Hi,
Working on some cryptography demos for Zephyr, now that TF-M support was fully merged in for the upcoming 2.3 release, I've put some test code together that:
- Generates a permanent persistent key (prime256v1) - Displays the public key based on the private key above (in hex format) - Calculates the SHA256 hash of a payload - Signs the hash with the persistent key - Verifies the signature using the public key - Destroys the key
https://gist.github.com/microbuilder/a326cc6b935f87f413d89e44f9d3de05
An important part of the hash/sign/verify workflow is of course verifying the signature on the receiving end, which requires access to the public key generated on the device (perhaps a new key was randomly generated when the device first boots, etc.).
We can currently derive the public key in DER format with the existing API, but it seems like a helper function to convert to PEM would make this export process easier, since you could then just copy and paste the text output directly for provisioning or debug purposes. mbedcrypto 3.1.0 already has a library/pem.c utility function for this that could be exposed: mbedtls_pem_write_buffer
In general, I think enabling the import and export of PEM data, not just DER, would make the process of dealing with keys during provisioning easier.
I didn't find any references to PEM in the PSA Cryptography API, but perhaps I'm missing some obvious already existing means to convert to PEM, or is this something other people see any value in having?
Being able to copy and paste PEM data (versus DER which can't be copy/pasted), then save it as a file, for example, would make working with openssl easier, such as the commands described here where we could use the extracted PEM data to verify the signed data from the command line: https://gist.github.com/microbuilder/a326cc6b935f87f413d89e44f9d3de05#file-p...
Any thoughts on the idea, or perhaps it's already been added and I'm simply missing it?
It's easy to add this at the NS application level as well, of course, but it does seem like a useful enough operation that it should be available in S world when requesting key data.
Best regards, Kevin Townsend
psa-crypto@lists.trustedfirmware.org