FAQs
English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

RFC5869 standard HKDF on Edgelock secure subsystem

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED
Jump to solution

RFC5869 standard HKDF on Edgelock secure subsystem

Jump to solution
2 weeks ago
893 Views
YosukeW
Contributor II

Hello,

I have one question about HKDF feature.
MCXN SRM shows that this supports RFC5869 but requires specific input data format:
"For RFC5869 compliance, the derivation data SW_DRV_DATA[255:0] must be composed as {label[247:0],
counter[7:0]} from the RFC5869 standard."
Actually RFC5869 requires 2 steps: Extract and Expand. And these steps require different inputs.
But,  the above input data required by ELS seems compliant with Expand phase only. 
Can we pass salt (measurement data) and label with IKM and let ELS do the 2 steps as defined in RFC5869 ?
Or is it processed by ELS in different manner ?

Thank you and Best regards, Yosuke

Labels (2)
0 Kudos
Reply
1 Solution

Jump to solution
a week ago
806 Views
Celeste_Liu
NXP Employee
NXP Employee

Hello @YosukeW ,

Thanks for your patience.

No, on MCX N23x/Nx4x ELS, the RFC5869-mode HKDF command does not expose separate Extract and Expand inputs , and the documentation describes the RFC5869 path as a single HMAC operation using a 256-bit derivation-data field . So you cannot pass salt plus IKM plus label and expect ELS to perform the full RFC5869 Extract then Expand sequence internally in the way RFC5869 defines it.

Hope it helps.

BR

Celeste

View solution in original post

0 Kudos
Reply
4 Replies

Jump to solution
a week ago
807 Views
Celeste_Liu
NXP Employee
NXP Employee

Hello @YosukeW ,

Thanks for your patience.

No, on MCX N23x/Nx4x ELS, the RFC5869-mode HKDF command does not expose separate Extract and Expand inputs , and the documentation describes the RFC5869 path as a single HMAC operation using a 256-bit derivation-data field . So you cannot pass salt plus IKM plus label and expect ELS to perform the full RFC5869 Extract then Expand sequence internally in the way RFC5869 defines it.

Hope it helps.

BR

Celeste

0 Kudos
Reply

Jump to solution
Monday
788 Views
YosukeW
Contributor II

Hello @Celeste_Liu ,

Thank you so much for answering my question.
It's clear to me now.

Best regards, Yosuke

Reply

Jump to solution
Monday
778 Views
Celeste_Liu
NXP Employee
NXP Employee

Hello @YosukeW ,

You are welcome, glad to help! Any new issues, welcome to create a new post.

BR

Celeste

0 Kudos
Reply

Jump to solution
2 weeks ago
873 Views
Celeste_Liu
NXP Employee
NXP Employee

Hello @YosukeW ,

I’ve noticed your case and will need some time to look into it further. I’ll keep you informed of any updates as soon as possible. 
 
Have a nice day.
 
