This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

How to use CURVE25519 for ECDH?

Hi. I'm using nRF52832, SDK13.0.0.

I want to use CURVE25519.

I made my code refering to example "ble_app_multirole_lesc" and "nrf_crypto_keys.h".

NRF_CRYPTO_ECC_PRIVATE_KEY_CREATE(alice_private_key, SECP256R1);
NRF_CRYPTO_ECC_PRIVATE_KEY_CREATE(bob_private_key, SECP256R1);

NRF_CRYPTO_ECC_PUBLIC_KEY_CREATE(alice_public_key, SECP256R1);
NRF_CRYPTO_ECC_PUBLIC_KEY_CREATE(bob_public_key, SECP256R1);

static void alice_step_1()
{
 SEGGER_RTT_printf_log(0, "%s\n", __func__);

    uint32_t ret_val;
    ret_val = nrf_crypto_ecc_key_pair_generate(NRF_CRYPTO_BLE_ECDH_CURVE_INFO, &alice_private_key, &alice_public_key);
    APP_ERROR_CHECK(ret_val);

 SEGGER_RTT_printf_log_Hex(0, "alice_private_key     :", alice_private_key.p_value, alice_private_key.length);
 SEGGER_RTT_printf_log_Hex(0, "alice_public_key      :", alice_public_key.p_value, alice_public_key.length);
}

static void alice_step_2()
{
 SEGGER_RTT_printf_log(0, "%s\n", __func__);

    ret_code_t                                       err_code = NRF_SUCCESS;

 err_code = nrf_crypto_ecdh_shared_secret_compute(NRF_CRYPTO_BLE_ECDH_CURVE_INFO,
             &alice_private_key,
             &bob_public_key,
             &m_dh_key);
 APP_ERROR_CHECK(err_code);

 SEGGER_RTT_printf_log_Hex(0, "alice's m_dh_key :", m_dh_key.p_value, m_dh_key.length);
}

void bob_step_1()
{
 SEGGER_RTT_printf_log(0, "%s\n", __func__);

    uint32_t ret_val;
    ret_val = nrf_crypto_ecc_key_pair_generate(NRF_CRYPTO_BLE_ECDH_CURVE_INFO, &bob_private_key, &bob_public_key);
    APP_ERROR_CHECK(ret_val);

 SEGGER_RTT_printf_log_Hex(0, "bob_private_key     : ", bob_private_key.p_value, bob_private_key.length);
 SEGGER_RTT_printf_log_Hex(0, "bob_public_key      : ", bob_public_key.p_value, bob_public_key.length);
}

void bob_step_2()
{
 SEGGER_RTT_printf_log(0, "%s\n", __func__);

    ret_code_t                                       err_code = NRF_SUCCESS;
 err_code = nrf_crypto_ecdh_shared_secret_compute(NRF_CRYPTO_BLE_ECDH_CURVE_INFO,
             &bob_private_key,
             &alice_public_key,
             &m_dh_key);
 APP_ERROR_CHECK(err_code);

 SEGGER_RTT_printf_log_Hex(0, "bob's m_dh_key :", m_dh_key.p_value, m_dh_key.length);
}

unsigned int secure_test(void)
{
    alice_step_1();  // Alice sends her public key to Bob
    bob_step_1();    // Bob generates new key pair and sends his public key to Alice
    alice_step_2();  // Alice receives Bob's public key and computes shared secret
    bob_step_2();    // Bob receives Alice's public key and computes shared secret

 return 0;
}

I can see it works very well. Alice's m_dh_key and Bob's m_dh_key are same.

My goal is "using CURVE25519"

So I modified my code and "nrf_crypto_keys.h".

#define NRF_CRYPTO_BLE_ECDH_CURVE_INFO (nrf_crypto_curve_info_t)    \
{                                                                   \
    .curve_type = NRF_CRYPTO_CURVE_CURVE25519,                       \
    .endian_type = NRF_CRYPTO_ENDIAN_LE                             \
}

NRF_CRYPTO_ECC_PRIVATE_KEY_CREATE(alice_private_key, CURVE25519);
NRF_CRYPTO_ECC_PRIVATE_KEY_CREATE(bob_private_key, CURVE25519);

NRF_CRYPTO_ECC_PUBLIC_KEY_CREATE(alice_public_key, CURVE25519);
NRF_CRYPTO_ECC_PUBLIC_KEY_CREATE(bob_public_key, CURVE25519);

But it makes error a lot.

The information in "nrf_crypto_keys.h" says as below.

 * @param[in]   type    Curve type. Either SECP192R1, SECP224R1, SECP256R1, SECP384R1,
 *                      SECP521R1, SECP192K1, SECP224K1, or SECP256K1.

There is no information for CURVE25519.

How can I use CURVE25519?

I need your help.

Related