FAQs
English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

SE050 key wrap or export

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

SE050 key wrap or export

‎10-07-2022 11:09 AM
2,248 Views
chrisaptosia
Contributor I

Does the SE050 support wrapping or exporting of secret or private keys?

I understand that Se05x_API_ExportObject and Se05x_API_ImportObject allow for the export and import of these keys, but use a unique device-specific key, making it possible to backup and restore key material to the same SE050.

My requirement is a little different. I want to be able to securely backup one SE050 and restore to a different SE050. I'm just not seeing anything in the examples or documentation for this.

 

Labels (1)
Labels
0 Kudos
Reply
6 Replies

‎10-09-2022 08:58 AM
2,212 Views
chrisaptosia
Contributor I

Yes, it would suffice for my purposes to only support transient Secure Objects. My question is whether there is support to export this object to another SE050. There is little documentation I can find to describe the wrapping key for this operation. Is the key unique per device? If it is writable, then this would allow for my use case.

0 Kudos
Reply

‎10-09-2022 07:41 PM
2,201 Views
Kan_Li
NXP TechSupport
NXP TechSupport

Hi @chrisaptosia ,

 

Do you mean to export the transient Secure Objects from one SE and import them to another as a persistent one? or still as a transient secure object? Please kindly clarify.

 

Have a great day,
Kan


-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

 

0 Kudos
Reply

‎10-09-2022 08:05 PM
2,198 Views
chrisaptosia
Contributor I

It doesn't matter much whether the newly imported secure object is a transient or persistent. I'm simply looking for a method to take a key from one SE050 to another.

0 Kudos
Reply

‎10-09-2022 11:59 PM
2,196 Views
Kan_Li
NXP TechSupport
NXP TechSupport

Hi @chrisaptosia ,

 

Thanks for the clarification!

Just confirmed with the expert,  the import functionality only works with data exported exactly from the same SE due to the SE-individual encryption. 

 

Have a great day,
Kan


-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

0 Kudos
Reply

‎10-10-2022 11:33 AM
2,188 Views
BlackMark
Contributor I

Thank you. So to confirm, the SE050 has no ability to generate a key exportable to another SE050 and no general key wrap functionality?

 

0 Kudos
Reply

‎10-09-2022 02:24 AM
2,217 Views
Kan_Li
NXP TechSupport
NXP TechSupport

Hi @chrisaptosia ,

 

As far as I know, the export operation can just support transient Secure Objects, is this what you want? You may refer to 3.2.8 in https://www.nxp.com/webapp/Download?colCode=AN12543 for more details on this topic.

 

Hope that helps,

 

Have a great day,
Kan


-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

0 Kudos
Reply