3.3 B6.ER3 Write Command Returns Bad Handle(0x85) Error When Run After an Interrupted Write

Issue Description

Interrupting a Write command, by means of a device reset such as a power loss, running within an AES 128 Auth session results in a Bad Handle (0x85) error for subsequent write operations to that handle.

The issue is observed with the following configuration conditions:
  1. The Read_Perm attribute of the Shared Data Element handle being written is not set to Always.
    Table 3-1. Read_Perm Attribute Values for AES-128 GCM
    Byte#Bit#Size BitsNameDescription
    65:42Read_Perm

    `b00 (Never): This element can never be written with the Write command.

    `b10 (Auth): Writes of this element must be run within an authorization session created with Write_Key.

    `b11 (Claims): Write requires claims in Write_Key.

  2. The handle used to establish the Auth session in which the Write command executes is AES-GCM 128. The corresponding Key_Type and Alg_Mode values are provided below.
    Table 3-2. Key_Type and Alg_Mode Values for AES-128 GCM
    Key Type (Hex)Alg ModeDescription
    0xC1AES-128 GCM

Work Around

The following options are recommended to mitigate this issue:

  1. Avoid interrupting a Write command by using the Reset pin or performing a power cycle.
  2. Set the Read_perm handle attribute to Always if reading the contents of the handle is considered safe and does not involve any sensitive information.
    Table 3-3. Work Arounds with Various Write_Perm and Delete_Perm Attributes
    NameDescription of Affected Handle Attributes and Applicable Work Arounds
    Write_Perm
    b01 (Always): Always legal to write.
    Work arounds:
    1. Write command can be used outside of Auth session (or)
    2. Write command can be used within a CMAC- or HMAC-based Auth session.
    b10 (Auth): Writes of this element must be run within an authorization session created with Write_Key.
    Work around: Use the Write command within a CMAC- or HMAC-based Auth session.
    b11 (Claims): Write requires claims in Write_Key.
    Work around: Use the Write command within a CMAC- or HMAC-based Auth session.
    Note: The Session_Use parameter determines the applicability of the CMAC or HMAC Auth session work around.
    Delete_Perm
    b00 (Never): Element may not be deleted, only modified.

    Work around: If the Session_Use parameter is set to mandatory (encrypted session), then it is required to Delete, Create and Write the handle again. This work around mandates Delete_Perm not be set to Never.

    b01 (Always): Element can always be deleted.

    b10 (Auth): Element can be deleted when authorized using a Write_Key.

    b11 (Claims): Deletion requires Claims in Write_Key.

    The following table provides the Session Use Field Coding values for the Symmetric Key class.
    Table 3-4. Session Use Field Coding
    ValueUse for Auth SessionEncrypted SessionDetails
    1EitherOptionalCan use CMAC / HMAC
    2EitherOptionalCan use CMAC / HMAC
    3EitherMandatoryCan use only AES-GCM
    4OnlyMandatoryCan use only AES-GCM
    5OnlyOptionalCan use CMAC / HMAC
    6OnlyOptionalCan use CMAC / HMAC
    7OnlyMandatoryCan use only AES-GCM

Corrective Actions

No corrective action is required for this issue. Please implement one of the recommended work around options.