PSA import key / sign hash not working after SDK update

Hello,

I am currently updating from SDK v2.3.0 to v2.5.2 but I am not able to get the 'psa' functions working correctly (as they did with previous SDKs).

I am trying to import a private key, with oberon driver I get the error -134 = PSA_ERROR_NOT_SUPPORTED,
with cc3xx driver the import itself is working but the next operations (psa_export_public_key and/or psa_sign_hash) will fail with error -147 = PSA_ERROR_HARDWARE_FAILURE

The problem seems familiar to:
nRF9160 RSA crypto changes from v2.3.0 to v2.4.0 SHA-1 signing
(I was also able to get error 135 in some cases) but the solution (to use CONFIG_PSA_CORE_BUILTIN=y) was removed in SDK v2.5.2

Initially I also thought it's because of the usage of a 512 bit key, which according to upper answer and to
https://developer.nordicsemi.com/nRF_Connect_SDK/doc/2.4.1/nrfxlib/crypto/doc/nrf_oberon.html
is not supported anymore -> therefore we specially changed our server to 2048 bit, but results stayed the same.

I have experimented with variations of following settings, but neither combination was working:

CONFIG_CRYPTO=y
CONFIG_NRF_SECURITY=y
CONFIG_MBEDTLS_RSA_C=y
CONFIG_MBEDTLS_PSA_CRYPTO_C=y
CONFIG_PSA_WANT_ALG_RSA_PKCS1V15_SIGN=y
CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR=y
CONFIG_PSA_WANT_ALG_SHA_256=y
CONFIG_PSA_WANT_RSA_KEY_SIZE_2048=y

CONFIG_PSA_CRYPTO_DRIVER_OBERON=n
CONFIG_PSA_CRYPTO_DRIVER_CC3XX=y

I am testing with following code:

STATUS_CODE rsa_import_prv_key(void)
{
	/* Configure the key attributes */
	psa_key_attributes_t key_attributes = PSA_KEY_ATTRIBUTES_INIT;
	psa_status_t status;
	size_t olen;

	int rc;
	unsigned char buffer[2048];
	size_t len;

	/* Configure the key attributes */
	psa_set_key_usage_flags(&key_attributes, PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT);
	psa_set_key_lifetime(&key_attributes, PSA_KEY_LIFETIME_VOLATILE);
	psa_set_key_algorithm(&key_attributes, PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256));
	psa_set_key_type(&key_attributes, PSA_KEY_TYPE_RSA_KEY_PAIR );
	psa_set_key_bits(&key_attributes, RSA_KEY_BITS);

	rc = base64_decode(buffer, sizeof(buffer), &len, &CONF_API_PRIVATE_KEY[0], strlen(CONF_API_PRIVATE_KEY) );
	if(rc!=0) {
		LOG_ERR("Base64 decode error: %d", rc);
	}

//	PRINT_HEX("Base64 decoded", buffer, sizeof(buffer));

	status = psa_import_key(&key_attributes, buffer, len, &keypair_handle);
	if (status != PSA_SUCCESS) {
		LOG_INF("psa_import_key failed! (Error: %d)", status);
		return STATUS_ERROR;
	}

	/* Export the public key */
	status = psa_export_public_key(keypair_handle, m_pub_key, sizeof(m_pub_key), &olen);
	if (status != PSA_SUCCESS) {
		LOG_INF("psa_export_public_key failed! (Error: %d)", status);
		return STATUS_ERROR;
	}
	
//	PRINT_HEX("Second (exported) puclic key", m_pub_key, sizeof(m_pub_key));

	/* After the key handle is acquired the attributes are not needed */
	psa_reset_key_attributes(&key_attributes);

	return STATUS_OK;
}

And also tested some variations here (for example did I add the 'PSA_KEY_USAGE_EXPORT' flag due to an answer in the forum, this was not necessary in SDK2.3.0).

I was not able to find any solution, although I searched for a long time in the changelogs and in the forum, so I hope for some useful input...

