nRF91 How to use Google's primary and backup root CA on the modem?

RE: nRF91 How to use Google's primary and backup root CA on the modem?

Jeffrey Urban — Tue, 23 Nov 2021 14:30:41 GMT

I moved the example to a new repo github.com/.../sdk-nrf.

RE: nRF91 How to use Google's primary and backup root CA on the modem?

Jeffrey Urban — Tue, 23 Nov 2021 00:34:55 GMT

I got modem-based certs (also offloaded TLS and JWT calculation) working with Google Cloud IoT Core on my nRF9160-DK dev kit. See this pull request. Instructions are in the README.rst.

RE: nRF91 How to use Google's primary and backup root CA on the modem?

Rokk Research — Fri, 19 Nov 2021 05:26:36 GMT

Hi Jeffery, I'm not familiar with the cred utility, I used modem_key_mgmt_write() programatically.

I used 2 different tags for the certs - i.e., only 2 certs (primary and backup).

RE: nRF91 How to use Google's primary and backup root CA on the modem?

Jeffrey Urban — Fri, 19 Nov 2021 01:29:29 GMT

Hi Rokk Research,

Thanks for confirming that you've gotten it to work. Can you clarify if you've put 3 certs (both of the minimal root CA set certs + the device cert) and the client private key into a single sec_tag?

I converted each of the Google minimal certs like this:

openssl x509 -inform DER -outform PEM -in gtsltsr.crt -out gtsltsr.pem

I programmed the certs using the nRF91 device cred utility:

python3 cred.py \
    --CA_cert gtsltsr.pem \
    --CA_cert GSR4.pem \
    --client_cert my_device-cert.pem \
    --client_private_key my_device-private.pem \
    --sec_tag 202 \
    --program_app <path-to-my-app>/build/zephyr/merged.hex

I'm running the code from the google_iot_mqtt sample, called after the modem comes up. I removed the added globalsign.inc cert from the example code. SNTP is successful. DNS resolve for mqtt.2030.ltsapis.goog:8883 is successful.

If I include both Google minimal CA certs (plus the device cert and key) in one sec_tag, I get `could not connect, error -111`.

If I include only the primary cert `gtsltsr.pem` (plus the device cert and key) in one sec_tag, then I get `MQTT connect failed 5`.

If I create separate sec_tags for each of the minimal certs, and another sec_tag for the device cert + key, and reference all 3 sec_tags, I also get `MQTT connect failed 5`.

Thanks,
Jeffrey

RE: nRF91 How to use Google's primary and backup root CA on the modem?

Rokk Research — Wed, 17 Nov 2021 21:32:03 GMT

I am successfully using Google IoT Core for a project on the nRF91 - I'm using the minimal root CA set described here for mqtt.2030.ltsapis.goog:
https://cloud.google.com/iot/docs/how-tos/mqtt-bridge#downloading_mqtt_server_certificates

I used the modem_key_mgmt_write() method to write the PEM encoded certs during provisioning, then reference the tag list in the TLS config via sec_tag_list.

Note that I had to set TLS_PEER_VERIFY_NONE with modem firmware prior to 1.3.1, I haven't yet tested with MFW1.3.1 to see if I can change it back to TLS_PEER_VERIFY_REQUIRED.

RE: nRF91 How to use Google's primary and backup root CA on the modem?

Jeffrey Urban — Wed, 17 Nov 2021 18:11:15 GMT

Has anyone got modem-based certs (the primary and backup minimal set, or the complete set) working with Google Cloud IoT Core on nRF91 (Asset Tracker v2 or otherwise)? It's unclear from this discussion if anyone was successful. It's also unclear what is the proper converted form, and which sets of certs (device and server) should be combined into separate sec_tags. I've tried several combinations and can't get it working.

I'm also modifying the Asset Tracker v2 example, and using the nRF9160 DK with nRF Connect SDK v1.7.1.

RE: nRF91 How to use Google's primary and backup root CA on the modem?

mike-at-currant — Fri, 22 Oct 2021 15:43:48 GMT

Great news - thanks for the update, it's much appreciated! I did set CONFIG_MBEDTLS_CIPHER_GCM_ENABLED=y in the config, and noticed that TLS_PEER_VERIFY_REQUIRED still didn't work.

We'll set TLS_PEER_VERIFY_NONE until we can update to firmware 1.3.1.

RE: nRF91 How to use Google's primary and backup root CA on the modem?

