Hi Janos,
I added the following code.
unsigned char output_buf[16000]; memset(output_buf, 0, 16000); ret = mbedtls_pk_write_key_der(pk, output_buf, 16000); if(ret < 0) { goto exit; } else { ret = 0; }
But it returned failure. Any idea if I am missing something here?
Regards, Arun Lal K M
From: Janos Follath Janos.Follath@arm.com Sent: Friday, June 7, 2024 3:41 PM To: Lal, Arun arun.lal@intel.com; mbed-tls@lists.trustedfirmware.org Subject: Re: [mbed-tls] How to read ecp private key
Hi Arun,
You can write it into a buffer with the `mbedtls_pk_write_key_der()` function.
Regards, Janos
From: Arun Lal K M via mbed-tls <mbed-tls@lists.trustedfirmware.orgmailto:mbed-tls@lists.trustedfirmware.org> Date: Friday, 7 June 2024 at 10:04 To: mbed-tls@lists.trustedfirmware.orgmailto:mbed-tls@lists.trustedfirmware.org <mbed-tls@lists.trustedfirmware.orgmailto:mbed-tls@lists.trustedfirmware.org> Subject: [mbed-tls] How to read ecp private key I am generating a ECP key in following way. And now how do I get the private key?
TEE_Result gen_ec_keys(mbedtls_pk_context* pk, mbedtls_entropy_f_source_ptr f_source, __maybe_unused TEE_Param params[TEE_NUM_PARAMS]) { int ret = 1; mbedtls_entropy_context entropy; mbedtls_ctr_drbg_context ctr_drbg; const char* pers = "gen_key"; TEE_Result res = TEE_SUCCESS;
unsigned char output_buf[16000]; memset(output_buf, 0, 16000);
mbedtls_entropy_init(&entropy); mbedtls_ctr_drbg_init(&ctr_drbg);
if ((ret = mbedtls_entropy_add_source(&entropy, f_source, NULL, 48, MBEDTLS_ENTROPY_SOURCE_STRONG)) != 0) { params[2].value.a = 1; goto exit; }
if ((ret = mbedtls_ctr_drbg_seed(&ctr_drbg, f_entropy, &entropy, (const unsigned char*)pers, strlen(pers))) != 0) { mbedtls_printf(" failed\n ! mbedtls_ctr_drbg_seed returned -0x%04x\n", (unsigned int)-ret); params[2].value.a = 2; goto exit; }
if ((ret = mbedtls_pk_setup(pk, mbedtls_pk_info_from_type(MBEDTLS_PK_ECKEY))) != 0) { EMSG(" failed\n ! mbedtls_pk_setup returned -0x%04x", (unsigned int)-ret); params[2].value.a = 3; goto exit; }
if ((ret = mbedtls_ecp_gen_key(MBEDTLS_ECP_DP_SECP384R1, mbedtls_pk_ec(*pk), mbedtls_ctr_drbg_random, &ctr_drbg)) != 0) { EMSG(" failed\n ! mbedtls_ecp_gen_key returned -0x%04x", (unsigned int)-ret); params[2].value.a = 4; goto exit; }
exit: mbedtls_ctr_drbg_free(&ctr_drbg); mbedtls_entropy_free(&entropy); return res; } -- mbed-tls mailing list -- mbed-tls@lists.trustedfirmware.orgmailto:mbed-tls@lists.trustedfirmware.org To unsubscribe send an email to mbed-tls-leave@lists.trustedfirmware.orgmailto:mbed-tls-leave@lists.trustedfirmware.org