Thank you, best regards,
Bernhard

Top Replies

Bernhard 1 month ago in reply to dejans +1 verified

Hello dejans, just as a short note for anybody else with the same problem... I finally found out that the newer drivers = oberon & cc3xx (in difference to older 'builtin') are not able to handle the…

Parents

0 dejans 4 months ago

Hi,

Could you send a full log with the error messages -134 = PSA_ERROR_NOT_SUPPORTED and -147 = PSA_ERROR_HARDWARE_FAILURE?
Which configurations did you have in both of these failing cases?

Best regards,
Dejan
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Bernhard 4 months ago in reply to dejans
Hello Dejan,

this is my configuration for CC3XX driver:

prj_sdk_a.conf

and the console output:

[00:00:26.890,411] <inf> rsa: psa_export_public_key failed! (Error: -147) [00:00:26.910,247] <inf> rsa: psa_sign_hash failed! (Error: -147)

and this is my configuration for Oberon driver:

prj_sdk_b.conf

and the console output:

[00:00:13.139,404] <inf> rsa: psa_import_key failed! (Error: -134) [00:00:13.159,606] <inf> rsa: psa_sign_hash failed! (Error: -136)

Thanks and best regards,
Bernhard
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 dejans 4 months ago in reply to Bernhard

Hi Bernhard,

You can read more about Crypto libraries, nRF Security library, nRF Security drivers, and drivers configurations and supported features in the NCS v2.5.2 documentation.

Best regards,
Dejan
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

0 Bernhard 4 months ago in reply to dejans

Hello Dejan,

I have studied the documentation but it does not give any answers to my problem, the interface has not changed between the two SDK versions and from configuration point of view I have already tested quite a lot.

Also I do not understand why one driver respons with 'not supported' to my key while it's ok for the other one, although should be supported by both. (If both would fail I would search more for a format error or something like that.)

Here are some additional settings I have played with in between:

CONFIG_MBEDTLS_HEAP_SIZE=16384

CONFIG_CRYPTO=y

CONFIG_NRF_SECURITY=y
#CONFIG_NORDIC_SECURITY_BACKEND=y
#CONFIG_CC3XX_BACKEND=y

CONFIG_PSA_CRYPTO_DRIVER_OBERON=y
CONFIG_PSA_CRYPTO_DRIVER_CC3XX=n

CONFIG_MBEDTLS_PSA_CRYPTO_C=y
CONFIG_MBEDTLS_USE_PSA_CRYPTO=y

CONFIG_MBEDTLS_RSA_C=y
CONFIG_MBEDTLS_SHA256_C=y
CONFIG_MBEDTLS_AES_C=y
CONFIG_MBEDTLS_PKCS1_V15=y

CONFIG_MBEDTLS_PK_PARSE_C=y
CONFIG_MBEDTLS_TLS_LIBRARY=y

CONFIG_PSA_WANT_ALG_RSA_PKCS1V15_SIGN=y
CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR=y
CONFIG_PSA_WANT_ALG_SHA_256=y
CONFIG_PSA_WANT_RSA_KEY_SIZE_2048=y

# test only
CONFIG_PSA_WANT_ALG_HKDF=y
CONFIG_PSA_WANT_ALG_PBKDF2_HMAC=y
CONFIG_PSA_WANT_ALG_TLS12_PRF=y
CONFIG_PSA_WANT_ALG_TLS12_PSK_TO_MS=y
CONFIG_PSA_WANT_ALG_TLS12_ECJPAKE_TO_PMS=y

and for CC3XX driver additionaly:

CONFIG_PSA_USE_CC3XX_SIGNATURE_DRIVER=y
CONFIG_PSA_USE_CC3XX_HASH_DRIVER=y
CONFIG_PSA_USE_CC3XX_KEY_PAIR_DRIVER=y
CONFIG_PSA_USE_CC3XX_CIPHER_DRIVER=y
CONFIG_PSA_USE_CC3XX_ASYMMETRIC_DRIVER=y

I also tryd now to switch to SDK v2.6.0 but the device was not booting up anymore, it is really annoying that the SDK versions are not an upgrade from one to each other but rather just a change.

Hope you could help me anyway.

Best regards,
Bernhard

0 dejans 4 months ago in reply to Bernhard

Hi Bernhard,

Could you provide both configuration files and relevant code (as you did in your initial post) when you had everything working as expected?

