 00 FE 02 0B 03 E8 08
01 00 00 00 00 64 00 00 0A 4A 43 4F 50 34 20 41
54 50 4F
sss:INFO :SCP03 SSS section
scp:DEBUG:FN: nxScp03_AuthenticateChannel
scp:DEBUG: Output: hostChallenge (Len=8)
7E 38 3E 75 AF B0 2A 3D
scp:DEBUG:FN: nxScp03_GP_InitializeUpdate
scp:DEBUG:Input:keyVersion 0b
scp:DEBUG: Input: hostChallenge (Len=8)
7E 38 3E 75 AF B0 2A 3D
scp:DEBUG:Sending GP Initialize Update Command !!!
smCom:DEBUG:TX (axI2CWrite) > (Len=18)
5A 00 0D 80 50 0B 00 08 7E 38 3E 75 AF B0 2A 3D
8B D4
smCom:DEBUG:Done with rv = 0c
smCom:DEBUG:Done with rv = 0d
smCom:DEBUG:TX (axI2CRead): (Len=2)
00 00
smCom:DEBUG:Done with rv = 0d
Waiting short time ...
smCom:DEBUG:Done with rv = 0d
smCom:DEBUG:TX (axI2CRead): (Len=2)
00 00
smCom:DEBUG:Done with rv = 0c
smCom:DEBUG:TX (axI2CRead): (Len=2)
A5 00
smCom:DEBUG:Done with rv = 0c
smCom:DEBUG:TX (axI2CRead): (Len=1)
1F
smCom:DEBUG:Done with rv = 0c
smCom:DEBUG:TX (axI2CRead): (Len=33)
90 03 91 93 10 56 67 99 31 75 0B 03 00 40 82 13
5A 67 A8 6D 12 0B 21 2F 9F 73 74 BC 39 90 00 26
67
sss:INFO :Output:apduStatus 9000
sss:INFO :Header: (Len=4)
80 50 0B 00
sss:INFO :Cmdbuf: (Len=8)
7E 38 3E 75 AF B0 2A 3D
sss:INFO :Receivebuf: (Len=31)
90 03 91 93 10 56 67 99 31 75 0B 03 00 40 82 13
5A 67 A8 6D 12 0B 21 2F 9F 73 74 BC 39 90 00
scp:DEBUG: Output: keyDivData (Len=10)
90 03 91 93 10 56 67 99 31 75
scp:DEBUG: Output: keyInfo (Len=3)
0B 03 00
scp:DEBUG: Output: cardChallenge (Len=8)
40 82 13 5A 67 A8 6D 12
scp:DEBUG: Output: cardCryptoGram (Len=8)
0B 21 2F 9F 73 74 BC 39
scp:DEBUG:FN: nxScp03_HostLocal_CalculateSessionKeys
scp:DEBUG: Input:hostChallenge (Len=8)
7E 38 3E 75 AF B0 2A 3D
scp:DEBUG: Input:cardChallenge (Len=8)
40 82 13 5A 67 A8 6D 12
scp:DEBUG:Set the Derviation data to generate Session ENC key
scp:DEBUG:FN: nxScp03_setDerivationData
scp:DEBUG:Input:ddConstant 04
scp:DEBUG:Input:ddL 80
scp:DEBUG:Input:iCounter 01
scp:DEBUG: Input: keyInfo (Len=16)
7E 38 3E 75 AF B0 2A 3D 40 82 13 5A 67 A8 6D 12
scp:DEBUG:Output: KeyDivData (Len=32)
00 00 00 00 00 00 00 00 00 00 00 04 00 00 80 01
7E 38 3E 75 AF B0 2A 3D 40 82 13 5A 67 A8 6D 12
scp:DEBUG:FN: nxScp03_Generate_SessionKey
scp:DEBUG: Input: inData (Len=32)
00 00 00 00 00 00 00 00 00 00 00 04 00 00 80 01
7E 38 3E 75 AF B0 2A 3D 40 82 13 5A 67 A8 6D 12
scp:DEBUG: Output:outSignature (Len=16)
D7 59 11 55 4F 69 51 25 F5 96 7B FE F6 11 79 15
scp:DEBUG: Output:sessionEncKey (Len=16)
D7 59 11 55 4F 69 51 25 F5 96 7B FE F6 11 79 15
scp:DEBUG:Set the Derviation data to generate Session MAC key
scp:DEBUG:FN: nxScp03_setDerivationData
scp:DEBUG:Input:ddConstant 06
scp:DEBUG:Input:ddL 80
scp:DEBUG:Input:iCounter 01
scp:DEBUG: Input: keyInfo (Len=16)
7E 38 3E 75 AF B0 2A 3D 40 82 13 5A 67 A8 6D 12
scp:DEBUG:Output: KeyDivData (Len=32)
00 00 00 00 00 00 00 00 00 00 00 06 00 00 80 01
7E 38 3E 75 AF B0 2A 3D 40 82 13 5A 67 A8 6D 12
scp:DEBUG:FN: nxScp03_Generate_SessionKey
scp:DEBUG: Input: inData (Len=32)
00 00 00 00 00 00 00 00 00 00 00 06 00 00 80 01
7E 38 3E 75 AF B0 2A 3D 40 82 13 5A 67 A8 6D 12
scp:DEBUG: Output:outSignature (Len=16)
D8 A8 16 B3 C0 BF E0 E2 26 61 9B E0 7A 31 57 EB
scp:DEBUG: Output:sessionMacKey (Len=16)
D8 A8 16 B3 C0 BF E0 E2 26 61 9B E0 7A 31 57 EB
scp:DEBUG:Set the Derviation data to generate Session RMAC key
scp:DEBUG:FN: nxScp03_setDerivationData
scp:DEBUG:Input:ddConstant 07
scp:DEBUG:Input:ddL 80
scp:DEBUG:Input:iCounter 01
scp:DEBUG: Input: keyInfo (Len=16)
7E 38 3E 75 AF B0 2A 3D 40 82 13 5A 67 A8 6D 12
scp:DEBUG:Output: KeyDivData (Len=32)
00 00 00 00 00 00 00 00 00 00 00 07 00 00 80 01
