S32K314 importing ECC public key ImportEccKeyReq function returns error 0x055A5A399

铅笔

const hseKeyGroupCfgEntry_t NVM_Catalog [] =

{

/* keyType numOfKeySlots maxKeyBitLen */ \

/* CUST keys */ \

{HSE_ALL_MU_MASK, HSE_KEY_OWNER_ANY, HSE_KEY_TYPE_SHE, 12U, HSE_KEY128_BITS}, /* MASTER_ECU_KEY, BOOT_MAC_KEY, KEY_1 to KEY_10 */ \

{HSE_ALL_MU_MASK, HSE_KEY_OWNER_CUST, HSE_KEY_TYPE_AES, 4U, HSE_KEY128_BITS}, \

{HSE_ALL_MU_MASK, HSE_KEY_OWNER_CUST, HSE_KEY_TYPE_AES, 7U, HSE_KEY256_BITS}, /* HMAC key */ \

{HSE_ALL_MU_MASK, HSE_KEY_OWNER_CUST, HSE_KEY_TYPE_HMAC, 2U, HSE_KEY512_BITS}, /* ECC keys */ \

{HSE_ALL_MU_MASK, HSE_KEY_OWNER_CUST, WRP_KEY_TYPE_ECC_PAIR, 3U, WRP_ECC_KEY_SIZE}, \

{HSE_ALL_MU_MASK, HSE_KEY_OWNER_CUST, WRP_KEY_TYPE_ECC_PUB, 1U, WRP_ECC_KEY_SIZE}, \

{HSE_ALL_MU_MASK, HSE_KEY_OWNER_CUST, WRP_KEY_TYPE_ECC_PUB_EXT, 1U, WRP_ECC_KEY_SIZE}, /* RSA keys */ \

{HSE_ALL_MU_MASK, HSE_KEY_OWNER_CUST, HSE_KEY_TYPE_RSA_PAIR, 2U, HSE_KEY4096_BITS}, \

{HSE_ALL_MU_MASK, HSE_KEY_OWNER_CUST, HSE_KEY_TYPE_RSA_PUB, 1U, HSE_KEY4096_BITS}, \

{HSE_ALL_MU_MASK, HSE_KEY_OWNER_CUST, HSE_KEY_TYPE_RSA_PUB_EXT, 1U, HSE_KEY4096_BITS}, /* OEM keys */ \

{HSE_ALL_MU_MASK, HSE_KEY_OWNER_OEM, HSE_KEY_TYPE_AES, 3U, HSE_KEY128_BITS}, \

{HSE_ALL_MU_MASK, HSE_KEY_OWNER_OEM, HSE_KEY_TYPE_AES, 3U, HSE_KEY256_BITS}, /* HMAC key */ \

{HSE_ALL_MU_MASK, HSE_KEY_OWNER_OEM, HSE_KEY_TYPE_HMAC, 1U, HSE_KEY1024_BITS}, /* ECC keys */ \

{HSE_ALL_MU_MASK, HSE_KEY_OWNER_OEM, WRP_KEY_TYPE_ECC_PAIR, 1U, WRP_ECC_KEY_SIZE}, \

{HSE_ALL_MU_MASK, HSE_KEY_OWNER_OEM, WRP_KEY_TYPE_ECC_PUB, 1U, WRP_ECC_KEY_SIZE}, \

{HSE_ALL_MU_MASK, HSE_KEY_OWNER_OEM, WRP_KEY_TYPE_ECC_PUB_EXT, 1U, WRP_ECC_KEY_SIZE}, /* RSA keys */ \

{HSE_ALL_MU_MASK, HSE_KEY_OWNER_OEM, HSE_KEY_TYPE_RSA_PAIR, 1U, HSE_KEY4096_BITS}, \

{HSE_ALL_MU_MASK, HSE_KEY_OWNER_OEM, HSE_KEY_TYPE_RSA_PUB, 1U, HSE_KEY4096_BITS}, \

{HSE_ALL_MU_MASK, HSE_KEY_OWNER_OEM, HSE_KEY_TYPE_RSA_PUB_EXT, 1U, HSE_KEY4096_BITS}, \

{HSE_MU0_MASK, HSE_KEY_OWNER_OEM, WRP_KEY_TYPE_ECC_PUB, 1U, WRP_ECC_KEY_SIZE}, \

{ \

0U, 0U, 0U, 0U, 0U \

}

};

