Reputation: 21
How to properly parametrize a SECP256K1 curve using the SE051 IoT SDK?
in order to use an elliptic curve such as the SECP256K1 curve (used by Bitcoin or Ethereum) in a SE051 IoT secure element(NXP) , it is required to firstly create that curve and to parametrize it using the function SetECCurveParam
NXP documentation doesn't say much about the parametrization in itself, only that all the parameters from the curve must be set one after the others (apparently without a precise order) and once the last parameter is received, the card will return the final status: Ok (0x9000) if all the parameters are valid, or an error message otherwise (something else than 0x9000)
The five parameters are defined as such:
CURVE_PARAM_A 0x01
CURVE_PARAM_B 0x02
CURVE_PARAM_G 0x04
CURVE_PARAM_N 0x08
CURVE_PARAM_PRIME 0x10
This should be explicit enough: A is the 'A' parameter in the reduced Weierstrass form of the curve (y^2 = x^3 + Ax + B) B is the 'B' parameter in the reduced Weierstrass form of the curve (y^2 = x^3 + Ax + B) G is the base point of the curve N is the order of the base point PRIME is the order of F_p on which the curve is based
I end with this
byte PRIME[]={ 0xFF,0xFF,0xFF,0xFF ,0xFF,0xFF,0xFF,0xFF ,0xFF,0xFF,0xFF,0xFF ,0xFF,0xFF,0xFF,0xFF ,0xFF,0xFF,0xFF,0xFF ,0xFF,0xFF,0xFF,0xFF ,0xFF,0xFF,0xFF,0xFE ,0xFF,0xFF,0xFC,0x2F};
byte A[] ={0x00,0x00,0x00,0x00 ,0x00,0x00,0x00,0x00 ,0x00,0x00,0x00,0x00 ,0x00,0x00,0x00,0x00 ,0x00,0x00,0x00,0x00 ,0x00,0x00,0x00,0x00 ,0x00,0x00,0x00,0x00 ,0x00,0x00,0x00,0x00};
byte B[] ={0x00,0x00,0x00,0x00 ,0x00,0x00,0x00,0x00 ,0x00,0x00,0x00,0x00 ,0x00,0x00,0x00,0x00 ,0x00,0x00,0x00,0x00 ,0x00,0x00,0x00,0x00 ,0x00,0x00,0x00,0x00 ,0x00,0x00,0x00,0x07};
//uncompressed
byte G[]={0x04 ,0x79,0xBE,0x66,0x7E ,0xF9,0xDC,0xBB,0xAC ,0x55,0xA0,0x62,0x95 ,0xCE,0x87,0x0B,0x07 ,0x02,0x9B,0xFC,0xDB ,0x2D,0xCE,0x28,0xD9 ,0x59,0xF2,0x81,0x5B ,0x16,0xF8,0x17,0x98 ,0x48,0x3A,0xDA,0x77 ,0x26,0xA3,0xC4,0x65 ,0x5D,0xA4,0xFB,0xFC ,0x0E,0x11,0x08,0xA8 ,0xFD,0x17,0xB4,0x48 ,0xA6,0x85,0x54,0x19 ,0x9C,0x47,0xD0,0x8F ,0xFB,0x10,0xD4,0xB8};
//compressed
//byte G[]={0x02 ,0x79,0xBE,0x66,0x7E ,0xF9,0xDC,0xBB,0xAC ,0x55,0xA0,0x62,0x95 ,0xCE,0x87,0x0B,0x07 ,0x02,0x9B,0xFC,0xDB ,0x2D,0xCE,0x28,0xD9 ,0x59,0xF2,0x81,0x5B ,0x16,0xF8,0x17,0x98};
byte n[] = {0xFF,0xFF,0xFF,0xFF ,0xFF,0xFF,0xFF,0xFF ,0xFF,0xFF,0xFF,0xFF ,0xFF,0xFF,0xFF,0xFE ,0xBA,0xAE,0xDC,0xE6 ,0xAF,0x48,0xA0,0x3B ,0xBFD,0x25,0xE8,0xC ,0xD0,0x36,0x41,0x41};
for these values (G compressed or uncompressed) I receive '0x6985' after the last parameter, indicating something is wrong. However, the parameters for SECP256K1 are well-known and after checking again and again I cannot see the reason for the error. It is also not an endianness issue.
Does someone have experienced a similar issue with the SE051 and what can be wrong there?
Upvotes: 1
Views: 112
Answers (1)
Related Questions
- How to sign a data using ECDSA private key with the P-256 (secp256k1) curve in Android Kotlin?
- Does Google Cloud Platform KMS support RFC6979 signature generation using secp256k1
- How to determine whether base point of secp256k1 (G) lies on curve?
- Point Doubling (P -> 2P) The Base Point of the Secp256k1 Elliptic Curve
- SECP256K1 Verify using SawTooth Swift
- Digitally sign a hex string in command line using elliptic curve secp256k1