Crypto: RSA

The RSA sample shows how to perform singing and verification of a sample plaintext using a 1024-bit key.

Requirements

The sample supports the following development kits:

Hardware platforms

PCA

Board name

Build target

nRF9161 DK

PCA10153

nrf9161dk_nrf9161

nrf9161dk_nrf9161_ns nrf9161dk_nrf9161

nRF9160 DK

PCA10090

nrf9160dk_nrf9160

nrf9160dk_nrf9160_ns nrf9160dk_nrf9160

nRF54L15 PDK

nrf54l15pdk_nrf54l15_cpuapp

nrf54l15pdk_nrf54l15_cpuapp_ns nrf54l15pdk_nrf54l15_cpuapp

nRF5340 DK

PCA10095

nrf5340dk_nrf5340

nrf5340dk_nrf5340_cpuapp_ns nrf5340dk_nrf5340_cpuapp

nRF52840 DK

PCA10056

nrf52840dk_nrf52840

nrf52840dk_nrf52840

When built for an _ns build target, the sample is configured to compile and run as a non-secure application with Cortex-M Security Extensions enabled. Therefore, it automatically includes Trusted Firmware-M that prepares the required peripherals and secure services to be available for the application.

Overview

The sample performs the following operations:

  1. Initialization:

    1. The Platform Security Architecture (PSA) API is initialized.

    2. An RSA key pair is imported into the PSA crypto keystore.

    3. The public key is imported into the PSA crypto keystore.

      Note

      The keys used in the sample are for demonstration purposes only and must never be used in a product.

  2. RSA signing and verification:

    1. Signing is performed using the RSA private key.

    2. The signature is verified using the public key.

  3. Cleanup:

    1. The RSA key pair and public key are removed from the PSA crypto keystore.

Building and running

This sample can be found under samples/crypto/rsa in the nRF Connect SDK folder structure.

When built as firmware image for the _ns build target, the sample has Cortex-M Security Extensions (CMSE) enabled and separates the firmware between Non-Secure Processing Environment (NSPE) and Secure Processing Environment (SPE). Because of this, it automatically includes the Trusted Firmware-M (TF-M). To read more about CMSE, see Processing environments.

To build the sample with Visual Studio Code, follow the steps listed on the How to build an application page in the nRF Connect for VS Code extension documentation. See Configuring and building an application for other building scenarios, Programming an application for programming steps, and Testing and optimization for general information about testing and debugging in the nRF Connect SDK.

Testing

After programming the sample to your development kit, complete the following steps to test it:

  1. Connect to the kit with a terminal emulator (for example, nRF Connect Serial Terminal). See Testing and optimization for the required settings and steps.

  2. Compile and program the application.

  3. Observe the logs from the application using a terminal emulator.