9.6. Usage Examples¶
9.6.1. SE05X: VCOM Interface¶
Provisioning ECC Pair and Certificate:
ssscli connect se05x vcom COM5
ssscli se05x reset
ssscli set ecc pair 0x20181001 tstData\tls_client_key.pem
ssscli set cert 0x20181002 tstData\tls_client.cer
ssscli disconnect
Generating ecc key and retrive public key:
ssscli connect se05x vcom COM5
ssscli se05x reset
ssscli generate ecc 0x20181006 NIST_P256
ssscli get ecc pair 0x20181006 data\tls_key.pem
ssscli disconnect
Inject and retrieve certificate:
ssscli connect se05x vcom COM5
ssscli set cert 0x20181004 tstData\tls_client.cer
ssscli get cert 0x20181004 data\extracted_certificate.cer
ssscli disconnect
Erase key, Inject ecc Key and Sign certificate:
ssscli connect se05x vcom COM5
ssscli erase 0x20181001
ssscli set ecc pair 0x20181001 tstData\tls_client_key.pem
ssscli sign 0x20181001 tstData\tls_client.cer data\signed_data.pem
ssscli disconnect
Inject and Retrieve AES key:
ssscli connect se05x vcom COM5
ssscli se05x reset
ssscli set aes 0x40100000 tstData\aes.der
ssscli get aes 0x40100000 data\extracted_aes_key.cer
ssscli disconnect
Inject ECC Public Key:
ssscli connect se05x vcom COM5
ssscli set ecc pub 0x20181010 tstData\tls_client_key_pub.pem
ssscli disconnect
Generate RSA Key and Get public key in DER format:
ssscli connect se05x vcom COM5
ssscli generate rsa 0x20182001 2048
ssscli get rsa pub 0x20182001 data\rsa_pub_2048.der --format DER
ssscli disconnect
Generate ecc Koblitz 256 Key, Sign Binary data and verify:
ssscli connect se05x vcom COM5
ssscli generate ecc 12E41001 Secp256k1
ssscli sign 12E41001 tstData\binary_data.bin signed_data_ecc_secp256k1.pem
ssscli verify 12E41001 tstData\binary_data.bin signed_data_ecc_secp256k1.pem
ssscli disconnect
Generate ecc Brainpool192 Key and Sign and verify certificate using SHA512 has algorithm:
ssscli connect se05x vcom COM5
ssscli generate ecc 0x2E101501 Brainpool192
ssscli sign 0x2E101501 tstData\tls_client.cer data\signed_data.pem --hashalgo=SHA512
ssscli verify 0x2E101501 tstData\tls_client.cer data\signed_data.pem --hashalgo=SHA512
ssscli disconnect
Read Cert UID of 10 bytes long:
ssscli connect se05x vcom COM5
ssscli se05x certuid
Read UID of 18 bytes long:
ssscli connect se05x vcom COM5
ssscli se05x uid
Session open with auth type as Platform SCP, generate ecc Brainpool192 Key:
ssscli connect se05x vcom COM5 --auth_type PlatformSCP --scpkey "c:/_ddm/scpkey.txt"
ssscli se05x reset
ssscli generate ecc 2E10D532 Brainpool192
ssscli disconnect
Generate ecc Koblitz256 key and create reference key:
ssscli connect se05x vcom COM5
ssscli generate ecc 7A10D838 Secp256k1
ssscli refpem ecc pair 7A10D838 data\refkey_secp256k1.pem
ssscli disconnect
Generate rsa 4096 key and create reference key in pkcs12 format:
ssscli connect se05x vcom COM5
ssscli generate rsa 0x70102040 4096
ssscli refpem rsa pair 0x70102040 rsa_4096_rekey.pfx --password nxp
ssscli disconnect
Generate ecc Brainpool 256 key and create pkcs12 format reference key extracted to pem format:
ssscli connect se05x vcom COM5
ssscli generate ecc 70102050 Brainpool256
ssscli refpem ecc pair 70102050 ecc_bp256_rekey.pem --format PKCS12 --password nxp
ssscli disconnect
Generate ecc ED25519 key and sign certificate:
ssscli connect se05x vcom COM5
ssscli generate ecc 70102060 ED25519
ssscli sign 70102060 tstData\tls_client.cer data\signed_data_using_ed25519.pem
ssscli disconnect
Generate ecc MONTH DH 25519 key:
ssscli connect se05x vcom COM5
ssscli generate ecc 70102080 ED25519
ssscli sign 70102080 tstData\tls_client.cer data\signed_data_using_ed25519.pem
ssscli disconnect
Perform Encrypt and Decrypt using RSA 2048:
ssscli connect se05x vcom COM5
ssscli generate rsa 0x20182001 2048
ssscli get rsa pub 0x20182001 rsa_pub_2048.pem
ssscli set rsa pub 0x20184120 rsa_pub_2048.pem
ssscli encrypt 0x20184120 "Welcome to NXP" rsa_2048_encrypted_data.pem