What was the most recent NCS version which you used and did not get any issues?

Best regards,
Dejan
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

0 Bernhard 4 months ago in reply to dejans

Hello Dejan,

dejans said:
What was the most recent NCS version which you used and did not get any issues?

The main difference (at least what I can see) seems to be between SDK versions v2.4.3 and v2.5.0, but I was actually working with v2.3.0

I was trying to make you a minimal example (since my application is already big and complex), thereby I noticed that even the RSA samples (e.g. C:\ncs\v2.x.x\nrf\samples\crypto) are not working on the nRF9160DK:

*** Booting Zephyr OS build v3.2.99-ncs2 ***
[00:00:00.633,911] <inf> rsa: Starting the RSA example...
[00:00:00.633,941] <inf> rsa: Generating random RSA keypair...
[00:00:00.634,094] <inf> rsa: psa_generate_key failed! (Error: -134)
[00:00:00.634,094] <inf> rsa: Example exited with error!

It seems that some additional configuration is needed, especially CONFIG_TFM_PROFILE_TYPE_NOT_SET=y, but that produces some further errors:

c:/ncs/toolchains/v2.3.0/opt/zephyr-sdk/arm-zephyr-eabi/bin/../lib/gcc/arm-zephyr-eabi/12.1.0/../../../../arm-zephyr-eabi/bin/ld.exe: platform/libplatform_s.a(tfm_hal_platform_common.o): in function `tfm_hal_platform_common_init':
C:/ncs/v2.3.0/modules/tee/tf-m/trusted-firmware-m/platform/ext/target/nordic_nrf/common/core/tfm_hal_platform_common.c:36: undefined reference to `stdio_init'
c:/ncs/toolchains/v2.3.0/opt/zephyr-sdk/arm-zephyr-eabi/bin/../lib/gcc/arm-zephyr-eabi/12.1.0/../../../../arm-zephyr-eabi/bin/ld.exe: platform/libplatform_s.a(tfm_hal_spm_logdev_peripheral.o): in function `tfm_hal_output_spm_log':
C:/ncs/v2.3.0/modules/tee/tf-m/trusted-firmware-m/platform/ext/common/tfm_hal_spm_logdev_peripheral.c:14: undefined reference to `stdio_output_string'

So for my understanding some addtional undocumented configurations are necessary which changed between the SDK versions.

dejans said:
Could you provide both configuration files and relevant code (as you did in your initial post) when you had everything working as expected?

Attached is an excerpt:

rsa_working_2.3.0.zip

Thank you and best regards,
Bernhard

Reply

0 Bernhard 4 months ago in reply to dejans

Hello Dejan,

dejans said:
What was the most recent NCS version which you used and did not get any issues?

The main difference (at least what I can see) seems to be between SDK versions v2.4.3 and v2.5.0, but I was actually working with v2.3.0

*** Booting Zephyr OS build v3.2.99-ncs2 ***
[00:00:00.633,911] <inf> rsa: Starting the RSA example...
[00:00:00.633,941] <inf> rsa: Generating random RSA keypair...
[00:00:00.634,094] <inf> rsa: psa_generate_key failed! (Error: -134)
[00:00:00.634,094] <inf> rsa: Example exited with error!

It seems that some additional configuration is needed, especially CONFIG_TFM_PROFILE_TYPE_NOT_SET=y, but that produces some further errors:

c:/ncs/toolchains/v2.3.0/opt/zephyr-sdk/arm-zephyr-eabi/bin/../lib/gcc/arm-zephyr-eabi/12.1.0/../../../../arm-zephyr-eabi/bin/ld.exe: platform/libplatform_s.a(tfm_hal_platform_common.o): in function `tfm_hal_platform_common_init':
C:/ncs/v2.3.0/modules/tee/tf-m/trusted-firmware-m/platform/ext/target/nordic_nrf/common/core/tfm_hal_platform_common.c:36: undefined reference to `stdio_init'
c:/ncs/toolchains/v2.3.0/opt/zephyr-sdk/arm-zephyr-eabi/bin/../lib/gcc/arm-zephyr-eabi/12.1.0/../../../../arm-zephyr-eabi/bin/ld.exe: platform/libplatform_s.a(tfm_hal_spm_logdev_peripheral.o): in function `tfm_hal_output_spm_log':
C:/ncs/v2.3.0/modules/tee/tf-m/trusted-firmware-m/platform/ext/common/tfm_hal_spm_logdev_peripheral.c:14: undefined reference to `stdio_output_string'

So for my understanding some addtional undocumented configurations are necessary which changed between the SDK versions.

dejans said:
Could you provide both configuration files and relevant code (as you did in your initial post) when you had everything working as expected?

