Attachments (0)
Nordic Case Info
  • Case ID: 240131
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Crypto Verification Failing Intermittently

RPDben

Hi,

I have an application that verifies a chunk of data and EdDSA Ed25519 signature against a remote public key.

The device application generates a random number, sends it to a PC over USB. The number is sent to a server and the response is then passed back to the device. The application then attempts to verify the response using nrf_crypto_eddsa_verify . This function intermittently fails with the error NRF_ERROR_CRYPTO_ECDSA_INVALID_SIGNATURE . I have verified "by hand" that the data fed into the function is correct and it is.

Has anyone experienced any issues with this module?

Thanks,

Parents
  • 0

    Hi,

    The return value indicates a signature verification failure, so I would not expect you to get this if you have verified that the data and signature is correct

    • Could there be a buffer corruption issue of some sort? Can you try to verify that the input buffers (holding the data and signature) are valid after you check the signature as well to check that? 
    • Do you get the same retult using both the Oberon and CC310 backend, or only using one of the backends?
    • Also, which SDK are you using?
Reply
  • 0

    Hi,

    The return value indicates a signature verification failure, so I would not expect you to get this if you have verified that the data and signature is correct

    • Could there be a buffer corruption issue of some sort? Can you try to verify that the input buffers (holding the data and signature) are valid after you check the signature as well to check that? 
    • Do you get the same retult using both the Oberon and CC310 backend, or only using one of the backends?
    • Also, which SDK are you using?
Children
  • 0 in reply to Einar Thorsrud

    Hi Einar

    • I did check this and they are correct
    • We are only using the CC310 backend
    • SDK 15.2.0, S140 v6.0.0
  • 0 in reply to RPDben

    I see,

    Do you see the same if you switch to the Oberon backend (changing backend in sdk_config.h)? It would be useful to narrow down the problem. Any other obvious difference when it fails and not? Does the size of the data matter or something else? Does the same input data and signature fail always, or does it only fail sometimes?

Terms of service