7E 38 3E 75 AF B0 2A 3D 40 82 13 5A 67 A8 6D 12
scp:DEBUG:FN: nxScp03_Generate_SessionKey
scp:DEBUG: Input: inData (Len=32)
00 00 00 00 00 00 00 00 00 00 00 07 00 00 80 01
7E 38 3E 75 AF B0 2A 3D 40 82 13 5A 67 A8 6D 12
scp:DEBUG: Output:outSignature (Len=16)
A3 FD F7 3C E2 0F B7 98 89 4D D4 B0 5F 43 B5 4C
scp:DEBUG: Output:sessionRmacKey (Len=16)
A3 FD F7 3C E2 0F B7 98 89 4D D4 B0 5F 43 B5 4C
scp:DEBUG:FN: nxScp03_HostLocal_VerifyCardCryptogram
scp:DEBUG: Input:hostChallenge (Len=8)
7E 38 3E 75 AF B0 2A 3D
scp:DEBUG: Input:cardChallenge (Len=8)
40 82 13 5A 67 A8 6D 12
scp:DEBUG:FN: nxScp03_setDerivationData
scp:DEBUG:Input:ddConstant 00
scp:DEBUG:Input:ddL 40
scp:DEBUG:Input:iCounter 01
scp:DEBUG: Input: keyInfo (Len=16)
7E 38 3E 75 AF B0 2A 3D 40 82 13 5A 67 A8 6D 12
scp:DEBUG:Output: KeyDivData (Len=32)
00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 01
7E 38 3E 75 AF B0 2A 3D 40 82 13 5A 67 A8 6D 12
scp:DEBUG:FN: nxScp03_Generate_SessionKey
scp:DEBUG: Input: inData (Len=32)
00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 01
7E 38 3E 75 AF B0 2A 3D 40 82 13 5A 67 A8 6D 12
scp:DEBUG: Output:outSignature (Len=16)
0B 21 2F 9F 73 74 BC 39 EF A1 C9 CE 55 A8 45 32
scp:DEBUG: Output:cardCryptogram (Len=16)
0B 21 2F 9F 73 74 BC 39 EF A1 C9 CE 55 A8 45 32
scp:DEBUG:cardCryptoGram (Len=8)
0B 21 2F 9F 73 74 BC 39
scp:DEBUG:CardCryptogram verified successfully...Calculate HostCryptogram
scp:DEBUG:FN: nxScp03_HostLocal_CalculateHostCryptogram
scp:DEBUG: Input:hostChallenge (Len=8)
7E 38 3E 75 AF B0 2A 3D
scp:DEBUG: Input:cardChallenge (Len=8)
40 82 13 5A 67 A8 6D 12
scp:DEBUG:FN: nxScp03_setDerivationData
scp:DEBUG:Input:ddConstant 01
scp:DEBUG:Input:ddL 40
scp:DEBUG:Input:iCounter 01
scp:DEBUG: Input: keyInfo (Len=16)
7E 38 3E 75 AF B0 2A 3D 40 82 13 5A 67 A8 6D 12
scp:DEBUG:Output: KeyDivData (Len=32)
00 00 00 00 00 00 00 00 00 00 00 01 00 00 40 01
7E 38 3E 75 AF B0 2A 3D 40 82 13 5A 67 A8 6D 12
scp:DEBUG:FN: nxScp03_Generate_SessionKey
scp:DEBUG: Input: inData (Len=32)
00 00 00 00 00 00 00 00 00 00 00 01 00 00 40 01
7E 38 3E 75 AF B0 2A 3D 40 82 13 5A 67 A8 6D 12
scp:DEBUG: Output:outSignature (Len=16)
12 B3 EE F2 09 E8 02 6A F7 56 B5 50 48 FE 93 AB
scp:DEBUG: Output:hostCryptogram (Len=16)
12 B3 EE F2 09 E8 02 6A F7 56 B5 50 48 FE 93 AB
scp:DEBUG:hostCryptogram (Len=8)
12 B3 EE F2 09 E8 02 6A
scp:DEBUG:FN: nxScp03_GP_ExternalAuthenticate
scp:DEBUG: Input: hostCryptogram (Len=8)
12 B3 EE F2 09 E8 02 6A
scp:DEBUG:Calculate the MAC on data
scp:DEBUG: Output: Calculated MAC (Len=8)
F8 73 58 5D CB 80 83 7B
scp:DEBUG:Add calculated MAC Value to cmd Data
scp:DEBUG:Sending GP External Authenticate Command !!!
smCom:DEBUG:TX (axI2CWrite) > (Len=26)
5A 40 15 84 82 33 00 10 12 B3 EE F2 09 E8 02 6A
F8 73 58 5D CB 80 83 7B F6 1A
smCom:DEBUG:Done with rv = 0c
smCom:DEBUG:Done with rv = 0d
smCom:DEBUG:TX (axI2CRead): (Len=2)
00 00
smCom:DEBUG:Done with rv = 0d
smCom:DEBUG:TX (axI2CRead): (Len=2)
00 00
smCom:DEBUG:Done with rv = 0d
smCom:DEBUG:TX (axI2CRead): (Len=2)
00 00
smCom:DEBUG:Done with rv = 0d
smCom:DEBUG:TX (axI2CRead): (Len=2)
00 00
smCom:DEBUG:Done with rv = 0c
smCom:DEBUG:TX (axI2CRead): (Len=2)
A5 40
smCom:DEBUG:Done with rv = 0c
smCom:DEBUG:TX (axI2CRead): (Len=1)
02
smCom:DEBUG:Done with rv = 0c
smCom:DEBUG:TX (axI2CRead): (Len=4)
90 00 B5 B9
sss:INFO :Output:apduStatus 9000
sss:INFO :Header: (Len=4)
84 82 33 00
sss:INFO :Cmdbuf: (Len=16)
12 B3 EE F2 09 E8 02 6A F8 73 58 5D CB 80 83 7B
sss:INFO :Receivebuf: (Len=2)
90 00
scp:DEBUG:Authentication Successful!!!
sss:INFO :SCP03 SSS 1st part ok

