• State Verified Answer
  • Replies 6 replies
  • Subscribers 74 subscribers
  • Views 1362 views
  • Users 0 members are here
Attachments (1) Download All
Nordic Case Info
  • Case ID: 310490
Options

psa_cipher_encrypt returns -135 INVALID_ARGUMENT when running with TF-M

Anthony Ambuehl

Hi I am working on a security focused project.  I have written some functions that perform AES-128 cipher encryption using PSA_ALG_CBC_NO_PADDING and a key with a persistent lifetime PSA_KEY_LIFETIME_PERSISTENT.  I developed and tested the functions initially without TF-M and they worked as expected.  Now I am switching to using the TF-M environment with PSA_CRYPT in a secure partition.

The issue that I'm having is that I get an PSA_ERROR_INVALID_ARGUMENT (-135) when I call psa_cipher_encrypt.

I was able to trace the code down through submitting the IPC call and also after it has reached tfm_crypto_sfn.

I was also able to confirm it reached  nrfxlib/nrf_security/src/psa_crypto_drivers_wrapper  psa_driver_wrapper_cipher_encrypt(...) but from there I was unable to trace it any further.  While debugging it appeared to reach line 897 where it would call cc3xx_cipher_encrypt but VS Code cannot find the source for this function.

I should note, I am calling the psa_cipher_encrypt from a secure partition, though I suspect the problem would be same if I call from the non-secure partition as well.

I have attached the zephyr/.config file (as example.config)

example.config

I suspect there is a mis-configuration that is selecting the OBERON driver instead of the nrf_cc3xx driver, but I'm not sure how/why that is occurring.

Any recommendations on how to track down the issue?

Why does VSCode get lost when it tries to enter cc3xx_cipher_encrypt?

Parents
  • 0

    Hi,

    Which version of the nRF Connect SDK do you use?

    If you are not using v2.4.0, I can recommend this.
    As you can read in v2.4.0 release notes, we changed the crypto drivers for TF-M to Oberon drivers here (not backend but for crypto).
    And I have been told that Oberon should (hopefully) be easier to debug than the previous solution.

    Regards,
    Sigurd Hellesvik

  • 0 in reply to Sigurd Hellesvik

    I am currently developing with v2.3.0 but an update to 2.4.0 is planned.

    Do you have any information about problems in 2.3.0 that might be relevant?  

    Is it possible there is some sort of mis-configuration that is not detected as an error?

  • 0 in reply to Anthony Ambuehl
    Anthony Ambuehl said:
    Do you have any information about problems in 2.3.0 that might be relevant?  

    The crypto driver has changed, so I do not think there are problems per say in the v2.3.0. v2.4.0 is just more optimized and different to work with. So it is not easy to point at specifics.

    Anthony Ambuehl said:
    Is it possible there is some sort of mis-configuration that is not detected as an error?

    Yes, but I do not think that is it exactly. See where I go on from here.

    So I thought: "I should be able to do the same as Anthony with the nrf/samples/crypto/aes_cbc"
    Then when I tell it to save the key persistently, I get the same error as you: -135.

    After some looking around, I found that nrf/samples/crypto/persistent_key_usage shows how I can use persistent keys, so I decide to copy what i think is relevant from this sample, and tada, it worked.
    My guess is that you forgot one of these steps:

    diff --git a/samples/crypto/aes_cbc/prj.conf b/samples/crypto/aes_cbc/prj.conf
index 2db6b4896..a4f11b049 100644
--- a/samples/crypto/aes_cbc/prj.conf
+++ b/samples/crypto/aes_cbc/prj.conf
@@ -14,3 +14,7 @@ CONFIG_MBEDTLS_PSA_CRYPTO_C=y
 
