11.12.3.4.113. Function Se05x_API_ReadObjectAttributes_W_Attst¶
Defined in File se05x_APDU_apis.h
11.12.3.4.113.1. Function Documentation¶
-
smStatus_t
Se05x_API_ReadObjectAttributes_W_Attst
(pSe05xSession_t session_ctx, uint32_t objectID, uint32_t attestID, SE05x_AttestationAlgo_t attestAlgo, const uint8_t *random, size_t randomLen, uint8_t *data, size_t *pdataLen, SE05x_TimeStamp_t *ptimeStamp, uint8_t *outrandom, size_t *poutrandomLen, uint8_t *chipId, size_t *pchipIdLen, uint8_t *signature, size_t *psignatureLen)¶ Se05x_API_ReadObjectAttributes_W_Attst
Reads the attributes of a Secure Object (without the value of the Secure Object).
Each Secure Object has a number of attributes assigned to it. These attributes are listed in for Authentication Objects and in for non-Authentication Objects.
Authentication Object attributes
Attribute
Size (bytes)
Description
Object identifier
4
See
identifiersRef
Object type
1
One of SecureObjectType
Authentication attribute
1
One of
SetIndicatorRef
Object counter
2
Number of failed attempts for an authentication object if the Maximum Authentication Attempts has been set.
Authentication object identifier
4
”Owner” of the secure object; i.e., the identifier of the session authentication object when the object has been created.
Maximum authentication attempts
2
Maximum number of authentication attempts. 0 means unlimited.
Policy
Variable
Policy attached to the object
Origin
1
One of
OriginRef
; indicates the origin of the Secure Object, either externally set, internally generated or trust provisioned by NXP.Version
1
The Secure Object version. Default = 0. See FIPS compliance for details about versioning of Secure Objects.
Non-Authentication Objects
Attribute
Size (bytes)
Description
Object identifier
4
See Object identifiers
Object type
1
One of SecureObjectType
Authentication attribute
1
One of
SetIndicatorRef
Tag length
2
Set to 0x0000, except for AESKey objects: for AESKey objects, this indicates the GMAC length that applies when doing AEAD operations. If the value is set to 0 and AEAD operations are done, the GMAC length shall be 128 bit.
Authentication object identifier
4
”Owner” of the secure object; i.e., the identifier of the session authentication object when the object has been created.
RFU
2
Set to 0x0000.
Policy
Variable
Policy attached to the object
Origin
1
One of
OriginRef
; indicates the origin of the Secure Object, either externally set, internally generated or trust provisioned by NXP.Version
1
The Secure Object version. Default = 0. See FIPS compliance for details about versioning of Secure Objects.
Command to Applet
Field
Value
Description
CLA
0x80
INS
INS_READ
See
SE05x_INS_t
, in addition to INS_READ, users can set the INS_ATTEST flag. In that case, attestation applies.P1
P1_DEFAULT
See
SE05x_P1_t
P2
P2_ATTRIBUTES
See
SE05x_P2_t
Lc
#(Payload)
Payload Length.
TLV[TAG_1]
4-byte object identifier
TLV[TAG_5]
4-byte attestation object identifier. [Optional] [Conditional: only when INS_ATTEST is set]
TLV[TAG_6]
1-byte AttestationAlgo [Optional] [Conditional: only when INS_ATTEST is set]
TLV[TAG_7]
16-byte freshness random [Optional] [Conditional: only when INS_ATTEST is set]
Le
0x00
R-APDU Body
Value
Description
TLV[TAG_2]
Byte array containing the attributes (see Object Attributes).
TLV[TAG_3]
(only when INS_ATTEST is set) 12-byte timestamp
TLV[TAG_4]
(only when INS_ATTEST is set) 16-byte freshness random
TLV[TAG_5]
(only when INS_ATTEST is set) 18-byte Chip unique ID
TLV[TAG_6]
(only when INS_ATTEST is set) Signature applied over the value of TLV[TAG_2], TLV[TAG_2], TLV[TAG_3], TLV[TAG_4] and TLV[TAG_5].
R-APDU Trailer
SW
Description
SW_NO_ERROR
The read is done successfully.
- Return
The sm status.
- Parameters
[in] session_ctx
: The session context[in] objectID
: The object id[in] attestID
: The attest id[in] attestAlgo
: The attest algorithm[in] random
: The random[in] randomLen
: The random lengthdata
: The datapdataLen
: The pdata lengthptimeStamp
: The ptime stampoutrandom
: The outrandompoutrandomLen
: The poutrandom lengthchipId
: The chip identifierpchipIdLen
: The pchip identifier lengthsignature
: The signaturepsignatureLen
: The psignature length