APDU:DEBUG:GetFreeMemory []
APDU:DEBUG:kSE05x_TAG_1 [memoryType] = 0x3
sss:DEBUG:FN: sss_symmetric_context_free
smCom:DEBUG:TX (axI2CWrite) > (Len=34)
5A 00 1D 84 04 00 22 18 58 86 85 A6 55 F2 26 D0
88 2B 57 DF 20 C4 EC 33 9E FF CD 2A 71 0D 25 5A
1F 0A
smCom:DEBUG:Done with rv = 0c
smCom:DEBUG:Done with rv = 0d
smCom:DEBUG:TX (axI2CRead): (Len=2)
00 00
smCom:DEBUG:Done with rv = 0d
smCom:DEBUG:TX (axI2CRead): (Len=2)
00 00
smCom:DEBUG:Done with rv = 0d
smCom:DEBUG:TX (axI2CRead): (Len=2)
00 00
smCom:DEBUG:Done with rv = 0d
smCom:DEBUG:TX (axI2CRead): (Len=2)
00 00
smCom:DEBUG:Done with rv = 0d
smCom:DEBUG:TX (axI2CRead): (Len=2)
00 00
smCom:DEBUG:Done with rv = 0d
smCom:DEBUG:TX (axI2CRead): (Len=2)
00 00
smCom:DEBUG:Done with rv = 0d
smCom:DEBUG:TX (axI2CRead): (Len=2)
00 00
smCom:DEBUG:Done with rv = 0d
smCom:DEBUG:TX (axI2CRead): (Len=2)
00 00
smCom:DEBUG:Done with rv = 0c
smCom:DEBUG:TX (axI2CRead): (Len=2)
A5 00
smCom:DEBUG:Done with rv = 0c
smCom:DEBUG:TX (axI2CRead): (Len=1)
1A
smCom:DEBUG:Done with rv = 0c
smCom:DEBUG:TX (axI2CRead): (Len=28)
38 C1 28 A9 AB A2 FB 5B B2 CD 70 71 63 06 5F 85
6A D3 DA 55 4B 7D D0 55 90 00 C7 03
sss:INFO :Output:apduStatus 9000
sss:INFO :Header: (Len=4)
80 04 00 22
sss:INFO :Cmdbuf: (Len=3)
58 86 85
sss:INFO :Receivebuf: (Len=6)
41 02 01 20 90 00
App:INFO :mem=288
App:INFO :ex_sss Finished
smCom:DEBUG:TX (axI2CWrite) > (Len=5)
5A C5 00 47 82
smCom:DEBUG:Done with rv = 0c
smCom:DEBUG:Done with rv = 0c
smCom:DEBUG:TX (axI2CRead): (Len=2)
A5 E5
smCom:DEBUG:Done with rv = 0c
smCom:DEBUG:TX (axI2CRead): (Len=1)
00
smCom:DEBUG:Done with rv = 0c
smCom:DEBUG:TX (axI2CRead): (Len=2)
87 67

