How to save secure data to SE050

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

How to save secure data to SE050

Jump to solution
2,197 Views
namht
Contributor III

Hi all,

Currenly, i'm working with secure element SE050. 
I readed on SE050's datasheet and found content: "Secured user flash memory up to 50 kB for secure data or key storage".
My question: How to save/read my secure data to flash memory of SE050?

Thanks.

Labels (1)
0 Kudos
Reply
1 Solution
2,141 Views
Kan_Li
NXP TechSupport
NXP TechSupport

Hi @namht ,

 

There is another demo called "se05x_GetCertificate". Please kindly refer to simw-top\demos\se05x\se05x_GetCertificate for details.

 

Have a great day,
Kan


-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

View solution in original post

7 Replies
2,177 Views
Kan_Li
NXP TechSupport
NXP TechSupport

Hi @namht ,

 

Binary file is a secure object supported by SE050, so you may create a file object at first and store your secure data into it, for example, the device certificate . We provide a demo of se05x_InjectCertificate for that purpose. You may find this demo within the MW: https://www.nxp.com/webapp/Download?colCode=SE05x-PLUG-TRUST-MW&appType=license .

 

Hope that helps,

 

Have a great day,
Kan


-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

2,148 Views
namht
Contributor III
Hi Kan,
Thank you for reply.
I tried following the example, but i don't know how to read back it again.
I tried "sss_key_store_get_key()" and return status = kStatus_SSS_Fail
0 Kudos
Reply
2,142 Views
Kan_Li
NXP TechSupport
NXP TechSupport

Hi @namht ,

 

There is another demo called "se05x_GetCertificate". Please kindly refer to simw-top\demos\se05x\se05x_GetCertificate for details.

 

Have a great day,
Kan


-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

2,121 Views
namht
Contributor III

Hi @Kan_Li 

I tried demo of "se05x_InjectCertificate" for save data to SE050 and "se05x_GetCertificate" for read back this data from SE050 successly. Howerver, my secure data can be leak if anyone try  "brute force" keyID for get data, rights?

And, I tried a demo of "se05x_Minimal" for gets available memory from secure element. I see before and after Inject Certificate, Se05x_API_GetFreeMemory() return pfreeMem = 32767. Why available memory of SE050 not change?

 
0 Kudos
Reply
2,108 Views
Kan_Li
NXP TechSupport
NXP TechSupport

Hi @namht ,

 

Yes, it is possible so we recommend binging with your host in real application, please kindly refer to https://www.nxp.com/docs/en/application-note/AN12662.pdf for details.

 

Actually the mem size should change, but I am not sure if you have enabled the following definition so the application deleted all custom defined secure objects from the beginning of the demo.

Kan_Li_0-1727248821234.png

 

Have a great day,
Kan


-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

 

2,105 Views
namht
Contributor III

I call ex_sss_boot_factory_reset() → Se05x_API_GetFreeMemory() → InjectCertificate → Se05x_API_GetFreeMemory() .

Log :

App :INFO :mem=32767
App :INFO :Inject certificate example
App :INFO :Injecting ECC certificate at 0x00000014
App :INFO :mem=32767

0 Kudos
Reply
2,095 Views
Kan_Li
NXP TechSupport
NXP TechSupport

Hi @namht ,

 

Is it possible to turn on the verbose log level? so I may have the APDU command log for analyzation. 

Kan_Li_0-1727328799825.png

 

Have a great day,
Kan


-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------