ex_ecc with -DPTMW_SE05X_Auth=ECKey_PlatfSCP03

KiteJLKo · ‎10-31-2025

I'm using Plug & Trust middleware (v04.05.03) from github plug-and-trust.
Built ex_ecc with CMake flags: -DPTMW_Applet=SE05X_C -DPTMW_HostCrypto=OPENSSL -DPTMW_SE05X_Auth=ECKey_PlatfSCP03

Configured /tmp/SE05X/plain_scp.txt:

Running ./ex_ecc /dev/i2c-0 fails with: SE ECDSA Public Key is not Provisioned!!! and sss_session_open failed.

Full log:

App :INFO :PlugAndTrust_v04.05.03_20240502
App :INFO :Running //tmp/ex_ecc
App :INFO :Using PortName='/dev/i2c-0' (CLI)
...
App :WARN :Using SCP03 keys from:'/tmp/SE05X/plain_scp.txt'
App :ERROR:Unknown key type
...
sss :INFO :atr (Len=35) ...
sss :INFO :Newer version of Applet Found
sss :INFO :Compiled for 0x70200. Got newer 0x70216
...
sss :ERROR:SE ECDSA Public Key is not Provisioned!!!
App :ERROR:sss_session_open failed
...

How do I provision the ECDSA public key for ECKey_PlatfSCP03 auth?

KiteJLKo · ‎11-16-2025

Hi @carlos_o

Thanks for the previous guidance. I resolved the "SE ECDSA Public Key is not Provisioned" issue with the following steps on SE052F:

Set default session login to SSS_HAVE_SE05X_AUTH_PLATFSCP03.
Run the se05x_Delete_and_test_provision example to perform AddAttestationKeys and ReInitializeTestSample (all succeeded with kSE05x_Result_SUCCESS).
Switch default session login to SSS_HAVE_SE05X_AUTH_ECKEY_PLATFSCP03.

After this, ex_sss_boot_open succeeds, and ./ex_ecc /dev/i2c-0 runs without errors.

Can you confirm if this workflow:SSS_HAVE_SE05X_AUTH_PLATFSCP03 -->provision --> SSS_HAVE_SE05X_AUTH_ECKEY_PLATFSCP03
is correct and recommended?

在原帖中查看解决方案

KiteJLKo · ‎11-19-2025

Hi @carlos_o ,

Thank you for your confirmation.

carlos_o · ‎10-31-2025

Hi @KiteJLKo

Could you please provide in which environment are you building the code? (Windows, linux, specific microcontroller)

KiteJLKo · ‎11-02-2025

Hi @carlos_o ,

My Env: yocto Linux

carlos_o · ‎11-11-2025

Hi @KiteJLKo

Could you try to update to SE-PLUG-TRUST-MW_04.07.01?

KiteJLKo · ‎11-16-2025

Hi @carlos_o

Thanks for the previous guidance. I resolved the "SE ECDSA Public Key is not Provisioned" issue with the following steps on SE052F:

Set default session login to SSS_HAVE_SE05X_AUTH_PLATFSCP03.
Run the se05x_Delete_and_test_provision example to perform AddAttestationKeys and ReInitializeTestSample (all succeeded with kSE05x_Result_SUCCESS).
Switch default session login to SSS_HAVE_SE05X_AUTH_ECKEY_PLATFSCP03.

After this, ex_sss_boot_open succeeds, and ./ex_ecc /dev/i2c-0 runs without errors.

Can you confirm if this workflow:SSS_HAVE_SE05X_AUTH_PLATFSCP03 -->provision --> SSS_HAVE_SE05X_AUTH_ECKEY_PLATFSCP03
is correct and recommended?

carlos_o · ‎11-19-2025

Hi @KiteJLKo

Yes, that is a good approach to provision the key.

ex_ecc with -DPTMW_SE05X_Auth=ECKey_PlatfSCP03

ex_ecc with -DPTMW_SE05X_Auth=ECKey_PlatfSCP03

Smart Cards