Attachments (4) Download All
Nordic Case Info
  • Case ID: 260765
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

Trying to implement ECDH key exchange using tinycrypt but the random num gen keeps crashing

sethu

Hello, 

I have been trying to implement the Elliptic-curve Diffie–Hellman key exchange using tiny crypt.

As per the API, a random number generator function needs to be passed to create the public and private keys. The random gen function is passed using the setter function uECC_set_rng, I was able to pass the random gen function as a parameter to that function, and further when I call the  uECC_make_key and when that function, in turn calls the random gen function for its purpose, the program crashes and reboots. The code has been sown below: 

Fullscreen
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
static int random_gen(uint8_t *dest, unsigned size);
void main(void)
{
int rc;
uint8_t pk[64];
uint8_t private_key[32];
uint8_t buffer[10];
uECC_set_rng(&random_gen);
rc = uECC_make_key(pk, private_key, &curve_secp256r1);
if(!rc){
printk("Failed\n");
}
else{
printk("Success\n");
}
return ;
}
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
The program crashes at the sys_csrand_get function, I tried replacing this function and implementing something similar to the entropy example to generate a random number but with the same result.
Any help would be appreciated.
cheers.
Parents
  • 0

    Hello,

    Sorry for the delayed response. Is there any chance you could share relevant project configuration settings as well? It would be helpful if I could compile and debug this here.

    Thanks,

    Vidar

  • 0 in reply to Vidar Berg

    Hey, 

    No problem, Please find attached the project file. I have attached two projects, one is the project that implements ECDH using Tinycrypt and the other using mbedtls library, both have similar problems, they crash out at some point due to the random number generator. If you could help with getting either one of them to work, it would be great. The mbedtls project is based on an ECDH sample that was provided in their Github. I'm using the latest SDK v1.4.0 with the latest nRF command-line tools with the nRF52840-DK board.

    Thanks for your time.

    .Tinycrypt-ECDH-sample.zip

    crypto.zip

  • 0 in reply to sethu

    Hi,

    Thanks for sharing your projects! Unfortunately, I have not been able to identify the problem yet.  I have to admit that I'm a bit new to the crypto implementation in this SDK, and this took a bit more time to figure out than what I had anticipated. I'll ask my colleagues for some assistance and get back to you.

    Also, as you may have seen, mbedtls enables HW accellerated crypto if you select the Cryptocell cc310 backend. So it's likely a better choice than tinycrypt, assuming performance is a factor.

    Our "Nordic Security module" documentation for reference:

    https://developer.nordicsemi.com/nRF_Connect_SDK/doc/latest/nrfxlib/nrf_security/README.html#nordic-security-module

  • 0 in reply to Vidar Berg

    Hey, 

    Thank you for letting me know. I can wait for the answer.

    I have added cryptocell support to the project.

    Cheers.

Reply Children
  • +1 in reply to sethu

    Hi,

    Thanks for your patience. I finally have a working example I can share, please see attached below.

    I used the \tests\crypto\ project from the nrf repo along with this example I found on Github (link) as a reference when I implement this demo sample. But as I indicated earlier, I'm not an expert on this topic, so please keep that in mind when you review the code.  The github example did for instance include some additional steps which I'm not really sure if are needed or not.

    ECDH with mbedtls  (tested with NCS v1.4.0)

    mbedtls_ecdh.zip  

    Cheers,

    Vidar

    Update: I made a new version that uses the entropy driver as the entropy source.

    mbedtls_ecdh_with_entropy_driver.zip

Terms of service