Hi, im trying to implement hardware accelerated symmetric encyption for bluetooth communication between nrf52840dk and a mobile app. Both the
mobile app and nrf52840k will have the secret. Salt (public key) is generated randomly and sent unencrypted to the mobile app.
The secret and salt are used to derive the session key which will be used for encryption and decryption on both devices.
I first tried the key derivation api like this:
#define N_CRYPTO_AES_CCM_TAG_LENGTH (8)
#define AES_CCM_ALG_WITH_SHORT_TAG PSA_ALG_AEAD_WITH_SHORTENED_TAG(PSA_ALG_CCM, N_CRYPTO_AES_CCM_TAG_LENGTH)
.....
psa_key_derivation_operation_t operation = PSA_KEY_DERIVATION_OPERATION_INIT;
psa_algorithm_t kdf_alg = PSA_ALG_HKDF(PSA_ALG_SHA_256); // Example: using HKDF with SHA-256
psa_key_derivation_setup(&operation, kdf_alg);
psa_key_derivation_input_bytes(&operation, PSA_KEY_DERIVATION_INPUT_SALT, salt_buffer, KEY_SIZE_BYTES);
psa_key_derivation_input_key(&operation, PSA_KEY_DERIVATION_INPUT_SECRET, secret_key_id);
psa_key_attributes_t key_attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_set_key_usage_flags(&key_attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT);
psa_set_key_lifetime(&key_attributes, PSA_KEY_LIFETIME_VOLATILE);
psa_set_key_algorithm(&key_attributes, AES_CCM_ALG_WITH_SHORT_TAG);
psa_set_key_type(&key_attributes, PSA_KEY_TYPE_AES);
psa_set_key_bits(&key_attributes, KEY_SIZE_BITS);
status = psa_key_derivation_output_key(&key_attributes, &operation, &session_key_id);
if (status != PSA_SUCCESS)
{
LOG_INF("Failed to derive session key! (Error: %d)", status);
return status;
}
psa_key_derivation_abort(&operation);
Got the error PSA_ERROR_NOT_SUPPORTED ((psa_status_t)-134). When i looked into it it seems that CryptoCell does not support
key derivagtion. Is this correct?
docs.nordicsemi.com/.../driver_config.html under Key Derivation Function driver configurations
Then i tried to just XOR the secret and salt to derive the key and import the key with psa import and use that key id
for encryption.
uint8_t session_key[KEY_SIZE_BYTES];
// XOR secret with salt to derive session key
for (size_t i = 0; i < KEY_SIZE_BYTES; i++) {
session_key[i] = secret[i] ^ salt_buffer[i];
}
// Import generated session key to keystore
psa_key_attributes_t key_attributes = PSA_KEY_ATTRIBUTES_INIT;
psa_set_key_type(&key_attributes, PSA_KEY_USAGE_ENCRYPT | PSA_KEY_USAGE_DECRYPT);
psa_set_key_lifetime(&key_attributes, PSA_KEY_LIFETIME_VOLATILE);
psa_set_key_algorithm(&key_attributes, AES_CCM_ALG_WITH_SHORT_TAG);
psa_set_key_type(&key_attributes, PSA_KEY_TYPE_AES);
psa_set_key_bits(&key_attributes, KEY_SIZE_BITS);
status = psa_import_key(&key_attributes, session_key, sizeof(session_key), &session_key_id);
psa_reset_key_attributes(&key_attributes);
if (status != PSA_SUCCESS) {
LOG_INF("Failed to import session key! (Error: %d)", status);
return status;
}
The import was successful but when i try to use the key to encrypt i get error
1. With AES-CCM is symmetric encryption is it even necessary to create session key like this or should I just
encrypt/decrypt directly with secret?
2. Is there already existing solution in nrf sdk for this that I may have missed? some preshared - key example?
3. If I enable both oberon and cryptocell is it possible to use oberon for key derivation only and use cryptocell
for hardware accelerated encryption/decryption of communication packets?
4. Should I use nrfcrypto library instead of psa?
