FAQs
English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

SE050: How to load P521 and Brainpool 512 over APDU? Just get Bad Data!

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

SE050: How to load P521 and Brainpool 512 over APDU? Just get Bad Data!

‎04-19-2020 05:24 PM
1,599 Views
wami
Contributor I

Hi Experts for SE050,

after searching all the forum and documentation I feel a bit helpless. I want to implement the SE050 in APDU Level which is usually not a problem. I can do everything I want including sing, verify....also loading keys.

All keys (I really have tested all Keys and Sizes) can be loaded and used without any problems but not the largest ones. I want to use NIST-P521 (Key ID 0x05)  and Brainpool512 (Key ID 0x0C) but I am not able to load the curves. Whatever I try I get the error "Bad Data". It seems not to be a communication Problem, cause T=1 over I2C works without any issues but not for just this operation.

Data transmitted to the Chip is correct. Logic Analyzer has proven I2C seems to be fine. Also CRC is fine (double checked). I have no clue what is different.

Curve Parameters have been taken (like for the other Curves from the NIST Documentation).

Is there anything special to consider for such long string?

Example P521:

p=01FF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF

a= 01FF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFC

b= 0051 953EB961 8E1C9A1F 929A21A0 B68540EE A2DA725B 99B315F3 B8B48991 8EF109E1 56193951 EC7E937B 1652C0BD 3BB1BF07 3573DF88 3D2C34F1 EF451FD4 6B503F00

G (uncompressed x and y)= 0400C6858E 06B70404 E9CD9E3E CB662395 B4429C64 8139053F B521F828 AF606B4D 3DBAA14B 5E77EFE7 5928FE1D C127A2FF A8DE3348 B3C1856A 429BF97E 7E31C2E5 BD660118 39296A78 9A3BC004 5C8A5FB4 2C7D1BD9 98F54449 579B4468 17AFBD17 273E662C 97EE7299 5EF42640 C550B901 3FAD0761 353C7086 A272C240 88BE9476 9FD16650

n= 01FF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFF FFFFFFFA 51868783  BF2F966B 7FCC0148 F709A5D0 3BB5C9B8 899C47AE BB6FB71E 91386409

When I try to load G (both X and Y together) I receive the Error that I have provided Bad Data. Here is my full I2C output (from the logic-analyzer) what I send to the Chip. It seems that the length (A3) is the issue. But from documentation I got from here: https://www.nxp.com/docs/en/user-guide/AN12514.pdf , 255 Byte shouldn't be a Problem for the package:

5A00A3800500009E1008010952F25499CA5F419280010B408D41010542010443850400C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66011839296A789A3BC0045C8A5FB42C7D1BD998F54449579B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C7086A272C24088BE94769FD16650E38D

I have also tried to split the strings by using T1 chaining but without any success.

When I tried to provide the compressed form of G, the Error is Condition Not Satisfied.

What is neccessary to load the both 521 bit Curves (NIST and Brainpool). What is the trick to go for it? Any Ideas?

I have nothing found in the database.

Any help is really appreciated.

Thanks,

Michael###

Labels (1)
Labels
Tags (1)
0 Kudos
Reply
2 Replies

‎04-23-2020 04:15 AM
1,504 Views
michaelsalfer
NXP Employee
NXP Employee

Hello Michael,

if you use the sss_examples and modify the ec_ecc to generate a NISTP521 key instead of using NISTP256 key and compile with verbose log you can get the attached communication log. This shows how the curve parameters get set.

The modfied ex_ecc is attached as well.

In your log is at least in the TLV length encodings an error as every single-byte TLV length field where length is >0x7F needs to be preceeded with 0x81.

So e.g. a TLV with length 0x85 needs to be encoded as 0x438185[value] instead of 0x4385[value]

Kind regards,

Michael

ex_sss_ecc.c.zip
createcurveNISTP521.txt.zip
0 Kudos
Reply

‎04-20-2020 07:54 PM
1,504 Views
Kan_Li
NXP TechSupport
NXP TechSupport

Hi Michael,

Is it possible to have your APDU commands for a review? Thanks for your patience!

Have a great day,
Kan


-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

0 Kudos
Reply