Hi,
I'm trying to mandate SE to use platformSCP.
I use your se05x_MandatePlatformSCP.c example and it doesn't work for me.
I suspect that the initial session config you use in this example is
While my session config is
Solved! Go to Solution.
Hi Kan,
First of all, I want to thank you again, each of your responses is truly pointing me in the right direction toward my goals. Now I understand the difference between platformSCP and AuthID/AES thanks to you.
In the original post, I already managed to rotate the keys according to the demo, because it doesn't involve authentication with the applet only with the device. So that was the big difference for me with the Mandate request.
Finally, I successfully managed to mandate SCP. The major mistake in my code was that the SSSFTR_SE05X_AuthSession was false instead of true.
So, the case can be closed.
Regards,
Liad
Hi Kan,
I appreciate your quick response. I'm afraid that the key adjustment isn't the issue, because I can successfully rotate the binding keys using the initial OEM keys. However, for the sake of good order, it is SE050C1.
I followed the mandate example step by step, and I received an error SM_NOT_OK for the Se05x_API_SetPlatformSCPRequest. If I open the session with SCP/encrypted instead of ID/password configuration I receive undefined error code 0x6d00.
As you can see, I'm a little bit confused sorry for that.
Thank you
Hi @Liad ,
Please kindly have my comments as below:
BTW, Did you successfully rotate the platform SCP keys with the demo? I am confused with "received an error SM_NOT_OK for the Se05x_API_SetPlatformSCPRequest." and " successfully rotate the binding keys using the initial OEM keys", would you please clarify?
Have a great day,
Kan
-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------
Hi Kan,
First of all, I want to thank you again, each of your responses is truly pointing me in the right direction toward my goals. Now I understand the difference between platformSCP and AuthID/AES thanks to you.
In the original post, I already managed to rotate the keys according to the demo, because it doesn't involve authentication with the applet only with the device. So that was the big difference for me with the Mandate request.
Finally, I successfully managed to mandate SCP. The major mistake in my code was that the SSSFTR_SE05X_AuthSession was false instead of true.
So, the case can be closed.
Regards,
Liad
I was glad too early.
Is there a reason why after successfully mandating, I received a NOT_SATISFIED error for the Se05x_API_WriteUserID request? Of course, it was within a SCP session.
I'm trying to send the Se05x_API_DeleteAll request.
Hi @Liad ,
Just wondering the scenario from your side, did you enable platform SCP together with some AuthID? and the UserID you wanted to update is just the AuthID? Please kindly clarify.
Have a great day,
Kan
-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------
I enabled platformSCP with AuthID and tried to open a session with the application id of kSE05x_AppletResID_FACTORY_RESET, for doing the factory reset.
Hi @Liad ,
Actually there is no need to executed the Se05x_API_WriteUserID prior to the demo, in which a secure object is initialized already to contain the UserID, but the id itself is a random line number, you may specify it with any value you like.
I think that might be the root cause for your issue.
Hope that helps,
Have a great day,
Kan
-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------
Hi @Liad ,
The default platformSCP keys are different across SE05x variants, so maybe you have to adjust the platformSCP key settings before running this demo, would you please specify which SE05x is used in your test? Thanks for your patience!
Have a great day,
Kan
-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------