ssscli decrypt 0x20182001 rsa_2048_encrypted_data.pem decrypted_data.txt
ssscli disconnect
Provision and Retrieve Binary data:
ssscli connect se05x vcom COM5
ssscli set bin 0x20191005 tstData\binary_data.hex
ssscli get bin 0x20191005 binary_data.hex
ssscli disconnect
9.6.2. SE05X: PCSC interface¶
Provisioning ECC Pair and Certificate:
ssscli connect se05x pcsc NXP
ssscli se05x reset
ssscli set ecc pair 0x20181001 tstData\tls_client_key.pem
ssscli set cert 0x20181002 tstData\tls_client.cer
ssscli disconnect
Inject ECC Public Key:
ssscli connect se05x pcsc NXP
ssscli set ecc pub 0x20181010 tstData\tls_client_key_pub.pem
ssscli disconnect
9.6.3. se05x: JRCPV2 interface¶
Provisioning ECC Pair and Certificate:
ssscli connect se05x jrcpv2 127.0.0.1:8050
ssscli se05x reset
ssscli set ecc pair 0x20181001 tstData\tls_client_key.pem
ssscli set cert 0x20181002 tstData\tls_client.cer
ssscli disconnect
Generating ecc key and retrive public key:
ssscli connect se05x jrcpv2 127.0.0.1:8050
ssscli se05x reset
ssscli generate ecc 0x40100000 NIST_P256
ssscli get ecc pair 0x40100000 data\tls_key.pem
ssscli disconnect
Set and retrieve certificate:
ssscli connect se05x jrcpv2 127.0.0.1:8050
ssscli set cert 0x20181002 tstData\tls_client.cer
ssscli get cert 0x20181002 data\extracted_certificate.cer
ssscli disconnect
Erase a key, Inject ecc Key and Sign certificate:
ssscli connect se05x jrcpv2 127.0.0.1:8050
ssscli erase 0x20181001
ssscli set ecc pair 0x20181001 tstData\tls_client_key.pem
ssscli sign 0x20181001 tstData\tls_client.cer data\signed_data.pem
ssscli disconnect
Inject and Retrieve AES key:
ssscli connect se05x jrcpv2 127.0.0.1:8050
ssscli se05x reset
ssscli set aes 0x40200000 tstData\aes.der
ssscli get aes 0x40200000 data\extracted_aes_key.cer
ssscli disconnect
Inject ECC Public Key:
ssscli connect se05x jrcpv2 127.0.0.1:8050
ssscli set ecc pub 0x20181010 tstData\tls_client_key_pub.pem
ssscli disconnect
Generate RSA Key and Get public key in PEM format:
ssscli connect se05x jrcpv2 127.0.0.1:8050
ssscli generate rsa 0x20182001 2048
ssscli get rsa pub 0x20182001 data\rsa_pub_2048.pem --format PEM
ssscli disconnect
Generate ecc Koblitz 256 Key, Sign Binary data and verify:
ssscli connect se05x jrcpv2 127.0.0.1:8050
ssscli generate ecc 12E41001 Secp256k1
ssscli sign 12E41001 tstData\binary_data.bin signed_data_ecc_secp256k1.pem
ssscli verify 12E41001 tstData\binary_data.bin signed_data_ecc_secp256k1.pem
ssscli disconnect
Generate ecc Brainpool192 Key and Sign and verify certificate using SHA512 has algorithm:
ssscli connect se05x jrcpv2 127.0.0.1:8050
ssscli generate ecc 0x2E101501 Brainpool192
ssscli sign 0x2E101501 tstData\tls_client.cer data\signed_data.pem --hashalgo=SHA512
ssscli verify 0x2E101501 tstData\tls_client.cer data\signed_data.pem --hashalgo=SHA512
ssscli disconnect
Read Cert UID of 10 bytes long:
ssscli connect se05x jrcpv2 127.0.0.1:8050
ssscli se05x certuid
Read UID of 18 bytes long:
ssscli connect se05x jrcpv2 127.0.0.1:8050
ssscli se05x uid
Session open with auth type as Platform SCP, generate ecc Brainpool192 Key:
ssscli connect se05x jrcpv2 127.0.0.1:8050 --auth_type PlatformSCP --scpkey "c:/_ddm/scpkey.txt"
ssscli se05x reset
ssscli generate ecc 2E10D532 Brainpool192
ssscli disconnect
Generate ecc Koblitz256 key and create reference key:
ssscli connect se05x jrcpv2 127.0.0.1:8050
ssscli generate ecc 7A10D838 Secp256k1
ssscli refpem ecc pair 7A10D838 data\refkey_secp256k1.pem
ssscli disconnect
Generate rsa 4096 key and create reference key in pkcs12 format:
ssscli connect se05x jrcpv2 127.0.0.1:8050
ssscli generate rsa 0x70102040 4096
ssscli refpem rsa pair 0x70102040 rsa_4096_rekey.pfx --password nxp
ssscli disconnect
Generate ecc Brainpool 256 key and create pkcs12 format reference key extracted to pem format:
ssscli connect se05x jrcpv2 127.0.0.1:8050
ssscli generate ecc 70102050 Brainpool256
ssscli refpem ecc pair 70102050 ecc_bp256_rekey.pem --format PKCS12 --password nxp
ssscli disconnect
Generate ecc ED25519 key and sign certificate:
ssscli connect se05x jrcpv2 127.0.0.1:8050
ssscli generate ecc 70102060 ED25519
ssscli sign 70102060 tstData\tls_client.cer data\signed_data_using_ed25519.pem
ssscli disconnect
Generate ecc MONTH DH 25519 key:
ssscli connect se05x jrcpv2 127.0.0.1:8050
ssscli generate ecc 70102080 ED25519
ssscli sign 70102080 tstData\tls_client.cer data\signed_data_using_ed25519.pem
ssscli disconnect
Perform Encrypt and Decrypt using RSA 2048:
ssscli connect se05x jrcpv2 127.0.0.1:8050
ssscli generate rsa 0x20182001 2048
ssscli get rsa pub 0x20182001 rsa_pub_2048.pem
ssscli set rsa pub 0x20184120 rsa_pub_2048.pem
ssscli encrypt 0x20184120 "Welcome to NXP" rsa_2048_encrypted_data.pem
ssscli decrypt 0x20182001 rsa_2048_encrypted_data.pem decrypted_data.txt
ssscli disconnect
Provision and Retrieve Binary data:
ssscli connect se05x jrcpv2 127.0.0.1:8050
ssscli set bin 0x20191005 tstData\binary_data.hex
ssscli get bin 0x20191005 binary_data.hex
ssscli disconnect
9.6.4. A71CH: VCOM Interface¶
Provisioning ECC Pair and Certificate:
ssscli connect a71ch vcom COM7
ssscli a71ch reset
ssscli set ecc pair 0x20181003 tstData\tls_client_key.pem
ssscli set cert 0x20181004 tstData\tls_client.cer
ssscli disconnect
Generating ecc key and retrive public key:
ssscli connect a71ch vcom COM7
ssscli a71ch reset
ssscli generate ecc 0x20181003 NIST_P256
ssscli get ecc pair 0x20181003 data\tls_key.pem
ssscli disconnect
Set certificate and retrieve certificate:
ssscli connect a71ch vcom COM7
ssscli set cert 0x20181004 tstData\tls_client.cer
ssscli get cert 0x20181004 data\extracted_certificate.cer
ssscli disconnect
Erase a key, Inject ecc Key and Sign certificate:
ssscli connect a71ch vcom COM7
ssscli erase 0x20181005
ssscli set ecc pair 0x20181005 tstData\tls_client_key.pem
ssscli sign 0x20181005 tstData\tls_client.cer data\signed_data.pem
ssscli disconnect
9.6.5. A71CH: SCI2C interface¶
Provisioning ECC Pair and Certificate:
ssscli connect a71ch sci2c none
ssscli a71ch reset
ssscli set ecc pair 0x20181005 tstData/tls_client_key.pem
ssscli set cert 0x20181002 tstData/tls_client.cer
ssscli disconnect
Generating ecc key and retrive public key:
ssscli connect a71ch sci2c none
ssscli a71ch reset
ssscli generate ecc 0x40100000 NIST_P256
ssscli get ecc pair 0x40100000 data/tls_key.pem
ssscli disconnect
Set certificate and retrieve certificate:
ssscli connect a71ch sci2c none
ssscli set cert 0x20181002 tstData/tls_client.cer
ssscli get cert 0x20181002 data/extracted_certificate.cer
ssscli disconnect
Erase a key, Inject ecc Key and Sign certificate:
ssscli connect a71ch sci2c none
ssscli erase 0x20181001
ssscli set ecc pair 0x20181001 tstData/tls_client_key.pem
ssscli sign 0x20181001 tstData/tls_client.cer data/signed_data.pem
ssscli disconnect
9.6.6. MBEDTLS¶
Provisioning ECC Pair and Certificate:
ssscli connect mbedtls none data
ssscli set ecc pair 0x20181005 tstData\tls_client_key.pem
ssscli set cert 0x20181002 tstData\tls_client.cer
ssscli disconnect
Generating ecc key and retrive public key:
ssscli connect mbedtls none data
ssscli generate ecc 0x20181003 NIST_P256
ssscli get ecc pair 0x20181003 data\tls_key.pem
ssscli disconnect
Set certificate and retrieve certificate:
ssscli connect mbedtls none data
ssscli set cert 0x20181004 tstData\tls_client.cer
ssscli get cert 0x20181004 data\extracted_certificate.cer
ssscli disconnect
Erase key, provisioning ecc Key and Sign certificate:
ssscli connect mbedtls none data
ssscli erase 0x20181005
ssscli set ecc pair 0x20181005 tstData\tls_client_key.pem
ssscli sign 0x20181005 tstData\tls_client.cer data\signed_data.pem
ssscli disconnect