hello . i tested the sample for the persistance key it worked with the AES key . But when i tried with the EDDSA key i received that error psa_generate_key failed! (Error: -134).
############### main.c ################
#define SAMPLE_PERS_KEY_ID PSA_KEY_ID_USER_MIN
int generate_eddsa_keypair(void)
{
psa_status_t status;
LOG_INF("Generating random EDDSA keypair...");
/* Configure the key attributes */
psa_key_attributes_t key_attributes = PSA_KEY_ATTRIBUTES_INIT;
/* Configure the key attributes */
psa_set_key_usage_flags(&key_attributes, PSA_KEY_USAGE_SIGN_MESSAGE);
psa_set_key_algorithm(&key_attributes, PSA_ALG_PURE_EDDSA);
psa_set_key_type(&key_attributes,
PSA_KEY_TYPE_ECC_KEY_PAIR(PSA_ECC_FAMILY_TWISTED_EDWARDS));
psa_set_key_bits(&key_attributes, 255);
/* Persistent key specific settings */
psa_set_key_lifetime(&key_attributes, PSA_KEY_LIFETIME_PERSISTENT);
psa_set_key_id(&key_attributes, SAMPLE_PERS_KEY_ID);
/* Generate a random keypair. The keypair is not exposed to the application,
* we can use it to sign messages.
*/
status = psa_generate_key(&key_attributes, &m_key_pair_id);
if (status != PSA_SUCCESS) {
LOG_INF("psa_generate_key failed! (Error: %d)", status);
return APP_ERROR;
}
/* Export the public key */
status = psa_export_public_key(m_key_pair_id,
m_pub_key, sizeof(m_pub_key),
&m_pub_key_len);
if (status != PSA_SUCCESS) {
LOG_INF("psa_export_public_key failed! (Error: %d)", status);
return APP_ERROR;
}
PRINT_HEX("Public-key", m_pub_key, m_pub_key_len);
/* Make sure the key is not in memory anymore, has the same affect then resetting the device
*/
status = psa_purge_key(m_key_pair_id);
if (status != PSA_SUCCESS) {
LOG_INF("psa_purge_key failed! (Error: %d)", status);
return APP_ERROR;
}
/* Reset key attributes and free any allocated resources. */
psa_reset_key_attributes(&key_attributes);
return APP_SUCCESS;
}
############# prj.conf ################
#
# Copyright (c) 2024 Nordic Semiconductor ASA
#
# SPDX-License-Identifier: LicenseRef-Nordic-5-Clause
#
# The Zephyr CMSIS emulation assumes that ticks are ms, currently
CONFIG_SYS_CLOCK_TICKS_PER_SEC=1000
CONFIG_MAIN_STACK_SIZE=4096
CONFIG_HEAP_MEM_POOL_SIZE=4096
CONFIG_REBOOT=y
# Enable logging
CONFIG_CONSOLE=y
CONFIG_LOG=y
# Enable nordic security backend and PSA APIs
CONFIG_NRF_SECURITY=y
CONFIG_MBEDTLS_PSA_CRYPTO_C=y
# Enable persistent storage APIs
CONFIG_MBEDTLS_PSA_CRYPTO_STORAGE_C=y
CONFIG_MBEDTLS_ENABLE_HEAP=y
CONFIG_MBEDTLS_HEAP_SIZE=8192
CONFIG_PSA_WANT_KEY_TYPE_AES=y
CONFIG_PSA_WANT_ALG_CTR=y
CONFIG_PSA_WANT_GENERATE_RANDOM=y
CONFIG_TFM_ITS_ENCRYPTED=y
#EDDSA
CONFIG_PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_GENERATE=y
CONFIG_PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_IMPORT=y
CONFIG_PSA_WANT_KEY_TYPE_ECC_KEY_PAIR_EXPORT=y
CONFIG_PSA_WANT_ECC_TWISTED_EDWARDS_255=y
CONFIG_PSA_WANT_ALG_SHA_512=y
CONFIG_PSA_WANT_ALG_PURE_EDDSA=y
