cancel
Showing results for 
Search instead for 
Did you mean: 

STM32U5 TFM mbedCrypto ECDSA(PSA API)

sabari1
Associate III

hi 

i am implementing a TFM based project on stm32u585 microcontroller. i taken reference from the cubeU5 package to implement the TFM code stm32U585 SBSFU  .

in my application i need to use the ECDSA signing and verification using the PSA APIs available on the package. i implemented functionality of ECDSA signing and verification using the ECC key pair i generated in the code itself. The problem is i can able to sign and verify the same signature when am using secp256 curve and secp385 curve(while generating key pairs). but when using secp521 curve the signature verification fails. Can anybody helps me in this.

this is my ECDSA test API

sabari1_0-1715335327575.png

ECC key pair generation (here in the sets_key_bits api if i use 256 and 384 the whole functinalty works fine but when using 521 its failing in the verification)

sabari1_1-1715335390727.png

import the public key for the verification 

sabari1_2-1715335552924.png

@Jocelyn RICARD 

edit: when i disable the hardware accelerator in the crypto library the ECDSA verification with secp521 curve works fine. (while using hardware accelerator(PKA) only i am facing this issue) .

in the datasheet its clearly mention that the PKA supports the secp521 curve so i think its the problem with the alt implementation of the ECC algorithm(for using PKA).

sabari1_0-1715592513404.png

 

 

2 REPLIES 2
Jocelyn RICARD
ST Employee

Hello @sabari1 ,

Yes I confirm, I already faced same issue but this was on a different setup and was a pre-release long ago. I never had the opportunity to come back on this. I would need time to investigate this.

My first guess would be a problem of alignment of bytes ...

Anyway, I will raise the issue internally asap

Best regards

Jocelyn

hi 

is there any update regarding this issue