 CONFIG_MBEDTLS_ENABLE_HEAP=y
 CONFIG_MBEDTLS_HEAP_SIZE=8192
+
+# Enable persistent storage APIs
+CONFIG_MBEDTLS_PSA_CRYPTO_STORAGE_C=y
+CONFIG_PSA_NATIVE_ITS=y
diff --git a/samples/crypto/aes_cbc/src/main.c b/samples/crypto/aes_cbc/src/main.c
index 8748b1167..b0518941e 100644
--- a/samples/crypto/aes_cbc/src/main.c
+++ b/samples/crypto/aes_cbc/src/main.c
@@ -84,7 +84,8 @@ int generate_key(void)
        psa_key_attributes_t key_attributes = PSA_KEY_ATTRIBUTES_INIT;
 
        psa_set_key_usage_flags(&key_attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT);
-       psa_set_key_lifetime(&key_attributes, PSA_KEY_LIFETIME_VOLATILE);
+       psa_set_key_lifetime(&key_attributes, PSA_KEY_LIFETIME_PERSISTENT);
+       psa_set_key_id(&key_attributes, 132);
        psa_set_key_algorithm(&key_attributes, PSA_ALG_CBC_NO_PADDING);
        psa_set_key_type(&key_attributes, PSA_KEY_TYPE_AES);
        psa_set_key_bits(&key_attributes, 128);

    the key id is up to you, I just chose 132 as a random number.

    Regards,
    Sigurd Hellesvik

Reply
  • 0 in reply to Anthony Ambuehl
    Anthony Ambuehl said:
    Do you have any information about problems in 2.3.0 that might be relevant?  

    The crypto driver has changed, so I do not think there are problems per say in the v2.3.0. v2.4.0 is just more optimized and different to work with. So it is not easy to point at specifics.

    Anthony Ambuehl said:
    Is it possible there is some sort of mis-configuration that is not detected as an error?

    Yes, but I do not think that is it exactly. See where I go on from here.

    So I thought: "I should be able to do the same as Anthony with the nrf/samples/crypto/aes_cbc"
    Then when I tell it to save the key persistently, I get the same error as you: -135.

    After some looking around, I found that nrf/samples/crypto/persistent_key_usage shows how I can use persistent keys, so I decide to copy what i think is relevant from this sample, and tada, it worked.
    My guess is that you forgot one of these steps:

    diff --git a/samples/crypto/aes_cbc/prj.conf b/samples/crypto/aes_cbc/prj.conf
index 2db6b4896..a4f11b049 100644
--- a/samples/crypto/aes_cbc/prj.conf
+++ b/samples/crypto/aes_cbc/prj.conf
@@ -14,3 +14,7 @@ CONFIG_MBEDTLS_PSA_CRYPTO_C=y
 
 CONFIG_MBEDTLS_ENABLE_HEAP=y
 CONFIG_MBEDTLS_HEAP_SIZE=8192
+
+# Enable persistent storage APIs
+CONFIG_MBEDTLS_PSA_CRYPTO_STORAGE_C=y
+CONFIG_PSA_NATIVE_ITS=y
diff --git a/samples/crypto/aes_cbc/src/main.c b/samples/crypto/aes_cbc/src/main.c
index 8748b1167..b0518941e 100644
--- a/samples/crypto/aes_cbc/src/main.c
+++ b/samples/crypto/aes_cbc/src/main.c
@@ -84,7 +84,8 @@ int generate_key(void)
        psa_key_attributes_t key_attributes = PSA_KEY_ATTRIBUTES_INIT;
 
        psa_set_key_usage_flags(&key_attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT);
-       psa_set_key_lifetime(&key_attributes, PSA_KEY_LIFETIME_VOLATILE);
+       psa_set_key_lifetime(&key_attributes, PSA_KEY_LIFETIME_PERSISTENT);
+       psa_set_key_id(&key_attributes, 132);
        psa_set_key_algorithm(&key_attributes, PSA_ALG_CBC_NO_PADDING);
        psa_set_key_type(&key_attributes, PSA_KEY_TYPE_AES);
        psa_set_key_bits(&key_attributes, 128);

    the key id is up to you, I just chose 132 as a random number.

    Regards,
    Sigurd Hellesvik

Children
Related
Terms of service