BR
Celeste
0 Kudos
Reply
%3CLINGO-SUB%20id%3D%22lingo-sub-2354967%22%20slang%3D%22en-US%22%20mode%3D%22CREATE%22%3ERFC5869%20standard%20HKDF%20on%20Edgelock%20secure%20subsystem%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2354967%22%20slang%3D%22en-US%22%20mode%3D%22CREATE%22%3E%3CP%3EHello%2C%3C%2FP%3E%3CP%3EI%20have%20one%20question%20about%20HKDF%20feature.%3CBR%20%2F%3EMCXN%20SRM%20shows%20that%20this%20supports%20RFC5869%20but%20requires%20specific%20input%20data%20format%3A%3CBR%20%2F%3E%22For%20RFC5869%20compliance%2C%20the%20derivation%20data%20SW_DRV_DATA%5B255%3A0%5D%20must%20be%20composed%20as%20%7Blabel%5B247%3A0%5D%2C%3CBR%20%2F%3Ecounter%5B7%3A0%5D%7D%20from%20the%20RFC5869%20standard.%22%3CBR%20%2F%3EActually%20%3CA%20href%3D%22https%3A%2F%2Fdatatracker.ietf.org%2Fdoc%2Fhtml%2Frfc5869%22%20target%3D%22_self%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3ERFC5869%3C%2FA%3E%20requires%202%20steps%3A%20Extract%20and%20Expand.%20And%20these%20steps%20require%20different%20inputs.%3CBR%20%2F%3EBut%2C%20%26nbsp%3Bthe%20above%20input%20data%20required%20by%20ELS%20seems%20compliant%20with%20Expand%20phase%20only.%26nbsp%3B%3CBR%20%2F%3ECan%20we%20pass%20salt%20(measurement%20data)%20and%20label%20with%20IKM%20and%20let%20ELS%20do%20the%202%20steps%20as%20defined%20in%20RFC5869%20%3F%3CBR%20%2F%3EOr%20is%20it%20processed%20by%20ELS%20in%20different%20manner%20%3F%3CBR%20%2F%3E%3CBR%20%2F%3EThank%20you%20and%20Best%20regards%2C%20Yosuke%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-2354967%22%20slang%3D%22en-US%22%20mode%3D%22CREATE%22%3E%3CLINGO-LABEL%3EMCXN%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3ESecurity(Edgelock%20%7C%20secure%20boot%20%7C%20OTP)%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2356791%22%20slang%3D%22en-US%22%20mode%3D%22CREATE%22%20translate%3D%22no%22%3ERe%3A%20RFC5869%20standard%20HKDF%20on%20Edgelock%20secure%20subsystem%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2356791%22%20slang%3D%22en-US%22%20mode%3D%22CREATE%22%3E%3CP%3EHello%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fcommunity.nxp.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F262019%22%20target%3D%22_blank%22%3E%40YosukeW%3C%2FA%3E%26nbsp%3B%2C%3C%2FP%3E%0A%3CP%3EYou%20are%20welcome%2C%20glad%20to%20help!%26nbsp%3BAny%20new%20issues%2C%20welcome%20to%20create%20a%20new%20post.%3C%2FP%3E%0A%3CP%3EBR%3C%2FP%3E%0A%3CP%3ECeleste%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2356749%22%20slang%3D%22en-US%22%20mode%3D%22CREATE%22%20translate%3D%22no%22%3ERe%3A%20RFC5869%20standard%20HKDF%20on%20Edgelock%20secure%20subsystem%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2356749%22%20slang%3D%22en-US%22%20mode%3D%22CREATE%22%3E%3CP%3EHello%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fcommunity.nxp.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F237877%22%20target%3D%22_blank%22%3E%40Celeste_Liu%3C%2FA%3E%26nbsp%3B%2C%3C%2FP%3E%3CP%3EThank%20you%20so%20much%20for%20answering%20my%20question.%3CBR%20%2F%3EIt's%20clear%20to%20me%20now.%3C%2FP%3E%3CP%3EBest%20regards%2C%20Yosuke%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2356511%22%20slang%3D%22en-US%22%20mode%3D%22CREATE%22%20translate%3D%22no%22%3ERe%3A%20RFC5869%20standard%20HKDF%20on%20Edgelock%20secure%20subsystem%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2356511%22%20slang%3D%22en-US%22%20mode%3D%22CREATE%22%3E%3CP%3EHello%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fcommunity.nxp.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F262019%22%20target%3D%22_blank%22%3E%40YosukeW%3C%2FA%3E%26nbsp%3B%2C%3C%2FP%3E%0A%3CP%3EThanks%20for%20your%20patience.%3C%2FP%3E%0A%3CP%3ENo%2C%20on%20MCX%20N23x%2FNx4x%20ELS%2C%20the%20RFC5869-mode%20HKDF%20command%20does%20not%20expose%20separate%20Extract%20and%20Expand%20inputs%20%2C%20and%20the%20documentation%20describes%20the%20RFC5869%20path%20as%20a%20single%20HMAC%20operation%20using%20a%20256-bit%20derivation-data%20field%20.%20So%20you%20cannot%20pass%20salt%20plus%20IKM%20plus%20label%20and%20expect%20ELS%20to%20perform%20the%20full%20RFC5869%20Extract%20then%20Expand%20sequence%20internally%20in%20the%20way%20RFC5869%20defines%20it.%3C%2FP%3E%0A%3CP%3EHope%20it%20helps.%3C%2FP%3E%0A%3CP%3EBR%3C%2FP%3E%0A%3CP%3ECeleste%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-2355173%22%20slang%3D%22en-US%22%20mode%3D%22CREATE%22%20translate%3D%22no%22%3ERe%3A%20RFC5869%20standard%20HKDF%20on%20Edgelock%20secure%20subsystem%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2355173%22%20slang%3D%22en-US%22%20mode%3D%22CREATE%22%3E%3CP%3EHello%26nbsp%3B%3CA%20href%3D%22https%3A%2F%2Fcommunity.nxp.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F262019%22%20target%3D%22_blank%22%3E%40YosukeW%3C%2FA%3E%26nbsp%3B%2C%3C%2FP%3E%0A%3CDIV%3EI%E2%80%99ve%20noticed%20your%20case%20and%20will%20need%20some%20time%20to%20look%20into%20it%20further.%20I%E2%80%99ll%20keep%20you%20informed%20of%20any%20updates%20as%20soon%20as%20possible.%26nbsp%3B%3C%2FDIV%3E%0A%3CDIV%3E%26nbsp%3B%3C%2FDIV%3E%0A%3CDIV%3EHave%20a%20nice%20day.%3C%2FDIV%3E%0A%3CDIV%3E%26nbsp%3B%3C%2FDIV%3E%0A%3CDIV%3EBR%3C%2FDIV%3E%0A%3CDIV%3ECeleste%3C%2FDIV%3E%3C%2FLINGO-BODY%3E