Enable ECDH with _ns build

Hi Jithin,

Are there any other relevant logs?

Please try enabling CONFIG_PSA_WANT_ALG_ECDH.

Hieu

Hi Hieu,

Thank you for the reply,

We have now fixed the issue.

The issue is with the config: CONFIG_BUILD_WITH_TFM

Hi Hieu,

Sorry for the late reply

Hieu said:

What nRF Connect SDK version are you working with? If 2.7.0, where is your project located, and how are you building it?

--> I am using SDKv2.6.0, my project is located outside the SDK directory.

I am building the project with VS Code NRF SDK extensions.

Hi Jithin,

Then CONFIG_BUILD_WITH_TFM should be enabled by default. Please check the compiled Kconfig at <build dir>/zephyr/.config. It should be there.

Hi Hieu, 

You are right, I see the CONFIG_BUILD_WITH_TFM macro is enabled in the .config file.

Can you please explain why I get the error -134 even if it is enabled.

Below is my observation,

Case1: without modifying the example

1. Create a ECDH sample copy, build with _ns
2. Build, success
3. Check .config file and I see CONFIG_BUILD_WITH_TFM is enabled
4. Test the program, I get below error

*** Booting nRF Connect SDK v3.5.99-ncs1-1 ***
[00:00:00.509,063] <inf> ecdh: Starting ECDH example...
[00:00:00.509,063] <inf> ecdh: Creating ECDH key pair for Alice
[00:00:00.509,155] <inf> ecdh: psa_generate_key failed! (Error: -134)
[00:00:00.509,155] <inf> ecdh: Example exited with error!

Case2: Add CONFIG_BUILD_WITH_TFM to prj.conf file

1. Create a ECDH sample copy, build with _ns
2. Add CONFIG_BUILD_WITH_TFM to prj.conf file
3. Build, success
4. Test the program, program runs successfully

   *** Booting nRF Connect SDK v3.5.99-ncs1-1 ***
   [00:00:00.446,716] <inf> ecdh: Starting ECDH example...
   [00:00:00.446,716] <inf> ecdh: Creating ECDH key pair for Alice
   [00:00:00.447,113] <inf> ecdh: ECDH keypair created successfully!
   [00:00:00.447,113] <inf> ecdh: Creating ECDH key pair for Bob
   [00:00:00.447,479] <inf> ecdh: ECDH keypair created successfully!
   [00:00:00.447,479] <inf> ecdh: Export Alice's public key
   [00:00:00.471,496] <inf> ecdh: ECDH public key exported successfully!
   [00:00:00.471,496] <inf> ecdh: Export Bob's public key
   [00:00:00.495,483] <inf> ecdh: ECDH public key exported successfully!
   [00:00:00.495,513] <inf> ecdh: Calculating the secret value for Alice
   [00:00:00.519,531] <inf> ecdh: ECDH secret calculated successfully!
   [00:00:00.519,531] <inf> ecdh: Calculating the secret value for Bob
   [00:00:00.543,579] <inf> ecdh: ECDH secret calculated successfully!
   [00:00:00.543,579] <inf> ecdh: Comparing the secret values of Alice and Bob
   [00:00:00.543,579] <inf> ecdh: The secret values of Alice and Bob match!
   [00:00:00.543,792] <inf> ecdh: Example finished successfully!

Why I see this difference in program execution, please let me know if my setup is wrong?

Hi Jithin,

Something is definitely wrong. I cannot reproduce your issue.

Please check and make sure that you are actually compiling with SDK and toolchain for NCS v2.6.0.

Hi Hieu,

This is strange. I confirm I am using SDK and toolchain v2.6.0

Is it possible to you to share your working project?

I am just creating a sample from MS VS Code NRF extension and build the project without modifying anything and I see the above error.

Hi Hieu,

This is strange. I confirm I am using SDK and toolchain v2.6.0

Is it possible to you to share your working project?

I am just creating a sample from MS VS Code NRF extension and build the project without modifying anything and I see the above error.

Hi Jithin,

Jithin A said:

I am just creating a sample from MS VS Code NRF extension and build the project without modifying anything and I see the above error.

This is also exactly what I did.

The source code is here: https://github.com/nrfconnect/sdk-nrf/tree/v2.6.0/samples/crypto/ecdh

Perhaps you might want to use git status to check if your copy of the SDK and toolchain is modified. Or if you prefer, just install the whole SDK again.