AnsweredAssumed Answered

X25519 algoritm doesn't generate the correct key

Question asked by Jordy Ubink on Jan 14, 2020

I'm having trouble using the X25519 algorithm with the SE050C.

I've used the example keys from the SE050 APDU Specification (AN 12413), see image.

 

Example keys for ECDH key derivation.

According to the given example and the OpenSSL test (in attachments), the shared secret should be:
4a5d9d5ba4ce2de1728e3bf480350f25e07e21c947d19e3376f09b3c1e161742 (HEX)

 

When I try to derive the shared secret on the SE050C (development kit), I get the wrong key or the operation fails.

I've used 2 derive functions:

  • sss_derive_key_dh
    • returns kStatus_SSS_Fail
  • Se05x_API_ECDHGenerateSharedSecret
    • returns the wrong key:
      68408B1BAA1BDC8EBA074E3A99AEF1B3C94EDFE9F52E60616D1F2A924B2F5D51 (HEX)

 

Does someone know how to correctly use the X25519 function or can anybody explain what I'm doing wrong? Help is very appreciated.

I've attached my code and the corresponding output. The code is very similar to the SDK example "ex_sss_ecdh".

I am using the latest version of SE050-PLUG-TRUST-MW (version 2.12).

Outcomes