Didrik Rokhaug — Fri, 22 Oct 2021 08:28:39 GMT

[quote user="mike-at-currant"]I have tried and have been unsuccessful, and was suspecting that the modem firmware doesn't support the TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 cipher suite.[/quote]

Google Cloud recently changed their list of supported cipher suites. As their new list of supported suites aren't supported by our older modem firmware versions, they can no longer be used together with Google Cloud.

However, we have added support for some GCM cipher suites in modem firmware 1.3.1.

RE: nRF91 How to use Google's primary and backup root CA on the modem?

mike-at-currant — Thu, 21 Oct 2021 20:49:44 GMT

Hi there Arpad,

Were you ever able to get the LTS version of Google IoT Core (using mqtt.2030.ltsapis.goog using the primary and backup certs) working with Modem firmware version 1.2.1?

I have tried and have been unsuccessful, and was suspecting that the modem firmware doesn't support the TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 cipher suite.

RE: nRF91 How to use Google's primary and backup root CA on the modem?

PopradiArpad — Fri, 25 Sep 2020 06:20:06 GMT

Hi Didrik,

thank you for your answer and sorry for my late one. I will try it.

Best regards,

Árpád

RE: nRF91 How to use Google's primary and backup root CA on the modem?

Didrik Rokhaug — Thu, 27 Aug 2020 08:58:57 GMT

Hi.

Modem firmware version 1.2.1, which has support for SNI has just been released.

https://www.nordicsemi.com/Software-and-tools/Development-Kits/nRF9160-DK/Download#infotabs

Best regards,

Didrik

RE: nRF91 How to use Google's primary and backup root CA on the modem?

PopradiArpad — Fri, 24 Jul 2020 09:40:21 GMT

Hi Simon,

thank you.

Best regards,

Árpád

RE: nRF91 How to use Google's primary and backup root CA on the modem?

Simon — Thu, 23 Jul 2020 21:40:35 GMT

I talked to a developer and got some insight.

Modem firmware version 1.2.0 does not use SNI, so that may be the cause of the issue. This should be resolved in the next modem firmware release. We'll inform you when it gets released.

Best regards,

Simon

RE: nRF91 How to use Google's primary and backup root CA on the modem?

PopradiArpad — Sat, 18 Jul 2020 06:05:53 GMT

Hi Simon,

thank you for your reply. From that blog code (nRF9160DKtoGoogleCloud.zip) is the

tls_config->peer_verify = TLS_PEER_VERIFY_NONE;

workaround. See the function gcloud.c:gcloud_provision

tls_config.peer_verify = 0;

which is the same.

The defined ROOT_CERT at the begin of the file is wrong. It's a self signed certificate, not the primary or the backup certificate of Google for mqtt.2030.ltsapis.goog:

openssl x509 -in unknown_cert_from_How_to_connect_nRF9160_DK_to_Google_Cloud.pem -text

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            eb:e3:e0:f5:5f:02:0a:a3
        Signature Algorithm: ecdsa-with-SHA256
        Issuer: CN = nrf91-marte
        Validity
            Not Before: Apr  5 11:15:17 2019 GMT
            Not After : Mar  2 11:15:17 4757 GMT
        Subject: CN = nrf91-marte
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub:
                    04:0a:bc:a2:d9:16:1a:7a:1c:a5:d0:31:96:7a:49:
                    75:59:fa:10:16:f5:59:b4:27:65:72:c5:69:8c:ec:
                    31:e5:d6:18:52:08:3b:4d:a1:59:3b:da:49:43:c8:
                    d7:13:6c:d1:00:7c:73:72:14:f6:80:61:0d:79:11:
                    35:4d:8d:aa:2d
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Subject Key Identifier: 
                4B:02:13:B7:DF:90:80:77:6F:34:23:FA:95:42:68:8C:D3:B9:DD:F1
            X509v3 Authority Key Identifier: 
                keyid:4B:02:13:B7:DF:90:80:77:6F:34:23:FA:95:42:68:8C:D3:B9:DD:F1

