帮助
英语(美国) | English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

SE050 key wrap or export

取消
开启建议
自动建议可通过在您键入时建议可能的匹配,而快速缩小您的搜索结果范围。
显示结果 
显示  仅  | 搜索替代 
您的意思是: 

SE050 key wrap or export

‎10-07-2022 11:09 AM
3,872 次查看
chrisaptosia
Contributor I

Does the SE050 support wrapping or exporting of secret or private keys?

I understand that Se05x_API_ExportObject and Se05x_API_ImportObject allow for the export and import of these keys, but use a unique device-specific key, making it possible to backup and restore key material to the same SE050.

My requirement is a little different. I want to be able to securely backup one SE050 and restore to a different SE050. I'm just not seeing anything in the examples or documentation for this.

 

标签 (1)
标签
0 项奖励
回复
6 回复数

‎10-09-2022 08:58 AM
3,836 次查看
chrisaptosia
Contributor I

Yes, it would suffice for my purposes to only support transient Secure Objects. My question is whether there is support to export this object to another SE050. There is little documentation I can find to describe the wrapping key for this operation. Is the key unique per device? If it is writable, then this would allow for my use case.

0 项奖励
回复

‎10-09-2022 07:41 PM
3,825 次查看
Kan_Li
NXP TechSupport
NXP TechSupport

Hi @chrisaptosia ,

 

Do you mean to export the transient Secure Objects from one SE and import them to another as a persistent one? or still as a transient secure object? Please kindly clarify.

 

Have a great day,
Kan


-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

 

0 项奖励
回复

‎10-09-2022 08:05 PM
3,822 次查看
chrisaptosia
Contributor I

It doesn't matter much whether the newly imported secure object is a transient or persistent. I'm simply looking for a method to take a key from one SE050 to another.

0 项奖励
回复

‎10-09-2022 11:59 PM
3,820 次查看
Kan_Li
NXP TechSupport
NXP TechSupport

Hi @chrisaptosia ,

 

Thanks for the clarification!

Just confirmed with the expert,  the import functionality only works with data exported exactly from the same SE due to the SE-individual encryption. 

 

Have a great day,
Kan


-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

0 项奖励
回复

‎10-10-2022 11:33 AM
3,812 次查看
BlackMark
Contributor I

Thank you. So to confirm, the SE050 has no ability to generate a key exportable to another SE050 and no general key wrap functionality?

 

0 项奖励
回复

‎10-09-2022 02:24 AM
3,841 次查看
Kan_Li
NXP TechSupport
NXP TechSupport

Hi @chrisaptosia ,

 

As far as I know, the export operation can just support transient Secure Objects, is this what you want? You may refer to 3.2.8 in https://www.nxp.com/webapp/Download?colCode=AN12543 for more details on this topic.

 

Hope that helps,

 

Have a great day,
Kan


-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

0 项奖励
回复