PEM exports of public/private keys? - psa-crypto

14 May 2020


      Hi,
Working on some cryptography demos for Zephyr, now that TF-M support was
fully merged in for the upcoming 2.3 release, I've put some test code
together that:
- Generates a permanent persistent key (prime256v1)
- Displays the public key based on the private key above (in hex format)
- Calculates the SHA256 hash of a payload
- Signs the hash with the persistent key
- Verifies the signature using the public key
- Destroys the key
https://gist.github.com/microbuilder/a326cc6b935f87f413d89e44f9d3de05
An important part of the hash/sign/verify workflow is of course verifying
the signature on the receiving end, which requires access to the public key
generated on the device (perhaps a new key was randomly generated when the
device first boots, etc.).
We can currently derive the public key in DER format with the existing API,
but it seems like a helper function to convert to PEM would make this
export process easier, since you could then just copy and paste the text
output directly for provisioning or debug purposes. mbedcrypto 3.1.0
already has a library/pem.c utility function for this that could be
exposed: mbedtls_pem_write_buffer
In general, I think enabling the import and export of PEM data, not just
DER, would make the process of dealing with keys during provisioning easier.
I didn't find any references to PEM in the PSA Cryptography API, but
perhaps I'm missing some obvious already existing means to convert to PEM,
or is this something other people see any value in having?
Being able to copy and paste PEM data (versus DER which can't be
copy/pasted), then save it as a file, for example, would make working with
openssl easier, such as the commands described here where we could use the
extracted PEM data to verify the signed data from the command line:
https://gist.github.com/microbuilder/a326cc6b935f87f413d89e44f9d3de05#file-p...
Any thoughts on the idea, or perhaps it's already been added and I'm simply
missing it?
It's easy to add this at the NS application level as well, of course, but
it does seem like a useful enough operation that it should be available in
S world when requesting key data.
Best regards,
Kevin Townsend