            X509v3 Basic Constraints: 
                CA:TRUE
    Signature Algorithm: ecdsa-with-SHA256
         30:45:02:20:5d:a4:40:ee:c2:aa:7e:f7:00:d9:b0:05:d8:06:
         03:5c:bf:28:63:a9:39:4e:08:ff:2c:05:2c:4b:bc:b6:b3:94:
         02:21:00:f3:ff:d4:5a:db:4c:46:49:9a:ca:58:21:c3:79:a0:
         b1:81:86:2a:4d:7b:ad:8f:b8:8f:ee:26:19:4c:2f:0e:7c
-----BEGIN CERTIFICATE-----
MIIBdTCCARugAwIBAgIJAOvj4PVfAgqjMAoGCCqGSM49BAMCMBYxFDASBgNVBAMM
C25yZjkxLW1hcnRlMCAXDTE5MDQwNTExMTUxN1oYDzQ3NTcwMzAyMTExNTE3WjAW
MRQwEgYDVQQDDAtucmY5MS1tYXJ0ZTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IA
BAq8otkWGnocpdAxlnpJdVn6EBb1WbQnZXLFaYzsMeXWGFIIO02hWTvaSUPI1xNs
0QB8c3IU9oBhDXkRNU2Nqi2jUDBOMB0GA1UdDgQWBBRLAhO335CAd280I/qVQmiM
07nd8TAfBgNVHSMEGDAWgBRLAhO335CAd280I/qVQmiM07nd8TAMBgNVHRMEBTAD
AQH/MAoGCCqGSM49BAMCA0gAMEUCIF2kQO7Cqn73ANmwBdgGA1y/KGOpOU4I/ywF
LEu8trOUAiEA8//UWttMRkmaylghw3mgsYGGKk17rY+4j+4mGUwvDnw=
-----END CERTIFICATE-----

Look at the Issuer.

In my code I use the primary certificate of Google for mqtt.2030.ltsapis.goog uploaded to the modem together with my public certificate and private key to a definite sec_tag.

The usage is exact of nrf_cloud_transport.c:nct_provision but with my sec_tag and google's hostname:

static int nct_provision(void)
{
	static sec_tag_t sec_tag_list[] = { CONFIG_NRF_CLOUD_SEC_TAG };

	nct.tls_config.peer_verify = 2;
	nct.tls_config.cipher_count = 0;
	nct.tls_config.cipher_list = NULL;
	nct.tls_config.sec_tag_count = ARRAY_SIZE(sec_tag_list);
	nct.tls_config.sec_tag_list = sec_tag_list;
	nct.tls_config.hostname = NRF_CLOUD_HOSTNAME;
}

That should be enough to work, I think, but doesn't.

The only difference what I see is the signature algorithm: nRF Cloud (Amazon IoT) uses sha256WithRSAEncryption, Google's signature for mqtt.2030.ltsapis.goog is an ecdsa-with-SHA256 signature.

Look at the Signature Algorithm property of the following two root CA certificates:

