nRF54L15 - Fail to provision ED25519 keys in to the KMU (nrfutil)

Hi Daniyal,

Checking this internally and will keep you updated.

Please expect a slight delay as it's the summer vacation here in Norway .

Thank you for understanding.

-Priyanka

1. the --size parameter must be 255, the ED25519 key pairs length are actually 256 bit, when we give 256 the provisioning fails, I guess somewhere the microcode checks for this, not sure if this is a issue or not just mentioning it here as information.

ed25519 keys in PSA are 255-bit: https://arm-software.github.io/psa-api/crypto/1.2/api/keys/types.html

2. the --cracen_usage parameter supposed to support both the "ENCRYPTED" and "RAW" based on the info provided by Nordic, however, the provisioning only works with the "RAW" option (--size 255). We kept other parameters same as above.

What error do you get when trying to provision with the ENCRYPTED option? Could be an issue with the script, but it is supported in the KMU.

-Priyanka

Hi Priyanka,

Thanks for the quick follow up and the information regarding the key bit size.

As for the error message, it's not very informative, we get the generic message same as the issue reported in the other ticket I mentioned:

"Failed to provision keys on "1050XXXXXX", Device error: Keys [123] failed provisioning."

Kind regards,

Daniyal