It seems that when I call nrf_inbuilt_key_exists() to determine if a certificate already exists, it causes a subsequent nrf_inbuilt_key_write() call to either fail or succeed silently.
I have code like this:
int err = nrf_inbuilt_key_exists(sec_tag, NRF_KEY_MGMT_CRED_TYPE_CA_CHAIN, &exists, NULL);
LOG_INF("ca strlen = %d, err = %d, exists = %d", strlen(ca), err, exists);
if((NRF_ENOENT == err) || ((0 == err) && !exists)) {
ERROR_RETURN(nrf_inbuilt_key_write(sec_tag, NRF_KEY_MGMT_CRED_TYPE_CA_CHAIN, ca, strlen(ca)));
}
which, when first called, yields
ca strlen = 1188, err = 2, exists = 0
but the next call to nrf_inbuilt_key_write() gives
nrf_inbuilt_key_write(sec_tag, NRF_KEY_MGMT_CRED_TYPE_CA_CHAIN, ca, strlen(ca)) => 105
which is ENOBUFS.
If I call the code above again without restarting the module, the nrf_inbuilt_key_write() call succeeds without error, but the certificate is NOT written:
AT%CMNG=1
OK
However, if I follow the example code and simply delete the key unconditionally and then call nrf_inbuilt_key_write(), the write succeeds and the certificate is stored correctly.
What's going on here?