Kan_Li · ‎01-18-2021

Hello @mfr64 ,

The MW version is too old (02.12.00 as shown in the logs), and on this old version the rotate code selects the ISD instead of the SSD. This bug got fixed since 02.12.01, please try with the latest version. You may refer to the following for more details.

Have a great day,
Kan

-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

元の投稿で解決策を見る

Kan_Li · ‎12-03-2020

Hello @mfr64 ,

The demo uses the default Platform SCP keys, and EX_SSS_BOOT_SKIP_SELECT_APPLET is used to skip the APDU command for selecting applet, please kindly refer to the following for more details.

se050 skip select applet.png

Have a great day,
Kan

-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

mfr64 · ‎12-09-2020

Hi Kan,

hmm, I know this information. What I am looking for is so get a bit more information how the key rotation demo SHOULD execute. This could be an example what should be communicated (APDU commands) or what C-functions should be called when. May be somebody at NXP or a customer reading this can provide some tracing data.

Alternatively it would help to know which APDU command is the first one that is wrong in the tracing data I sent earlier.

Thank you in advance,

Markus

Kan_Li · ‎01-18-2021

Hello @mfr64 ,

The MW version is too old (02.12.00 as shown in the logs), and on this old version the rotate code selects the ISD instead of the SSD. This bug got fixed since 02.12.01, please try with the latest version. You may refer to the following for more details.

Have a great day,
Kan

-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

mfr64 · ‎01-19-2021

Hi Kan Li,

I had an copy of v02.12.04, newer than v02.12.00 and it should contain the bug fix as well. Now as I know this version is worth a chance to retry, I did that today with success.

The Key rotation demo works for me, based on v02.12.04 which did not need too much rework to get my code migrated from v02.12.00.

Many thanks!

Markus