ESP32 Forum

On the ESP32-C3 I'd like to use a private RSA key stored on the device to decrypt data. While I could store the private key in encrypted NVS, I thought it would be nice to use the DS peripheral instead. Ideally the private key would then never need to be seen by the application code.

I followed https://docs.espressif.com/projects/esp ... ls/ds.html to configure the DS peripheral but I've only found docs and code using that for signatures rather than decryption.

I realize mbedtls itself has mbedtls_pk_decrypt https://tls.mbed.org/kb/how-to/encrypt- ... t-with-rsa but I don't see a way to connect that to the DS peripheral to get the private key. Have I missed something or is that not connected? While not ideal, is it possible to load the decrypted rsa pk from the DS peripheral in application code?

Hi @schickb have you tried the ssl_ds example (https://github.com/espressif/esp-idf/tr ... qtt/ssl_ds)
The example contains a script which configures the DS peripheral for encrypting an RSA private key.
The example README explains about the RSA private key encryption in detail.
Currently the partition in which the encrypted private key is stored is of type NVS but it is possible to store it directly onto the flash as well.

About your question-
> While not ideal, is it possible to load the decrypted rsa pk from the DS peripheral in application code?
No, this is not possible. This contradicts the main aim of the DS peripheral that the RSA private key once encrypted, cannot be decrypted by the software and It can only be decrypted by the DS peripheral at the hardware level to perform sign operation.

The encrypted RSA private key can only be used for signing operation with the respective API's provided.
The esp-tls abstraction layer takes care of all of the additional conversions required to sign the data and feed it to mbedtls. As shown in the example the user only needs to enable the DS peripheral usage in the esp-tls config and provide the appropriate ds_data for a successful DS signature operation.