Attached is an excerpt:

rsa_working_2.3.0.zip

Thank you and best regards,
Bernhard

Children

0 dejans 4 months ago in reply to Bernhard
Hi Bernhard,

Bernhard said:
I was trying to make you a minimal example (since my application is already big and complex), thereby I noticed that even the RSA samples (e.g. C:\ncs\v2.x.x\nrf\samples\crypto) are not working on the nRF9160DK:

I have tested unmodified RSA sample using NCS v2.5.0 and building for nrf9160dk_nrf9160. Here is my log:

As you can see, RSA sample runs fine on my nrf9160-dk.

Here is prj.conf from the same working RSA sample:

CONFIG_MAIN_STACK_SIZE=16384 CONFIG_HEAP_MEM_POOL_SIZE=16384 # Enable logging CONFIG_CONSOLE=y CONFIG_LOG=y # Enable nordic security backend and PSA APIs CONFIG_NRF_SECURITY=y CONFIG_MBEDTLS_PSA_CRYPTO_C=y # Mbedtls configuration CONFIG_MBEDTLS_ENABLE_HEAP=y CONFIG_MBEDTLS_HEAP_SIZE=16384 CONFIG_PSA_WANT_ALG_RSA_PKCS1V15_SIGN=y CONFIG_PSA_WANT_KEY_TYPE_RSA_KEY_PAIR=y CONFIG_PSA_WANT_ALG_SHA_256=y

Here is nrf9160dk_nrf9160.conf from the same RSA sample:

CONFIG_SRAM_SIZE=256 # Using hardware crypto accelerator CONFIG_PSA_CRYPTO_DRIVER_OBERON=n CONFIG_PSA_CRYPTO_DRIVER_CC3XX=y

Best regards,
Dejan
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Bernhard 4 months ago in reply to dejans
Hello Dejan,

I tested different versions but it's always the same output for me, e.g. SDK v2.5.2

*** Booting nRF Connect SDK v2.5.2 *** [00:00:00.389,129] <inf> rsa: Starting the RSA example... [00:00:00.389,160] <inf> rsa: Generating random RSA keypair... [00:00:00.389,312] <inf> rsa: psa_generate_key failed! (Error: -134) [00:00:00.389,343] <inf> rsa: Example exited with error!

What I noticed is this message:

Is it possible that you are working with a different TF-M version?

I don't really feel like the problem is on my side since other users were reporting the same problems in the forum without real solutions (just using different libraries at all). For example a year ago (with older TF-M version?) you just answered that the project is able to compile but not that it is working:

Error -134 running Crypto samples on Thingy91
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 dejans 4 months ago in reply to Bernhard

Hi Bernhard,

It seems that you tried to build the sample with TF-M support. Documentation specifies what happens when you build for _ns target. Could you try to run RSA sample using the same build target as me (nrf9160dk_nrf9160)?

Best regards,
Dejan
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
+1 Bernhard 1 month ago in reply to dejans

Hello dejans,

just as a short note for anybody else with the same problem...

I finally found out that the newer drivers = oberon & cc3xx (in difference to older 'builtin') are not able to handle the "PrivateKeyInfo" header anymore, so as a bugfix I just removed the first 26 bytes of the key and than its working fine again.

Thanks for not supporting the topic at all.

Best regards,
Bernhard
Cancel
Vote Up +1 Vote Down

Sign in to reply

Reject Answer

Cancel
0 dejans 1 month ago in reply to Bernhard

Hi Bernhard,

Your issue might be related to the support of different key formats in PSA Crypto and legacy ("builtin") mbedtls crypto API. Supported key formats for PSA are documented in the PSA Crypto specification.

Best regards,
Dejan
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel