Optiga Trust: Generating and Storing Keys in OPTIGA

Question

Hi, 
 
 I am trying to generate unique key(s) for every device and store them in Optiga to sign the messages, among others. After generating the key pairs, I need the private key stored in Key 2 Data Object(0xE0F1). 
 
 Here's my code for generating and storing keys: 
 // export private key to host
 nrf_crypto_ecc_private_key_t priv_key = {0};
 nrf_crypto_ecc_public_key_t pub_key;

 priv_key.key_secp256r1.oid = 0xE0F1;
 
 err = nrf_crypto_ecc_key_pair_generate(NULL, &g_nrf_crypto_ecc_secp256r1_curve_info, &priv_key, &pub_key);
 DEMO_ERROR_CHECK(err); 
 The only difference from the example code is the addition of priv_key.secp256r1.oid = 0xE0F1. 
 
 The function, nrf_crypto_ecc_key_pair_generate is fiving me 0xFFFF error, which is a generic OPTIGA_LIB_ERROR . On digging deeper, I found out that CmdLib_GenerateKeyPair is giving 0x80010007 error, which is an: CMD_LIB_INVALID_TAGLEN error. 
 
 Can you please tell me what I am missing here?

Marjeris Romero · Accepted Answer

Hi, 
 This library is supported by Infinion so if you struggle further with this I recommend you get in touch with Infineon support. For more information about what the error code from CmdLib_GenerateKeyPair() in the Optiga library means please get in touch with them. It looks like there is something wrong with the way you are supplying the keys, but I don't know what you could be doing wrong. Perhaps you can take a look at the example test code which includes changing the OID in the nRF5 SDK and compare your code with it: examples/crypto/nrf_crypto/test_app/test_cases/test_ecdh.c 
 Best regards, 
 Marjeris

Optiga Trust: Generating and Storing Keys in OPTIGA

Top Replies