openssl x509 -in nrf_cloud_ca_certificate.pem -text

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            06:6c:9f:cf:99:bf:8c:0a:39:e2:f0:78:8a:43:e6:96:36:5b:ca
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C = US, O = Amazon, CN = Amazon Root CA 1
        Validity
            Not Before: May 26 00:00:00 2015 GMT
            Not After : Jan 17 00:00:00 2038 GMT
        Subject: C = US, O = Amazon, CN = Amazon Root CA 1
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b2:78:80:71:ca:78:d5:e3:71:af:47:80:50:74:
                    7d:6e:d8:d7:88:76:f4:99:68:f7:58:21:60:f9:74:
                    84:01:2f:ac:02:2d:86:d3:a0:43:7a:4e:b2:a4:d0:
                    36:ba:01:be:8d:db:48:c8:07:17:36:4c:f4:ee:88:
                    23:c7:3e:eb:37:f5:b5:19:f8:49:68:b0:de:d7:b9:
                    76:38:1d:61:9e:a4:fe:82:36:a5:e5:4a:56:e4:45:
                    e1:f9:fd:b4:16:fa:74:da:9c:9b:35:39:2f:fa:b0:
                    20:50:06:6c:7a:d0:80:b2:a6:f9:af:ec:47:19:8f:
                    50:38:07:dc:a2:87:39:58:f8:ba:d5:a9:f9:48:67:
                    30:96:ee:94:78:5e:6f:89:a3:51:c0:30:86:66:a1:
                    45:66:ba:54:eb:a3:c3:91:f9:48:dc:ff:d1:e8:30:
                    2d:7d:2d:74:70:35:d7:88:24:f7:9e:c4:59:6e:bb:
                    73:87:17:f2:32:46:28:b8:43:fa:b7:1d:aa:ca:b4:
                    f2:9f:24:0e:2d:4b:f7:71:5c:5e:69:ff:ea:95:02:
                    cb:38:8a:ae:50:38:6f:db:fb:2d:62:1b:c5:c7:1e:
                    54:e1:77:e0:67:c8:0f:9c:87:23:d6:3f:40:20:7f:
                    20:80:c4:80:4c:3e:3b:24:26:8e:04:ae:6c:9a:c8:
                    aa:0d
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Key Usage: critical
                Digital Signature, Certificate Sign, CRL Sign
            X509v3 Subject Key Identifier: 
                84:18:CC:85:34:EC:BC:0C:94:94:2E:08:59:9C:C7:B2:10:4E:0A:08
    Signature Algorithm: sha256WithRSAEncryption
         98:f2:37:5a:41:90:a1:1a:c5:76:51:28:20:36:23:0e:ae:e6:
         28:bb:aa:f8:94:ae:48:a4:30:7f:1b:fc:24:8d:4b:b4:c8:a1:
         97:f6:b6:f1:7a:70:c8:53:93:cc:08:28:e3:98:25:cf:23:a4:
         f9:de:21:d3:7c:85:09:ad:4e:9a:75:3a:c2:0b:6a:89:78:76:
         44:47:18:65:6c:8d:41:8e:3b:7f:9a:cb:f4:b5:a7:50:d7:05:
         2c:37:e8:03:4b:ad:e9:61:a0:02:6e:f5:f2:f0:c5:b2:ed:5b:
         b7:dc:fa:94:5c:77:9e:13:a5:7f:52:ad:95:f2:f8:93:3b:de:
         8b:5c:5b:ca:5a:52:5b:60:af:14:f7:4b:ef:a3:fb:9f:40:95:
         6d:31:54:fc:42:d3:c7:46:1f:23:ad:d9:0f:48:70:9a:d9:75:
         78:71:d1:72:43:34:75:6e:57:59:c2:02:5c:26:60:29:cf:23:
         19:16:8e:88:43:a5:d4:e4:cb:08:fb:23:11:43:e8:43:29:72:
         62:a1:a9:5d:5e:08:d4:90:ae:b8:d8:ce:14:c2:d0:55:f2:86:
         f6:c4:93:43:77:66:61:c0:b9:e8:41:d7:97:78:60:03:6e:4a:
         72:ae:a5:d1:7d:ba:10:9e:86:6c:1b:8a:b9:59:33:f8:eb:c4:
         90:be:f1:b9
-----BEGIN CERTIFICATE-----
MIIDQTCCAimgAwIBAgITBmyfz5m/jAo54vB4ikPmljZbyjANBgkqhkiG9w0BAQsF
ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6
b24gUm9vdCBDQSAxMB4XDTE1MDUyNjAwMDAwMFoXDTM4MDExNzAwMDAwMFowOTEL
MAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEZMBcGA1UEAxMQQW1hem9uIFJv
b3QgQ0EgMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALJ4gHHKeNXj
ca9HgFB0fW7Y14h29Jlo91ghYPl0hAEvrAIthtOgQ3pOsqTQNroBvo3bSMgHFzZM
9O6II8c+6zf1tRn4SWiw3te5djgdYZ6k/oI2peVKVuRF4fn9tBb6dNqcmzU5L/qw
IFAGbHrQgLKm+a/sRxmPUDgH3KKHOVj4utWp+UhnMJbulHheb4mjUcAwhmahRWa6
VOujw5H5SNz/0egwLX0tdHA114gk957EWW67c4cX8jJGKLhD+rcdqsq08p8kDi1L
93FcXmn/6pUCyziKrlA4b9v7LWIbxcceVOF34GfID5yHI9Y/QCB/IIDEgEw+OyQm
jgSubJrIqg0CAwEAAaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC
AYYwHQYDVR0OBBYEFIQYzIU07LwMlJQuCFmcx7IQTgoIMA0GCSqGSIb3DQEBCwUA
A4IBAQCY8jdaQZChGsV2USggNiMOruYou6r4lK5IpDB/G/wkjUu0yKGX9rbxenDI
U5PMCCjjmCXPI6T53iHTfIUJrU6adTrCC2qJeHZERxhlbI1Bjjt/msv0tadQ1wUs
N+gDS63pYaACbvXy8MWy7Vu33PqUXHeeE6V/Uq2V8viTO96LXFvKWlJbYK8U90vv
o/ufQJVtMVT8QtPHRh8jrdkPSHCa2XV4cdFyQzR1bldZwgJcJmApzyMZFo6IQ6XU
5MsI+yMRQ+hDKXJioaldXgjUkK642M4UwtBV8ob2xJNDd2ZhwLnoQdeXeGADbkpy
rqXRfboQnoZsG4q5WTP468SQvvG5
-----END CERTIFICATE-----