const hseKeyGroupCfgEntry_t RAM_Catalog [] =

{

/* keyType numOfKeySlots maxKeyBitLen*/ \

/* Symetric key */ \

{HSE_ALL_MU_MASK, HSE_KEY_OWNER_ANY, HSE_KEY_TYPE_SHE, 1U, HSE_KEY128_BITS}, /* KEY_RAM */ \

{HSE_ALL_MU_MASK, HSE_KEY_OWNER_ANY, HSE_KEY_TYPE_AES, 10U, HSE_KEY128_BITS}, \

{HSE_MU0_MASK, HSE_KEY_OWNER_ANY, HSE_KEY_TYPE_AES, 10U, HSE_KEY256_BITS}, /* HMAC key */ \

{HSE_ALL_MU_MASK, HSE_KEY_OWNER_ANY, HSE_KEY_TYPE_HMAC, 6U, HSE_KEY1024_BITS}, /* RSA key */ \

{HSE_ALL_MU_MASK, HSE_KEY_OWNER_ANY, HSE_KEY_TYPE_RSA_PUB, 2U, HSE_KEY2048_BITS}, \

{HSE_ALL_MU_MASK, HSE_KEY_OWNER_ANY, HSE_KEY_TYPE_RSA_PUB_EXT, 1U, HSE_KEY1024_BITS}, \

{HSE_ALL_MU_MASK, HSE_KEY_OWNER_ANY, WRP_KEY_TYPE_ECC_PAIR, 2U, WRP_ECC_KEY_SIZE}, \

{HSE_ALL_MU_MASK, HSE_KEY_OWNER_ANY, WRP_KEY_TYPE_ECC_PUB, 5U, WRP_ECC_KEY_SIZE}, \

{HSE_ALL_MU_MASK, HSE_KEY_OWNER_ANY, HSE_KEY_TYPE_SHARED_SECRET, 2U, HSE_KEY638_BITS}, \

{HSE_ALL_MU_MASK, HSE_KEY_OWNER_ANY, HSE_KEY_TYPE_SHARED_SECRET, 2U, HSE_KEY2048_BITS}, \

{ \

0U, 0U, 0U, 0U, 0U \

}

};

void HSE_CryptoKeyTest(void)

{

hseSrvResponse_t HseResponse;

hseKeyHandle_t eccRAMKeyHandle = HSE_DEMO_RAM_ECC_PAIR_KEY_HANDLE;

hseKeyHandle_t DHSharedSecretRAMKeyHandle = HSE_DEMO_DH_SHARED_SECRET_HANDLE;

hseKeyHandle_t AESDerivedKeyInfoHandle0 = HSE_DEMO_RAM_AES256_KEY0;

hseKeyHandle_t AESDerivedKeyInfoHandle1 = HSE_DEMO_RAM_AES128_KEY1;

hseKeyHandle_t ImportEccPubRAMKeyHandle = HSE_DEMO_RAM_ECC_PUB_KEY_HANDLE;

/* Generate ECC key pair in RAM */

HseResponse = GenerateEccKeyAndExportPublic(HSE_DEMO_RAM_ECC_PAIR_KEY_HANDLE, HSE_EC_SEC_SECP256R1, (HSE_KF_USAGE_EXCHANGE | HSE_KF_ACCESS_EXPORTABLE), eccP256PubKeyGet);

printf("hse_step3: %X\n\r", HseResponse);

/* Import ECC Key */

HseResponse = ImportEccKeyReq(

HSE_DEMO_RAM_ECC_PUB_KEY_HANDLE,

HSE_KEY_TYPE_ECC_PUB,

HSE_KF_USAGE_EXCHANGE,

HSE_EC_SEC_SECP256R1,

KeyBitLen(HSE_EC_SEC_SECP256R1),

eccP256PubKeyGet,

NULL);

printf("hse_step4: %X\n\r", HseResponse);

/* Compute DH Shared Secret (ECDH) */

HseResponse = DHSharedSecretCompute(

HSE_DEMO_RAM_ECC_PUB_KEY_HANDLE,

HSE_DEMO_RAM_ECC_PAIR_KEY_HANDLE,

&DHSharedSecretRAMKeyHandle,

RAM_KEY,

KeyBitLen(HSE_EC_SEC_SECP256R1));

printf("hse_step5: %X\n\r", HseResponse);

GenerateEccKeyAndExportPublic先生成密钥对并导出公钥到eccP256PubKeyGet[64]，再将该生成的公钥通过ImportEccKeyReq导入密钥槽返回0x055A5A399错误，Based on the S32K344 DEMO, please help analyze the reason.

