- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I would like to confirm my observation when calling the Cy_Crypto_Core_ECC_SignHash() and Cy_Crypto_Core_ECC_MakeKeyPair() functions. The Cy_Crypto_Core_ECC_MakeKeyPair() returns the public key (X & Y) in little endian format, same for the signature (R & S) returned by the Cy_Crypto_Core_ECC_SignHash() function. I verified this by using Mbedtls to generate the public key from a private key created by Cy_Crypto_Core_ECC_MakeKeyPair().
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @DeanG ,
ECC in PSoC6 crypto driver uses all big integer values in LE format but openssl (and many other software) uses these values as octal string.
It’s expected because PSoC6 crypto driver uses MXCRYPTO hardware for acceleration that operates big integer values in LE format (as real integer numbers on our platform).
The same situation for RSA. Please look into PDL API reference manual for more information and code examples.
Warm Regards
Alen
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @DeanG ,
Can you also please let me know the PSoC 6 device you used for this verification purpose.
Will it also be possible for you to share the main.c file you used for verifying this?
Warm Regards
Alen
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @AlenAn14
We’re using PSoC6 device: CY8C6347FMI-BLD53 with CAT1 Peripheral library. The exact function is: Cy_Crypto_Core_ECC_MakeKeyPair(CRYPTO, CY_CRYPTO_ECC_ECP_SECP256R1, &cy_key, NULL, NULL);
An example of the public and private keys returned are:
ECC private key: 6baed21a32e25baa41709ed58481056f036ba6f118bf93dd6ef83865a0f1a82e
ECC public key: 4fd1313785282f0b33b22eeb1dc876cb9f2685576c9deaeba3aa7b384138b25e53721c524f95648c9f80968100860ec83eae19365b7f8c330b74326d00dfc36e
When I use the private key (above) in Openssl to generate the public key I get an incorrect public key (doesn’t match the public key from the PSOC6 device). But if I reverse the byte order of the private key I get the correct public key, however the X and Y are reversed. The attached program shows how I generate the public key using Openssl. Here’s the output:
private key: 6BAED21A32E25BAA41709ED58481056F036BA6F118BF93DD6EF83865A0F1A82E
--- public key ---
X: B91C524FD0BB26AD43B24A219DC11341A00AD834093FF31D3B1BAF2320C8D572
Y: 7ED8173928A021D8501A79F3223AFDB4B20A6A07D92279326DE19096EBF367F8
Reversed private key.
private key: 2EA8F1A06538F86EDD93BF18F1A66B036F058184D59E7041AA5BE2321AD2AE6B
--- public key ---
X: 5EB23841387BAAA3EBEA9D6C5785269FCB76C81DEB2EB2330B2F28853731D14F
Y: 6EC3DF006D32740B338C7F5B3619AE3EC80E86008196809F8C64954F521C7253
I’ve seen the same behavior when using the public key and signature when verifying a signature using Cy_Crypto_Core_ECC_MakeKeyPair()
Here’s my question: The ECC keys returned from the Cy_Crypto_Core_ECC_MakeKeyPair() are in Little Endian format. Is this expected when almost all crypto libraries return keys in Big Endian format.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @DeanG ,
ECC in PSoC6 crypto driver uses all big integer values in LE format but openssl (and many other software) uses these values as octal string.
It’s expected because PSoC6 crypto driver uses MXCRYPTO hardware for acceleration that operates big integer values in LE format (as real integer numbers on our platform).
The same situation for RSA. Please look into PDL API reference manual for more information and code examples.
Warm Regards
Alen