• State Verified Answer
  • Replies 9 replies
  • Subscribers 68 subscribers
  • Views 361 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 331154
Options

Enable ECDH with _ns build

Jithin A

Hi,

I am trying to implement the ECDH functionality in the TF-M application.

I am referring Crypto: ECDH (nordicsemi.com) and in the build target I see, the example can be built with _ns.

When I try to build the above example with the _ns build, I am getting an error "PSA_ERROR_NOT_SUPPORTED (-134)"

Whereas when I build it without _ns, the example works fine.

Am I missing any configuration here? No changes were made to prj.conf

Please help me I need the ECDH with _ns build.

Target board: nrf5340dk_nrf5340_cpuapp_ns

Parents Reply Children
  • 0 in reply to Hieu

    Hi Hieu, 

    You are right, I see the CONFIG_BUILD_WITH_TFM macro is enabled in the .config file.

    Can you please explain why I get the error -134 even if it is enabled.

    Below is my observation,

    Case1: without modifying the example

    1. Create a ECDH sample copy, build with _ns
    2. Build, success
    3. Check .config file and I see CONFIG_BUILD_WITH_TFM is enabled
    4. Test the program, I get below error

    *** Booting nRF Connect SDK v3.5.99-ncs1-1 ***
[00:00:00.509,063] <inf> ecdh: Starting ECDH example...
[00:00:00.509,063] <inf> ecdh: Creating ECDH key pair for Alice
[00:00:00.509,155] <inf> ecdh: psa_generate_key failed! (Error: -134)
[00:00:00.509,155] <inf> ecdh: Example exited with error!

    Case2: Add CONFIG_BUILD_WITH_TFM to prj.conf file

    1. Create a ECDH sample copy, build with _ns
    2. Add CONFIG_BUILD_WITH_TFM to prj.conf file
    3. Build, success
    4. Test the program, program runs successfully
      *** Booting nRF Connect SDK v3.5.99-ncs1-1 ***
[00:00:00.446,716] <inf> ecdh: Starting ECDH example...
[00:00:00.446,716] <inf> ecdh: Creating ECDH key pair for Alice
[00:00:00.447,113] <inf> ecdh: ECDH keypair created successfully!
[00:00:00.447,113] <inf> ecdh: Creating ECDH key pair for Bob
[00:00:00.447,479] <inf> ecdh: ECDH keypair created successfully!
[00:00:00.447,479] <inf> ecdh: Export Alice's public key
[00:00:00.471,496] <inf> ecdh: ECDH public key exported successfully!
[00:00:00.471,496] <inf> ecdh: Export Bob's public key
[00:00:00.495,483] <inf> ecdh: ECDH public key exported successfully!
[00:00:00.495,513] <inf> ecdh: Calculating the secret value for Alice
[00:00:00.519,531] <inf> ecdh: ECDH secret calculated successfully!
[00:00:00.519,531] <inf> ecdh: Calculating the secret value for Bob
[00:00:00.543,579] <inf> ecdh: ECDH secret calculated successfully!
[00:00:00.543,579] <inf> ecdh: Comparing the secret values of Alice and Bob
[00:00:00.543,579] <inf> ecdh: The secret values of Alice and Bob match!
[00:00:00.543,792] <inf> ecdh: Example finished successfully!

    Why I see this difference in program execution, please let me know if my setup is wrong?

  • 0 in reply to Jithin A

    Hi Jithin,

    Something is definitely wrong. I cannot reproduce your issue.

    Please check and make sure that you are actually compiling with SDK and toolchain for NCS v2.6.0.

  • 0 in reply to Hieu

    Hi Hieu,

    This is strange. I confirm I am using SDK and toolchain v2.6.0

    Is it possible to you to share your working project?

    I am just creating a sample from MS VS Code NRF extension and build the project without modifying anything and I see the above error.

  • 0 in reply to Jithin A

    Hi Jithin,

    Jithin A said:
    I am just creating a sample from MS VS Code NRF extension and build the project without modifying anything and I see the above error.

    This is also exactly what I did.

    The source code is here: https://github.com/nrfconnect/sdk-nrf/tree/v2.6.0/samples/crypto/ecdh

    Perhaps you might want to use git status to check if your copy of the SDK and toolchain is modified. Or if you prefer, just install the whole SDK again.

Related