• State Verified Answer
  • Replies 4 replies
  • Subscribers 75 subscribers
  • Views 1072 views
  • Users 0 members are here
Attachments (0)
Nordic Case Info
  • Case ID: 273407
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

nrf91 Ciphers

Aziz

Hello,

What are all the supported cipher suites for the nrf9160? Per your documentation, it seems AES 128 is supported but not AES 256. But, based on some testing with slightly modifying the https example, I was able to verify that AES-256 was used for the test session. Can you confirm your supported ciphers as well as what type/length of private keys (ex - 4096 bit..etc.) are permitted?

Thanks.

Parents
  • 0

    Hello again Aziz,

    In general, the modem does not prevent any private keys. You can use the Credential storage management %CMNG AT command to write, read and delete private keys.

    When opening a TLS connection, the appropriate type/tag pair(s) is used in the TLS attach procedure and TLS negotiation with the server.

    Example:

    AT%CMNG=0,100,2,"put private key data here"

    The client writes a private key to the modem (<type> is 2, private key in ASCII format, <sec_tag> is 100, can be any wanted). This sec tag and private key can then be used for negotiation in TLS attach procedure.

    Max length of key/cert data that can be written to memory is about ~8k (contains some header info so actual cert/key data cannot be full 8k).

    I hope I could answer your question.

    Regards,

    Markus

Reply
  • 0

    Hello again Aziz,

    In general, the modem does not prevent any private keys. You can use the Credential storage management %CMNG AT command to write, read and delete private keys.

    When opening a TLS connection, the appropriate type/tag pair(s) is used in the TLS attach procedure and TLS negotiation with the server.

    Example:

    AT%CMNG=0,100,2,"put private key data here"

    The client writes a private key to the modem (<type> is 2, private key in ASCII format, <sec_tag> is 100, can be any wanted). This sec tag and private key can then be used for negotiation in TLS attach procedure.

    Max length of key/cert data that can be written to memory is about ~8k (contains some header info so actual cert/key data cannot be full 8k).

    I hope I could answer your question.

    Regards,

    Markus

Children
No Data
Related
Terms of service