This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Optiga Trust: Generating and Storing Keys in OPTIGA

Hi,

I am trying to generate unique key(s) for every device and store them in Optiga to sign the messages, among others. After generating the key pairs, I need the private key stored in Key 2 Data Object(0xE0F1).

Here's my code for generating and storing keys:

Fullscreen
1
2
3
4
5
6
7
8
// export private key to host
nrf_crypto_ecc_private_key_t priv_key = {0};
nrf_crypto_ecc_public_key_t pub_key;
priv_key.key_secp256r1.oid = 0xE0F1;
err = nrf_crypto_ecc_key_pair_generate(NULL, &g_nrf_crypto_ecc_secp256r1_curve_info, &priv_key, &pub_key);
DEMO_ERROR_CHECK(err);
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

The only difference from the example code is the addition of priv_key.secp256r1.oid = 0xE0F1.

The function, nrf_crypto_ecc_key_pair_generate is fiving me 0xFFFF error, which is a generic OPTIGA_LIB_ERROR. On digging deeper, I found out that CmdLib_GenerateKeyPair is giving 0x80010007 error, which is an: CMD_LIB_INVALID_TAGLEN error.

Can you please tell me what I am missing here?