- Forums
- Product Forums
- General Purpose MicrocontrollersGeneral Purpose Microcontrollers
- i.MX Forumsi.MX Forums
- QorIQ Processing PlatformsQorIQ Processing Platforms
- Identification and SecurityIdentification and Security
- Power ManagementPower Management
- Wireless ConnectivityWireless Connectivity
- RFID / NFCRFID / NFC
- Advanced AnalogAdvanced Analog
- MCX Microcontrollers
- S32G
- S32K
- S32V
- MPC5xxx
- Other NXP Products
- S12 / MagniV Microcontrollers
- Powertrain and Electrification Analog Drivers
- Sensors
- Vybrid Processors
- Digital Signal Controllers
- 8-bit Microcontrollers
- ColdFire/68K Microcontrollers and Processors
- PowerQUICC Processors
- OSBDM and TBDML
- S32M
- S32Z/E
-
- Solution Forums
- Software Forums
- MCUXpresso Software and ToolsMCUXpresso Software and Tools
- CodeWarriorCodeWarrior
- MQX Software SolutionsMQX Software Solutions
- Model-Based Design Toolbox (MBDT)Model-Based Design Toolbox (MBDT)
- FreeMASTER
- eIQ Machine Learning Software
- Embedded Software and Tools Clinic
- S32 SDK
- S32 Design Studio
- GUI Guider
- Zephyr Project
- Voice Technology
- Application Software Packs
- Secure Provisioning SDK (SPSDK)
- Processor Expert Software
- Generative AI & LLMs
-
- Topics
- Mobile Robotics - Drones and RoversMobile Robotics - Drones and Rovers
- NXP Training ContentNXP Training Content
- University ProgramsUniversity Programs
- Rapid IoT
- NXP Designs
- SafeAssure-Community
- OSS Security & Maintenance
- Using Our Community
-
- Cloud Lab Forums
-
- Knowledge Bases
- ARM Microcontrollers
- i.MX Processors
- Identification and Security
- Model-Based Design Toolbox (MBDT)
- QorIQ Processing Platforms
- S32 Automotive Processing Platform
- Wireless Connectivity
- CodeWarrior
- MCUXpresso Suite of Software and Tools
- MQX Software Solutions
- RFID / NFC
- Advanced Analog
-
- NXP Tech Blogs
- Home
- :
- 身份验证与安全
- :
- Smart Cards and Secure Element
- :
- Applet v3 vs v7 limitations
Applet v3 vs v7 limitations
Hi
I got some fabricated sample from production based in SE050C2 and before I was working with SE051H2, expectedly the applet version is older, and I had to re-compile the middleware:
sss :ERROR:Compiled for 0x70200. Got older 0x30101Is that correct understanding I wouldn't be able to freeze object change/creation with the old applet--
undefined symbol: Se05x_API_DisableObjCreationMore important - I have something not expected, the policies working with later version are not respected, e.g.
sss :WARN :can_Read is not applied
sss :WARN :can_Write is not appliedIn my C code (and it works with applet v7) I have for example:
const
sss_policy_u pcommon =
{
.type = KPolicy_Common,
.auth_obj_id = 0,
.policy =
{
.common = { .can_Read = 1 }
}
};What could be the problem?
已解决! 转到解答。
Hi @psvz ,
Yes, your understanding is correct, DisableObjCreation is not supported on applet version 3.x, but you still can create a bin file to consume the rest of memory size. Please remember to set a proper policy for this bin file to avoid deletion from unauthenticated users.
The policy settings in your application have also to be updated as mentioned in SE-PLUG-TRUST-MW_04.07.00/simw-top/doc/changes/v04_00_00.html. They are because of the changes in applet behavior.
Hope that helps,
Have a great day,
Kan
-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------
Hi @psvz ,
Yes, your understanding is correct, DisableObjCreation is not supported on applet version 3.x, but you still can create a bin file to consume the rest of memory size. Please remember to set a proper policy for this bin file to avoid deletion from unauthenticated users.
The policy settings in your application have also to be updated as mentioned in SE-PLUG-TRUST-MW_04.07.00/simw-top/doc/changes/v04_00_00.html. They are because of the changes in applet behavior.
Hope that helps,
Have a great day,
Kan
-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------
Hi @Kan_Li - thank you!
I can see in the documentation you cite:
can_Read and can_Write polices are moved from symmetric and asymmetric object policy to common policy in applet 7.x. PLEASE UPDATE THE APPLICATIONS ACCORDINGLY.However, binary file (object) is neither symmetric nor asymmetric object, it has policy KPolicy_File.
Should I move .can_Write = 1 for authenticated session from common policy to KPolicy_File?
Hi @psvz ,
Yes, it is possible to set a custom policy for a bin file without can_Write, but better leave can_Delete in the common policy for the authenticated session so you are still able to delete it in some cases.
Have a great day,
Kan
-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------
