FAQs
English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

EC key derive is failing with pkcs11-tool

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

EC key derive is failing with pkcs11-tool

‎11-07-2022 09:49 AM
1,170 Views
vishwanchandapu
Contributor III

Hi,

Se05x chip:SE051C

SDK version: se05x_mw_v04.02.00_20220701_151557
libp11 verison: 0.4.1

we are trying to derive ec key is using pcks11 tool but failing with invalid argument.

 commands:
 
pkcs11-tool --module /usr/lib/libsss_pkcs11.so --keypairgen --key-type EC:secp192r1 --label "sss:20202020"

pkcs11-tool --module /usr/lib/libsss_pkcs11.so --slot 1 --label "sss:20202020" --read-object --type pubkey -o ecpub.key

pkcs11-tool --module /usr/lib/libsss_pkcs11.so --slot 1 --label "sss:20202020" --derive -i ecpub.key -m ECDH1-DERIVE -o shared_secret.raw

Error:

vishwanchandapu_0-1667839563282.png

 

0 Kudos
Reply
5 Replies

‎11-16-2022 08:00 PM
976 Views
vishwanchandapu
Contributor III

@Kan_Li ,

Do you have any update on this?

Thanks 
Vishwa

0 Kudos
Reply

‎11-17-2022 12:23 AM
969 Views
Kan_Li
NXP TechSupport
NXP TechSupport
Nor yet, but I will let you know as soon as I have any more info from there.

Have a great day,
Kan


-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------
0 Kudos
Reply

‎11-08-2022 06:42 PM
1,109 Views
Kan_Li
NXP TechSupport
NXP TechSupport

Hi @vishwanchandapu ,

 

Thanks for reaching out! I am looking into this issue and will get back to you when I make any progress.

 

Thanks for your patience!

 

Have a great day,
Kan


-------------------------------------------------------------------------------
Note:
- If this post answers your question, please click the "Mark Correct" button. Thank you!
- We are following threads for 7 weeks after the last post, later replies are ignored
Please open a new thread and refer to the closed one, if you have a related question at a later point in time.
-------------------------------------------------------------------------------

0 Kudos
Reply

‎11-10-2022 07:22 AM
1,059 Views
vishwanchandapu
Contributor III

@Kan_Li 

Thank you for the response.

Seems EC key derive is failing with multiple with reasons.

1.Mismatch of argument CKA_KEY_TYPE.
pkcs11-tool has set CKK_GENERIC_SECRET but SE051 PKCS11 expecting CKK_AES.I tried to fix this temporarily by changing in pkcs11-tool.

2.Mismatch of EC param public key length which I am not able to fix.

 

0 Kudos
Reply

‎11-10-2022 07:46 PM
1,047 Views
Kan_Li
NXP TechSupport
NXP TechSupport

Hi @vishwanchandapu ,

 

Yes, that is the cause I figured out so far, and I have pinged our R&D team about this issue and they are investigating now. I will let you know when I have any more info from there.

 

Thanks for your patience!

 

Best Regards,

Kan

0 Kudos
Reply