Mbedtls on imxrt1176 : ECDH error with curve secp521r1

emilianocarnati · ‎04-06-2021

Hi,
I'm working on an mimx1170-evk and I'm currently facing an issue with ECDH.

In mbedtls configuration file (ksdk_mbedtls.config.h) I've enabled the curve secp521r1 (#define MBEDTLS_ECP_DP_SECP521R1_ENABLED) and with this curve I get an error when I call the function "mbedtls_ecdh_calc_secret".

This error doesn't happen with the other curves and if I remove the CAAM acceleration (remove CRYPTO_USE_CAAM from project defines) everything works fine. From what I can see, with this curve there is an error in the computation of the public key.

Have you never seen this?
Is there any known limit about the usage of secp521r1 curve?

Thanks
Emiliano

victorjimenez · ‎04-23-2021

Hello Emiliano,

Thanks for your patience with this thread. This issue was captured during the MbedTLS update to version 2.26.0. It's caused by a missing A parameter in our ECP alt implementation. The fix will be included in future releases of the SDK.

Regards,
Victor

View solution in original post

emilianocarnati · ‎04-26-2021

Thank you so much!

victorjimenez · ‎04-08-2021

Hello Emiliano,

I'm checking this internally, I will provide you an update as soon as possible.

Regards,
Victor

victorjimenez · ‎04-23-2021

Hello Emiliano,

Thanks for your patience with this thread. This issue was captured during the MbedTLS update to version 2.26.0. It's caused by a missing A parameter in our ECP alt implementation. The fix will be included in future releases of the SDK.

Regards,
Victor