11.12.3.4.113. Function Se05x_API_ReadObjectAttributes_W_Attst

11.12.3.4.113.1. Function Documentation

smStatus_t Se05x_API_ReadObjectAttributes_W_Attst(pSe05xSession_t session_ctx, uint32_t objectID, uint32_t attestID, SE05x_AttestationAlgo_t attestAlgo, const uint8_t *random, size_t randomLen, uint8_t *data, size_t *pdataLen, SE05x_TimeStamp_t *ptimeStamp, uint8_t *outrandom, size_t *poutrandomLen, uint8_t *chipId, size_t *pchipIdLen, uint8_t *signature, size_t *psignatureLen)

Se05x_API_ReadObjectAttributes_W_Attst

Reads the attributes of a Secure Object (without the value of the Secure Object).

Each Secure Object has a number of attributes assigned to it. These attributes are listed in for Authentication Objects and in for non-Authentication Objects.

Authentication Object attributes

Attribute

Size (bytes)

Description

Object identifier

4

See identifiersRef

Object type

1

One of SecureObjectType

Authentication attribute

1

One of SetIndicatorRef

Object counter

2

Number of failed attempts for an authentication object if the Maximum Authentication Attempts has been set.

Authentication object identifier

4

”Owner” of the secure object; i.e., the identifier of the session authentication object when the object has been created.

Maximum authentication attempts

2

Maximum number of authentication attempts. 0 means unlimited.

Policy

Variable

Policy attached to the object

Origin

1

One of OriginRef; indicates the origin of the Secure Object, either externally set, internally generated or trust provisioned by NXP.

Version

1

The Secure Object version. Default = 0. See FIPS compliance for details about versioning of Secure Objects.

Non-Authentication Objects

Attribute

Size (bytes)

Description

Object identifier

4

See Object identifiers

Object type

1

One of SecureObjectType

Authentication attribute

1

One of SetIndicatorRef

Tag length

2

Set to 0x0000, except for AESKey objects: for AESKey objects, this indicates the GMAC length that applies when doing AEAD operations. If the value is set to 0 and AEAD operations are done, the GMAC length shall be 128 bit.

Authentication object identifier

4

”Owner” of the secure object; i.e., the identifier of the session authentication object when the object has been created.

RFU

2

Set to 0x0000.

Policy

Variable

Policy attached to the object

Origin

1

One of OriginRef; indicates the origin of the Secure Object, either externally set, internally generated or trust provisioned by NXP.

Version

1

The Secure Object version. Default = 0. See FIPS compliance for details about versioning of Secure Objects.

Command to Applet

Field

Value

Description

CLA

0x80

INS

INS_READ

See SE05x_INS_t, in addition to INS_READ, users can set the INS_ATTEST flag. In that case, attestation applies.

P1

P1_DEFAULT

See SE05x_P1_t

P2

P2_ATTRIBUTES

See SE05x_P2_t

Lc

#(Payload)

Payload Length.

TLV[TAG_1]

4-byte object identifier

TLV[TAG_5]

4-byte attestation object identifier. [Optional] [Conditional: only when INS_ATTEST is set]

TLV[TAG_6]

1-byte AttestationAlgo [Optional] [Conditional: only when INS_ATTEST is set]

TLV[TAG_7]

16-byte freshness random [Optional] [Conditional: only when INS_ATTEST is set]

Le

0x00

R-APDU Body

Value

Description

TLV[TAG_2]

Byte array containing the attributes (see Object Attributes).

TLV[TAG_3]

(only when INS_ATTEST is set) 12-byte timestamp

TLV[TAG_4]

(only when INS_ATTEST is set) 16-byte freshness random

TLV[TAG_5]

(only when INS_ATTEST is set) 18-byte Chip unique ID

TLV[TAG_6]

(only when INS_ATTEST is set) Signature applied over the value of TLV[TAG_2], TLV[TAG_2], TLV[TAG_3], TLV[TAG_4] and TLV[TAG_5].

R-APDU Trailer

SW

Description

SW_NO_ERROR

The read is done successfully.

Return

The sm status.

Parameters
  • [in] session_ctx: The session context

  • [in] objectID: The object id

  • [in] attestID: The attest id

  • [in] attestAlgo: The attest algorithm

  • [in] random: The random

  • [in] randomLen: The random length

  • data: The data

  • pdataLen: The pdata length

  • ptimeStamp: The ptime stamp

  • outrandom: The outrandom

  • poutrandomLen: The poutrandom length

  • chipId: The chip identifier

  • pchipIdLen: The pchip identifier length

  • signature: The signature

  • psignatureLen: The psignature length