FAQs
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

ECDH fails for CURVE25519 using X-CUBE-CRYPTOLIB

antfarmer
Associate III

‎2024-05-20 08:10 AM

I can't get ECDH working for CURVE25519 using the STM32 HAL / crypto lib. This may be an issue with the somewhat confusing constants for this library. I can get the NIST curves working with ECDH. The trouble I have is it seems there are two cmox_ecc_impl_t constants: CMOX_ECC_CURVE25519 and CMOX_ECC_CURVE_ED25519. Here is some abbreviated test code:

	// inputs: size_t pubLen, uint8_t* secret, size_t secretLen

	// create randoms for local test key
	uint16_t randSize = pubLen;
	uint8_t randBuff[randSize];
	// ... set randoms via HAL_RNG_GenerateRandomNumber
	
	ecc_key_t localKey;
	if ((result = cmox_eddsa_keyGen(&eccHandle, CMOX_ECC_CURVE_ED25519, randBuff, randSize,
			localKey.private, &localKey.privLen, localKey.public, &localKey.pubLen)) != CMOX_ECC_SUCCESS) {
		return result;
	}
	
	// create randoms for remote test key
	// ... set randoms via HAL_RNG_GenerateRandomNumber
	
	ecc_key_t remoteKey;
	if ((result = cmox_eddsa_keyGen(&eccHandle, CMOX_ECC_CURVE_ED25519, randBuff, randSize,
			remoteKey.private, &remoteKey.privLen, remoteKey.public, &remoteKey.pubLen)) != CMOX_ECC_SUCCESS) {
		return result;
	}
	
	if ((result = cmox_ecdh(&eccHandle, CMOX_ECC_CURVE_ED25519, localKey->private, localKey->privLen,
			remoteKey->public, remoteKey->pubLen, secret, secretLen)) != CMOX_ECC_SUCCESS) {
		return result;
	}
	
	// ecc_key_t defined as...
	typedef struct {
		size_t privLen;
		size_t pubLen;
		uint8_t* private;
		uint8_t* public;
	} ecc_key_t;

When using the CMOX_ECC_CURVE_ED25519 constant for key generation and cmox_ecdh, the result is: CMOX_ECC_ERR_ALGOCURVE_MISMATCH ((cmox_ecc_retval_t)0x0006000F) /*!< ECC curve not supported by current functionality */

OK, so then I replaced the constant passed to cmox_ecdh with CMOX_ECC_CURVE25519, and this returns CMOX_ECC_ERR_BAD_PARAMETERS ((cmox_ecc_retval_t)0x00060003) /*!< Bad input parameters */

After that, if I cut the key size down to be both 32 bytes for public and private, the function works, but the results are not the same for both sides of the operation (local/remote). So I believe the trouble is with the key. I've tried generating a key using the CMOX_ECC_CURVE25519 constant, but this fails with a curve not supported error. Any ideas what I'm doing wrong here? As the ecdh documentation claims to support curve25519.

Labels:
0 Kudos
2 REPLIES 2
Tesla DeLorean
Guru

‎2024-05-20 08:58 AM

@Jocelyn RICARD 

Tips, Buy me a coffee, or three.. PayPal Venmo
Up vote any posts that you find helpful, it shows what's working..
0 Kudos
antfarmer
Associate III

‎2024-06-03 12:02 PM

I have confirmed the constants used are in the documentation of the functions. For key generation: CMOX_ECC_ED25519_HIGHMEM and for ECDH: CMOX_ECC_CURVE25519. By cutting down the key size to 32 bytes for both public and private the cmox_ecdh function returns successfully, but the secret data is incorrect. I'm not sure what else could be wrong as it appears all the constants chosen are correct. Any ideas?

0 Kudos
Top