Hi Team,
While we are testing provisioning private keys (secp256r1) into the KMU via nrfutil we came across few issues which are recorded in the other ticket we opened, after some more testing we ran in to some additional issues with the provisioning parameters when we were testing with the ED25519 algorithm based keys:
1. the --size parameter must be 255, the ED25519 key pairs length are actually 256 bit, when we give 256 the provisioning fails, I guess somewhere the microcode checks for this, not sure if this is a issue or not just mentioning it here as information.
2. the --cracen_usage parameter supposed to support both the "ENCRYPTED" and "RAW" based on the info provided by Nordic, however, the provisioning only works with the "RAW" option (--size 255). We kept other parameters same as above.
Kind regards,
Daniyal