RSA crypto sample in SDK 2.5.0 fails on nRF5340 Development Kit board

Hi, 

It fails with the same error code when changing the sample code and configuration to use CONFIG_PSA_WANT_RSA_KEY_SIZE_1536=y or configuring CONFIG_PSA_WANT_RSA_KEY_SIZE_1024=y.

If you check the .config under build/zephyr, you can find CONFIG_PSA_WANT_RSA_KEY_SIZE_1024=y is set by default.

How do you modify the code? Could you elaborate on what you modified?

(1) When can the basic/default RSA sample application in SDK 2.5.0 fail on the nRF5340 Development Kit?

The error would give some clues. 

(2) We intend to use PSA API for RSA OAEP with key size CONFIG_PSA_WANT_RSA_KEY_SIZE_3072. Is this supported in SDK 2.5.0?

The default setting already has CONFIG_PSA_WANT_RSA_KEY_SIZE_3072.  You check the .config under build/zephyr. 

Regards,
Amanda H.

Hi Amanda,

Thanks for the reply.
Meanwhile, I just randomly increased the memory sizes from 16K to 20K and the default sample for key size 2048 bits, worked.
(i.e. basically for experimentation, i just set CONFIG_MAIN_STACK_SIZE, CONFIG_HEAP_MEM_POOL_SIZE, CONFIG_MBEDTLS_HEAP_SIZE, all to 20 K) and it worked.
I did not expect an PSA_ERR_NOT_SUPPORTED error code for memory reasons though.
Also, I also noticed that the key_generation takes a longer time, with different key sizes.
Will update you further.

Mathi.

Hi Amanda,

I continued further and modifed the default RSA example to try RSA_OAEP encryption for 1024-bit keys
and that fails i.e. psa_asymmetric_encrypt() fails with error code -147(HARDWARE_FAILURE).

This looks very similair to the problem my colleague had experienced about an year ago, see this ==>
 RSA example fails on psa_sign_hash returning -133 - Nordic Q&A - Nordic DevZone - Nordic DevZone (nordicsemi.com)

I don't know if anything has changed in the past 1 year between 2.1.1 and 2.5.0 -
Could you please confirm whether psa_asymmetric_encrypt() for RSA 1024-bit keys is supported or not?

Kind Regards, Mathi.

Hi, 

Did you change the buffer sizes for the key: 

NRF_CRYPTO_EXAMPLE_RSA_PUBLIC_KEY_SIZE
NRF_CRYPTO_EXAMPLE_RSA_SIGNATURE_SIZE 

If these are increased the 2048 bit RSA key should work as expected. 

-Amanda H.

Hi,

As an update, please note that the psa_asymmetric_encrypt() API worked fine now after passing the keypair_handle (i.e. instead of using the pub_key_handle) to the API.

The encryption works fine for 1024, 2048 and 3072-bit keys when the algorithm is set to 
psa_set_key_algorithm(&key_attributes, (PSA_ALG_RSA_OAEP(PSA_ALG_SHA_256)));

But then, psa_asymmetric_encrypt() fails with same error code (-147 = HARDWARE_FAILURE)
for all key sizes WHEN setting the algorithm to 
psa_set_key_algorithm(&key_attributes, (PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1)));

But then, psa_asymmetric_encrypt() fails with same error code (-147 = HARDWARE_FAILURE)
for all key sizes WHEN setting the algorithm to 
psa_set_key_algorithm(&key_attributes, (PSA_ALG_RSA_OAEP(PSA_ALG_SHA_1)));

Hi, 

Did you enable the config for PSA_ALG_SHA_1?

Disclaimer from PSA Crypto API: 

The SHA-1 hash is weak and deprecated and is only recommended for use in legacy protocols.

-Amanda H.

That helped. Thanks.

I ran into another problem.
If i import a RSA public key generated using openssl, then psa_asymmetric_enrypt() fails with (-147 = HARDWARE_FAILURE). Here, i use the pub_key_handle from psa_key_import().
Does this mean, only keys generated on the device, are supported?
Or Is there anything specific about the PSA key-format for RSA-OAEP-3072?

Another update -
Case 1) I manually saved (in hex) the public key exported from PSA (using psa_generate_key()). And imported it in a different standalone application, encryption(RSA-OAEP-3072) worked.
The length of the public key (with exponent) was 398 bytes 

Case 2) Imported the public key from from openssl, encryption fails with (-147).
The length of the public key (with exponent) was 388 bytes.

Are there any special bytes to be included to the public key format when using PSA APIs
Thanks,

Mathi.