openssl x509 -in mqtt_2030_ltsapis_goog_PRIMARY.pem -text

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:f0:f7:9d:59:dd:6e:50:f7:42:73:71:50
        Signature Algorithm: ecdsa-with-SHA256
        Issuer: C = US, O = Google Trust Services LLC, CN = GTS LTSR
        Validity
            Not Before: Nov  1 00:00:42 2018 GMT
            Not After : Nov  1 00:00:42 2042 GMT
        Subject: C = US, O = Google Trust Services LLC, CN = GTS LTSR
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub:
                    04:cd:f1:8c:8e:da:ef:b2:09:0a:19:77:00:24:50:
                    db:f9:73:77:68:91:f5:0b:7e:b0:3a:40:98:05:57:
                    65:cc:b8:43:6d:41:92:06:e4:75:0e:4b:a8:c5:9f:
                    c7:f4:c9:29:55:78:e4:42:c6:a1:72:8c:32:72:46:
                    7f:3a:77:e2:24
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        X509v3 extensions:
            X509v3 Key Usage: critical
                Digital Signature, Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Subject Key Identifier: 
                3E:FE:FF:CC:52:EB:BF:34:3E:3D:F3:40:D0:E4:25:B1:5F:B8:BB:52
    Signature Algorithm: ecdsa-with-SHA256
         30:45:02:21:00:f2:ae:7f:f5:6d:04:7a:86:c3:74:d4:c1:42:
         2a:ed:37:da:13:1a:77:6c:7e:db:8c:20:66:55:72:6e:a5:3f:
         45:02:20:6b:d1:29:82:b6:cb:a4:9a:21:a0:a5:a8:e3:7f:f8:
         05:8a:01:8c:df:81:7d:d3:6d:5b:09:6b:35:31:b2:f4:48
-----BEGIN CERTIFICATE-----
MIIBxTCCAWugAwIBAgINAfD3nVndblD3QnNxUDAKBggqhkjOPQQDAjBEMQswCQYD
VQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExMQzERMA8G
A1UEAxMIR1RTIExUU1IwHhcNMTgxMTAxMDAwMDQyWhcNNDIxMTAxMDAwMDQyWjBE
MQswCQYDVQQGEwJVUzEiMCAGA1UEChMZR29vZ2xlIFRydXN0IFNlcnZpY2VzIExM
QzERMA8GA1UEAxMIR1RTIExUU1IwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATN
8YyO2u+yCQoZdwAkUNv5c3dokfULfrA6QJgFV2XMuENtQZIG5HUOS6jFn8f0ySlV
eORCxqFyjDJyRn86d+Iko0IwQDAOBgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUw
AwEB/zAdBgNVHQ4EFgQUPv7/zFLrvzQ+PfNA0OQlsV+4u1IwCgYIKoZIzj0EAwID
SAAwRQIhAPKuf/VtBHqGw3TUwUIq7TfaExp3bH7bjCBmVXJupT9FAiBr0SmCtsuk
miGgpajjf/gFigGM34F9021bCWs1MbL0SA==
-----END CERTIFICATE-----

Best regards,

Árpád

RE: nRF91 How to use Google's primary and backup root CA on the modem?

Simon — Fri, 17 Jul 2020 23:32:49 GMT

I am currently looking into your questions. In the meanwhile, you should check out this blog, if you haven't seen it already.

Best regards,

Simon

RE: nRF91 How to use Google's primary and backup root CA on the modem?

PopradiArpad — Wed, 15 Jul 2020 08:30:19 GMT

Hi Simon,

update: The different root CAs should come to different sec_tags installed on the modem and that sec_tags must be referenced from the application software. That's clear me now.

But I have a problem when I try to verify the peer in the TLS connection:

struct mqtt_sec_config *tls_config =  &client->transport.tls.config;
tls_config->peer_verify = MQTT_TRANSPORT_SECURE;

results in EOPNOTSUPP 95 (Operation not supported on socket)

When I use

tls_config->peer_verify = TLS_PEER_VERIFY_NONE;

I can connect.

The peer verification works on Amazon with its sha256WithRSAEncryption signature. Google's signature for mqtt.2030.ltsapis.goog is an ecdsa-with-SHA256 signature.

Is that not supported?

Is this a bug in the modem software?

I use the latest one (mfw_nrf9160_1.2.0.zip).

With best regards,

Árpád

RE: nRF91 How to use Google's primary and backup root CA on the modem?

PopradiArpad — Tue, 07 Jul 2020 04:05:21 GMT

Hi Simon,

this is not a big problem for me now: this one is much bigger :)

Best regards,

Árpád

RE: nRF91 How to use Google's primary and backup root CA on the modem?

Simon — Mon, 06 Jul 2020 23:47:06 GMT

Currently, a huge portion of the support team (including many of the experts on nRF9160) is on summer vacation, and you may experience delayed answers. My apologies for that.

I will try to provide you with an answer within this week.

Best regards,

Simon