Making the RSA keypair persist.

Hi,

I am using the RSA sample code and I need to make the key persist. When I try to change the lifetime attribute to PSA_KEY_LIFETIME_PERSISTENT, the key generation fails.

I am using nRF52840 dev kit.

int generate_rsa_keypair(void)

{

psa_status_t status;

size_t olen;

LOG_INF("Generating random RSA keypair...");

/* Configure the key attributes */

psa_key_attributes_t key_attributes = PSA_KEY_ATTRIBUTES_INIT;

/* Configure the key attributes */

psa_set_key_usage_flags(&key_attributes, PSA_KEY_USAGE_SIGN_HASH);

psa_set_key_lifetime(&key_attributes, PSA_KEY_LIFETIME_VOLATILE);

psa_set_key_algorithm(&key_attributes, PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256));

psa_set_key_type(&key_attributes, PSA_KEY_TYPE_RSA_KEY_PAIR);

psa_set_key_bits(&key_attributes, KEY_SIZE);

/* Generate a random keypair. The keypair is not exposed to the application,

* we can use it to signing/verification the key handle.

status = psa_generate_key(&key_attributes, &keypair_handle);

if (status != PSA_SUCCESS) {

LOG_INF("psa_generate_key failed! (Error: %d)", status);

return APP_ERROR;

}

rsa: psa_generate_key failed! (Error: -134)

Any idea what else needs to be done so the key pair could persist during reboots?

Thanks!

Top Replies

Amanda Hsieh over 4 years ago +1

Hi, There are two reasons that this fails if you just change the lifetime flag from volatile to persistent. The persistent keys requires to set a key id for the key, with the psa_set_key_id function…

0 imtiz_ahmed over 4 years ago

[deleted]
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Amanda Hsieh over 4 years ago

Hi,

I am looking into your case and will reply later.

Regards,
Amanda
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 imtiz_ahmed over 4 years ago in reply to imtiz_ahmed

Okay so if the key pair needs to be exported, changing this line:

psa_set_key_usage_flags(&key_attributes, PSA_KEY_USAGE_SIGN_HASH);

to this

psa_set_key_usage_flags(&key_attributes, PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT);

and then using psa_export_key to export the keypair and using psa_import_key to import does the trick.

But that means i need to save the keypair on flash. Is this a good idea? Ideally PSA_KEY_LIFETIME_PERSISTENT should work so the private key is never exposed. But where would PSA_KEY_LIFETIME_PERSISTENT actually store the key?
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 imtiz_ahmed over 4 years ago

Okay so if the key pair needs to be exported, changing this line:

psa_set_key_usage_flags(&key_attributes, PSA_KEY_USAGE_SIGN_HASH);

to this

psa_set_key_usage_flags(&key_attributes, PSA_KEY_USAGE_SIGN_HASH | PSA_KEY_USAGE_EXPORT);

and then using psa_export_key to export the keypair and using psa_import_key to import does the trick.

But that means i need to save the keypair on flash. Is this a good idea? Ideally PSA_KEY_LIFETIME_PERSISTENT should work so the private key is never exposed. But where would PSA_KEY_LIFETIME_PERSISTENT actually store the key?
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Amanda Hsieh over 4 years ago
Hi,

There are two reasons that this fails if you just change the lifetime flag from volatile to persistent. The persistent keys requires to set a key id for the key, with the psa_set_key_id function. The second reason is that you have to enable for the persistent key storage support in Kconfig. In the case of nRF52840 these options need to be added:

CONFIG_MBEDTLS_PSA_CRYPTO_STORAGE_C=y CONFIG_PSA_NATIVE_ITS=y # Note that NVS is only one of the options to enable persistent storage of keys # using the settings subsystem. CONFIG_FLASH=y CONFIG_FLASH_PAGE_LAYOUT=y CONFIG_FLASH_MAP=y CONFIG_NVS=y CONFIG_SETTINGS=y

Note that these configurations are documented in our persistent_key_storage sample.

Now to avoid misunderstandings, please be clear that in the case of nRF52840 the keys will anyway be stored in flash and they will not be protected. The comments in the sample which describe that "the key will not be exposed to the application" are relevant only for TF-M enabled devices (namely nRF5340, nRF9160). The nRF52840 has only the ability to store one symmetric key which will be hidden from the application after being flashed. This is the device root key and is documented here:

https://developer.nordicsemi.com/nRF_Connect_SDK/doc/latest/nrf/libraries/others/hw_unique_key.html?highlight=kdr#functionality
Cancel
Vote Up +1 Vote Down

Sign in to reply

Verify Answer

Cancel