AnsweredAssumed Answered

Digest Operations using SE050

Question asked by Badhri Narayanan Radhakrishnan on Apr 7, 2020
Latest reply on Apr 9, 2020 by Michael Salfer

Hi Guys,


I have an input string say 1000 chars long and I'd like to generate a hash value for it. I initially used the DigestOneShot function by sending in the input string by chaining them. Unfortunately there is a limitation to the input APDU length of only 889 bytes total as per this Datasheet. So is it only possible to use Digest Init-Update-Final operations instead of DigestOneShot ? My input may go up to 2000 chars in the future. 


My master hardware is STM32 and target is SE050. I've created the 2 byte crypto object required for the Digest Init-Update-Final operations. Now my question is in what sequence do I call the Digest Init-Update-Final functions. Currently my code does the following (All below operations are performed session-less):

1. Soft reset

2. Select SE050 applet

3. Digest Init

4. Digest Update

5. Digest Final


For instance if I have more data to be updated, then should I do the steps 1 & 2 for each Digest Update or is it sufficient that I do the steps 1 & 2 only once? 


Edit: I created the crypto object required for the Digest operations. 

Object ID: 00 05

01: CryptoContext - CC_DIGEST

04: Crypto object sub-type - DIGEST_SHA256


Now when I call the Digest-init function, i'm able to initialize successfully. 

The response is 90 00

But when I call the Digest-update function with the input data, the chip throws me the "conditions not satisfied" response.

The response I get is 69 85 always. I double checked my input commands and they are according to the Digest-Update structure explained in datasheet. All the functions are called without sessions and communicated via I2C protocol. Am I missing any other key info here like is there a minimum size of input data that is required for the Digest-update function or can it handle any size of data every time ?


I've been working on this project for a while and asked couple of questions already here that were answered. I'd be glad if I get an idea about this too