Import ECC key into HSE FW

取消
显示结果 
显示  仅  | 搜索替代 
您的意思是: 
已解决

Import ECC key into HSE FW

跳至解决方案
1,530 次查看
IAussman
Contributor III

Dear NXP community,

I'm currently trying to import ECC public key into HSE FW.

OpenSSL has generated the private and public key with ".pem" extension.

So my question is, how to convert this pem file into something that could be used for key import.

Thank you for your support.

Best regards,

 

0 项奖励
回复
1 解答
1,437 次查看
lukaszadrapa
NXP TechSupport
NXP TechSupport

Hi @IAussman 

0x04 is a prefix only which says that it's uncompressed format.

Regards,

Lukas

在原帖中查看解决方案

5 回复数
1,499 次查看
lukaszadrapa
NXP TechSupport
NXP TechSupport

Hi @IAussman 

see please attached document.

Regards,

Lukas

1,448 次查看
IAussman
Contributor III

Hi @lukaszadrapa ,

Is there any reason why the first byte of the ECC public key has been removed in the code source ?

Thank you.

Best regards,

 

0 项奖励
回复
1,438 次查看
lukaszadrapa
NXP TechSupport
NXP TechSupport

Hi @IAussman 

0x04 is a prefix only which says that it's uncompressed format.

Regards,

Lukas

1,477 次查看
IAussman
Contributor III
Hi @lukaszadrapa ,

Thank you for your rapid response. I've followed the instructions for generating the ECC key.

HSE FW reference manual says that we have to format the key catalog prior to any key provisioning. By doing so (format catalog), I got an error saying "operation is not allowed". In my code source LC= CUST_DEL, so I should have super user rights.

If I bypass the catalog formating, I'm also getting the same error on the key import (NOT_ALLOWED).

Do you have any suggestions ? Thank you.

Below the code:

Crypto_Init(NULL_PTR);

RetVal = Crypto_Exts_FormatKeyCatalogs();

Crypto_KeyElementSet(CryptoConf_CryptoKey_ECC_PublicKey, /* CryptoKeyId */
CryptoConf_CryptoKeyElement_CryptoKeyElement_ECC_Public, /* KeyElementId */
SEC_au8Ecc256PubKey, /*Ecc public key address */
ECC_PUB_KEY_SZ /* Ecc public key size */);
1,457 次查看
IAussman
Contributor III
Problem solved by setting Key_Owner to OWNER_CUST for NvmKeyCatalog, and Key Owner to OWNER_ANY for RamKeyCatalog.

Best regards,