铅笔

1、Log of the cache not closed：

2、Disable the cache, but steps 6 and 7 respond with an incorrect log：

3、Close the cache and inject a fake swap key into the corresponding key slot log after the key exchange step in step 5：

lukaszadrapa

Is it possible to share simple project to reproduce it on my side?

铅笔

lukaszadrapa

Here's the problem:

I can see that you have two groups for SHARED_SECRET in RAM catalog:

When computing shared secret, key handle 0x00020900 (RAM catalog, group 9, key 0) is passed to the function:

However, when you step over the function, the key allocator selects key handle 0x00020800 (RAM catalog, group 8, key 0):

So, the shared secret is stored to 0x00020800.

But then, in your function KdfSP800_56C_ONESTEP_ReqTest_demo, you configure the original key handle 0x00020900 as a source key handle. Not the one that was assigned by key allocator:

So, that's the reason why the key slot looks like empty - because it is actually empty. You need to select a key handle which was allocated by key allocator.

Regards,

Lukas

铅笔

Hi：

I try to remove one group of SHARED_SECRET in RAM catalog and disable cache,that i can get the right result. Now i have two questions:

1、If the cache is not disabled, why does the ImportEccKeyReq step report the 55A5A399 error, while all other steps are correct?

2、If there are two groups for SHARED_SECRET in the RAM catalog, why would it cause the error shown in the image below?

Thank you!

lukaszadrapa

Hi @铅笔

1. It depends on the state of the cache memory. Based on the previous program or data flow, the parameters might or might not be present in physical memory. So, if the data cache is enabled, it could work in some cases—but in others, it might not. It's responsibility of user to keep all the data objects used for communication with HSE in non-cacheable memory.

2. Well, the key allocator doesn’t seem to be fully reliable. It tries to select the best available key slot, but it appears to malfunction when there are two identical key groups.

Regards,
Lukas

铅笔

Providing the C file can be added to your project to help with verification. Thank you.

铅笔

First generate the key pair and export the public key to eccP256PubKeyGet[64], then import the generated public key through ImportEccKeyReq into the key slot, returning error 0x055A5A399.Based on the S32K344 DEMO, please help analyze the reason.

lukaszadrapa

Hi @铅笔

I did quick test on my side and it works as expected:

My project is attached.

Have you tried to disable data cache?

Regards,

Lukas

铅笔

I compared the DEMO you provided in the attachment with mine, and they are consistent. Currently, I have tried both scenarios with caching enabled and disabled, and the phenomena are as follows:
1. With caching enabled, but the sending and receiving variables were placed in the corresponding no-cache section, the results are as previously mentioned; reading the version number and generating the shared key are normal, but importing the public key using ImportEccKeyReq returned an error 0x055A5A399, preventing subsequent key exchange and key derivation steps from proceeding. 2. With caching disabled, the public key import using ImportEccKeyReq (step 4) and the key exchange DHSharedSecretCompute (step 5) returned normally, but the subsequent key derivation steps KdfSP800_56C_ONESTEP_ReqTest_demo (step 6) and HSEKeyDeriveExtractKeyReq (step 7) returned a key slot empty error 0xA5AA5317. Based on the above attempts, after step 5 DHSharedSecretCompute, I imported a 32-byte fake shared key into the corresponding shared key slot using ImportSharedKeyReq(&SHARED_ImportSecret_1_0), and steps 6 and 7 returned correctly and derived the corresponding key, which leads me to conclude that although step 4 ImportEccKeyReq function returned normally, it did not successfully import the public key. The current running project is based on a newly created S32K314 project in S32DS, and then I imported the corresponding functional files from the HSE DEMO; I'm not sure if this affects the execution results. I have tried many methods and still cannot solve the problem, please help analyze the issue, thank you.

铅笔

uint8_t sharedSecretKey[32] =
{ 0x00, 0xd0, 0x07, 0xe1, 0xb9, 0xaf, 0xcc, 0x31, 0x2e, 0xec, 0x9c, 0xec, 0xff,
0xa0, 0x28, 0x07, 0x52, 0xbb, 0xd1, 0x95, 0x31, 0x82, 0xed, 0xef, 0x12,
0xf3, 0xfc, 0x36, 0x6e, 0x8f, 0x43, 0x56
};

void HSE_CryptoKeyTest(void)
{
hseSrvResponse_t HseResponse;

hseKeyHandle_t eccRAMKeyHandle = HSE_DEMO_RAM_ECC_PAIR_KEY_HANDLE;
hseKeyHandle_t DHSharedSecretRAMKeyHandle = HSE_DEMO_DH_SHARED_SECRET_HANDLE;

hseKeyHandle_t AESDerivedKeyInfoHandle0 = HSE_DEMO_RAM_AES256_KEY0;
hseKeyHandle_t AESDerivedKeyInfoHandle1 = HSE_DEMO_RAM_AES128_KEY1;
hseKeyHandle_t ImportEccPubRAMKeyHandle = HSE_DEMO_RAM_ECC_PUB_KEY_HANDLE;

