11.12.3.4.137. Function Se05x_API_WriteSymmKey¶
Defined in File se05x_APDU_apis.h
11.12.3.4.137.1. Function Documentation¶
-
smStatus_t
Se05x_API_WriteSymmKey
(pSe05xSession_t session_ctx, pSe05xPolicy_t policy, SE05x_MaxAttemps_t maxAttempt, uint32_t objectID, SE05x_KeyID_t kekID, const uint8_t *keyValue, size_t keyValueLen, const SE05x_INS_t ins_type, const SE05x_SymmKeyType_t type)¶ Se05x_API_WriteSymmKey
Creates or writes an AES key, DES key or HMAC key, indicated by P1:
P1_AES
P1_DES
P1_HMAC
Users can pass RFC3394 wrapped keys by indicating the KEK in TLV[TAG_2]. Note that RFC3394 required 8-byte aligned input, so this can only be used when the key has an 8-byte aligned length.
Command to Applet
Field
Value
Description
P1
See above
See
SE05x_P1_t
P2
P2_DEFAULT
See
SE05x_P2_t
Payload
TLV[TAG_POLICY]
Byte array containing the object policy. [Optional: default policy applies] [Conditional: only when the object identifier is not in use yet]
TLV[TAG_MAX_ATTEMPTS]
2-byte maximum number of attempts. If 0 is given, this means unlimited. [Optional: default unlimited] [Conditional: only when the object identifier is not in use yet and INS includes INS_AUTH_OBJECT; see AuthenticationObjectPolicies]
TLV[TAG_1]
4-byte object identifier
TLV[TAG_2]
4-byte KEK identifier [Conditional: only when the key value is RFC3394 wrapped]
TLV[TAG_3]
Key value, either plain or RFC3394 wrapped.
TLV[TAG_4]
Tag length for GCM/GMAC. Will only be used if the object is an AESKey. [Optional]
TLV[TAG_11]
4-byte version [Optional]
- Return
The sm status.
- Parameters
[in] session_ctx
: The session context[in] policy
: The policy[in] maxAttempt
: The maximum attempt[in] objectID
: The object id[in] kekID
: The kek id[in] keyValue
: The key value[in] keyValueLen
: The key value length[in] ins_type
: The insert type[in] type
: The type