• State Verified Answer
  • Replies 9 replies
  • Subscribers 66 subscribers
  • Views 2238 views
  • Users 0 members are here
Attachments (1) Download All
Nordic Case Info
  • Case ID: 301518
Options

RSA example fails on psa_sign_hash returning -133

TBing

I have one problem report and some related questions:

Problem report:

When executing the RSA sampe provided with SDK 2.1.0 on the nRD5340DK board the psa_sign_hash function fails with -133 (PSA_ERROR_NOT_PERMITTED). 

The explanation PSA_ERROR_NOT_PERMITTED informs me that a policy is preventing the operation. But as I am using a unmodified sample code. I cannot see which policy change I should have caused. Can you help finding the cause of this behavior?

Questions:

1) I have a requirement to implement RSA OAEP(SHA1) public key encryption using 3072 bit keys. The CryptoCell on the nRF5340 has a upper limit of 2048 bit keys. The question is, how can I implement the required encryption operation? Is using mbed_tsl directly an option or is the 2048 bit key limit also imposed on this API?

2) When attempting to do RSA OAEP(SHA1) using a supposedly supported 2048 bit key, this fails with return code -147 (PSA_ERROR_HARDWARE_FAILURE). There are no sample code performing RSA public key encryption using the CryptoCell, is this operation not supported?

  • 0

    Hi,

    Checking with our developers, it seems that our PSA Crypto API does not yet support 2048 bit keys.

    Instead, I suggest that you use the mbedtls API directly.
    I think the API you look for is https://github.com/nrfconnect/sdk-mbedtls/blob/main/library/psa_crypto_rsa.h.

    Regards,
    Sigurd Hellesvik

  • 0 in reply to Sigurd Hellesvik

    Hi Sigurd

    Thanks for your effort!

    Using the mbed_tsl API does works for RSA 3072 bit encryption.

    I think that you should make tickets on the found problems:

     - RSA signing sample included in SDK does not work.

     - PSA cannot be used for RSA encryption (I could not make it work even for 1024 bit keys)

    I have added my mbed_tsl code for other with similar problems:

    // Output size must be == keysize == keysizeBits / 8
bool mbedTslTest(const uint8_t *input, size_t input_len, uint8_t *output) {
  mbedtls_rsa_context rsa;

  /* Initialize RSA Context */
  mbedtls_rsa_init(&rsa);

  int ret = mbedtls_rsa_set_padding(&rsa, MBEDTLS_RSA_PKCS_V21, MBEDTLS_MD_SHA1);
  if (ret) {
    LOG_INF("failed! to confuigure padding: -%04x", -ret);
    return (ret);
  }

  ret = mbedtls_rsa_import_raw(&rsa,
                               &RSA_N_3072[0], sizeof(RSA_N_3072),
                               NULL, 0,
                               NULL, 0,
                               NULL, 0,
                               &RSA_E_3072[0], sizeof(RSA_E_3072));
  
  if (ret) {
    LOG_INF("failed! mbedtls_rsa_import_raw: -%04x", -ret);
    return (ret);
  }

  ret = mbedtls_rsa_complete(&rsa);
  if (ret) {
    LOG_INF("failed! mbedtls_rsa_complete: -%04x", -ret);
    return (ret);
  }

  ret = mbedtls_rsa_rsaes_oaep_encrypt(&rsa, mbedtls_random, NULL, NULL, 0, input_len, input, output);
  if (ret) {
    LOG_INF("failed! mbedtls_rsa_rsaes_oaep_encrypt: -%04x", -ret);
    return false;
  }

  LOG_INF("Success");

  return true;
}

    PSA can be use as RNG:

    int mbedtls_random( void *p_rng, unsigned char *output,
                             size_t outputLen ){
  psa_status_t status = psa_generate_random(output, outputLen);
  if (status != PSA_SUCCESS) {
    LOG_ERR("psa_generate_random failed! (Error: %d)", outputLen);
    return -1;
  }

  return 0;
}
     

    Regards Tonny

  • 0 in reply to TBing

    Tony,

    I ran into PSA_ERROR_NOT_SUPPORT (-134)  error when trying to use RSA decryption with a 2048 bit key.  I traced down the error to the mbedtls_psa_rsa_export_key() function being conditionally compiled to a hard coded failure.  I added the following statements to my prj.conf file and now I am working.  Caveat: I am using an older version of the SDK (v1.7) - so YMMV.

    CONFIG_MBEDTLS_RSA_C=y
    CONFIG_MBEDTLS_PK_WRITE_C=y

  • 0 in reply to johntaylor2

    Hi John

    Thanks for the information!

    I think you are correct that a lot might have changed in the SDK around PSA (and mbed_tsl integration).

    Fortunately I was able to use the mbed_tsl API directly, but spend quite some time realizing that.

    In SDK 2.1.1 the unmodified "RSA" sample that uses PSA does not work (even on the nRF5340DK board). So I will stick with the mbed_tsl API for now.

Related