HseResponse = GenerateEccKeyAndExportPublic(HSE_DEMO_RAM_ECC_PAIR_KEY_HANDLE, HSE_EC_SEC_SECP256R1, (HSE_KF_USAGE_EXCHANGE | HSE_KF_ACCESS_EXPORTABLE), eccP256PubKeyGet);
printf("hse_step3: %X\n\r", HseResponse);

HseResponse = ImportEccKeyReq(
HSE_DEMO_RAM_ECC_PUB_KEY_HANDLE,
HSE_KEY_TYPE_ECC_PUB,
(HSE_KF_USAGE_EXCHANGE | HSE_KF_ACCESS_EXPORTABLE),
HSE_EC_SEC_SECP256R1,
KeyBitLen(HSE_EC_SEC_SECP256R1),
eccP256PubKeyGet,
NULL);
printf("hse_step4: %X\n\r", HseResponse);

HseResponse = DHSharedSecretCompute(
HSE_DEMO_RAM_ECC_PUB_KEY_HANDLE,
HSE_DEMO_RAM_ECC_PAIR_KEY_HANDLE,
&DHSharedSecretRAMKeyHandle,
RAM_KEY,
KeyBitLen(HSE_EC_SEC_SECP256R1));
printf("hse_step5: %X\n\r", HseResponse);

// ImportSharedKeyReq(&SHARED_ImportSecret_1_0);

HseResponse = KdfSP800_56C_ONESTEP_ReqTest_demo();
printf("hse_step6: %X\n\r", HseResponse);

HseResponse = HSEKeyDeriveExtractKeyReq
(
KdfSP800_56C_ONESTEP_Scheme_1_0.kdfCommon.targetKeyHandle,
0,
&AESDerivedKeyInfoHandle1,
RAM_KEY,
aes128KeyInfo
);
printf("hse_step7: %X\n\r", HseResponse);
}

lukaszadrapa

What is inside KdfSP800_56C_ONESTEP_ReqTest_demo()? It looks like wrong key handle is used in this function.

铅笔

hseKdfSP800_56COneStepScheme_t KdfSP800_56C_ONESTEP_Scheme_1_0 =
{
.salt = {
.saltKeyHandle = HSE_INVALID_KEY_HANDLE,
.saltLength = 0,
.pSalt = NULL
},
.kdfCommon = {
.prfAlgo = HSE_KDF_SHA2_256,
.srcKeyHandle = HSE_INVALID_KEY_HANDLE,
.targetKeyHandle = HSE_INVALID_KEY_HANDLE,
.keyMatLen = BITS_TO_BYTES(256UL),
.kdfPrf = HSE_KDF_PRF_HASH,
.pInfo = (HOST_ADDR)KdfSP800_56C_ONESTEP_FixedInfo_1_0,
.infoLength = ARRAY_SIZE(KdfSP800_56C_ONESTEP_FixedInfo_1_0)
}
};

hseSrvResponse_t KdfSP800_56C_ONESTEP_ReqTest_demo()
{
hseSrvResponse_t hseResponse;
hseKeyHandle_t DHSharedSecretRAMKeyHandle = HSE_DEMO_DH_SHARED_SECRET_HANDLE;

hseResponse = HKF_AllocKeySlot(RAM_KEY, HSE_KEY_TYPE_SHARED_SECRET, KdfSP800_56C_ONESTEP_Scheme_1_0.kdfCommon.keyMatLen * 8U, &targetSharedSecretKey_0);

KdfSP800_56C_ONESTEP_Scheme_1_0.kdfCommon.srcKeyHandle = DHSharedSecretRAMKeyHandle;
KdfSP800_56C_ONESTEP_Scheme_1_0.kdfCommon.targetKeyHandle = targetSharedSecretKey_0;

hseResponse = KdfSP800_56C_ONESTEP_Test_0(&KdfSP800_56C_ONESTEP_Scheme_1_0);

return hseResponse;
}

static hseSrvResponse_t KdfSP800_56C_ONESTEP_Test_0(hseKdfSP800_56COneStepScheme_t *pKdfScheme)
{
hseSrvResponse_t hseResponse;

hseResponse = HSEKdfSP800_56COneStepReq(pKdfScheme);

return hseResponse;
}