ECDSA signing takes too much time

[aectaan]

Prerequisites

Can you reproduce the problem reliably? YES Did you check current release notes for known issues? YES If this is not the latest release, have you checked newer releases? YES Description: TIme to sign data depends on optiga_crypt_ecdsa_sign() calling frequency. If you call it relatively often (1 sec), time to sign increases every call, from 75ms to 5 sec with step of ~40ms. If you call this function every 10 sec, time to sign decreases with the same step. Digest is fixed. PAL implementation attached.

Steps to Reproduce: main.c

K_SEM_DEFINE(se_sem, 0, 1);
uint8_t data[32] = {0};
uint8_t signature[80];
uint16_t sig_len = sizeof(signature);

static void optiga_lib_callback(void *context, optiga_lib_status_t return_status)
{
    LOG_DBG("callback status 0x%X", return_status);
    cb_status = return_status;
    k_sem_give(&se_sem);
}

int secure_element_sign_data(const uint8_t *data, uint8_t data_len, uint8_t *signature,
                 uint16_t *signature_len)
{
    int err = 0;

    uint64_t now = k_uptime_get();
    err = optiga_crypt_ecdsa_sign(crypt_h, data, data_len, OPTIGA_KEY_ID_E0F0, signature,
                      signature_len);
    k_sem_take(&se_sem, K_FOREVER);
    uint64_t signing_time = k_uptime_delta(&now);

    LOG_INF("sign duration %lld", signing_time);
    if (err != 0) {
        LOG_ERR("Failed to sign data (%d)", err);
        return err;
    }
    return err;
}

while (1) {
        secure_element_sign_data(data, sizeof(data), signature, &sig_len);
        k_sleep(K_SECONDS(10));
}

Expected Result: sign duration is constant and is around 80msec. Actual Result:

# Sign data every 1 sec
[00:00:11.817,108] <inf> optiga: sign duration 76
[00:00:12.899,536] <inf> optiga: sign duration 82
[00:00:13.982,116] <inf> optiga: sign duration 83
[00:00:15.058,746] <inf> optiga: sign duration 76
[00:00:16.141,662] <inf> optiga: sign duration 83
[00:00:17.217,987] <inf> optiga: sign duration 76
[00:00:18.296,020] <inf> optiga: sign duration 78
[00:00:19.374,176] <inf> optiga: sign duration 78
[00:00:20.450,866] <inf> optiga: sign duration 76
[00:00:21.528,167] <inf> optiga: sign duration 78
[00:00:22.642,547] <inf> optiga: sign duration 114
[00:00:23.761,901] <inf> optiga: sign duration 119
[00:00:24.919,830] <inf> optiga: sign duration 157
[00:00:26.111,083] <inf> optiga: sign duration 192
[00:00:27.347,076] <inf> optiga: sign duration 236
[00:00:28.627,227] <inf> optiga: sign duration 280
[00:00:29.901,000] <inf> optiga: sign duration 274
[00:00:31.216,674] <inf> optiga: sign duration 315
[00:00:32.566,223] <inf> optiga: sign duration 350
[00:00:33.914,398] <inf> optiga: sign duration 348
[00:00:35.307,830] <inf> optiga: sign duration 393
[00:00:36.737,304] <inf> optiga: sign duration 430
[00:00:38.203,125] <inf> optiga: sign duration 466
[00:00:39.669,372] <inf> optiga: sign duration 466
[00:00:41.178,344] <inf> optiga: sign duration 509
[00:00:42.724,151] <inf> optiga: sign duration 546
[00:00:44.271,087] <inf> optiga: sign duration 547
[00:00:45.854,522] <inf> optiga: sign duration 583
[00:00:47.480,926] <inf> optiga: sign duration 626
[00:00:49.104,644] <inf> optiga: sign duration 623
[00:00:50.766,815] <inf> optiga: sign duration 662
[00:00:52.468,627] <inf> optiga: sign duration 702
[00:00:54.172,119] <inf> optiga: sign duration 704
[00:00:55.916,107] <inf> optiga: sign duration 744
[00:00:57.696,777] <inf> optiga: sign duration 780
[00:00:59.476,715] <inf> optiga: sign duration 780
[00:01:01.295,440] <inf> optiga: sign duration 819
[00:01:03.155,975] <inf> optiga: sign duration 860
[00:01:05.013,824] <inf> optiga: sign duration 857
[00:01:06.911,987] <inf> optiga: sign duration 898
[00:01:08.852,844] <inf> optiga: sign duration 940
[00:01:10.789,581] <inf> optiga: sign duration 937
[00:01:12.762,115] <inf> optiga: sign duration 973
[00:01:14.734,558] <inf> optiga: sign duration 972
[00:01:16.750,213] <inf> optiga: sign duration 1016
[00:01:18.814,819] <inf> optiga: sign duration 1064
[00:01:20.866,943] <inf> optiga: sign duration 1052
[00:01:22.962,432] <inf> optiga: sign duration 1095
[00:01:25.051,727] <inf> optiga: sign duration 1089
[00:01:27.179,046] <inf> optiga: sign duration 1128
[00:01:29.305,572] <inf> optiga: sign duration 1126
[00:01:31.475,799] <inf> optiga: sign duration 1170
[00:01:33.687,957] <inf> optiga: sign duration 1212
[00:01:35.894,805] <inf> optiga: sign duration 1206
[00:01:38.147,583] <inf> optiga: sign duration 1253
[00:01:40.394,622] <inf> optiga: sign duration 1247
[00:01:42.681,091] <inf> optiga: sign duration 1287
[00:01:44.967,956] <inf> optiga: sign duration 1286
[00:01:47.292,877] <inf> optiga: sign duration 1324
[00:01:49.617,004] <inf> optiga: sign duration 1325
[00:01:51.982,208] <inf> optiga: sign duration 1365
[00:01:54.393,585] <inf> optiga: sign duration 1411
[00:01:56.796,661] <inf> optiga: sign duration 1403
[00:01:59.249,298] <inf> optiga: sign duration 1453
[00:02:01.691,009] <inf> optiga: sign duration 1442
[00:02:04.181,457] <inf> optiga: sign duration 1490
[00:02:06.666,229] <inf> optiga: sign duration 1485
[00:02:09.192,626] <inf> optiga: sign duration 1526
[00:02:11.709,533] <inf> optiga: sign duration 1517
[00:02:14.273,681] <inf> optiga: sign duration 1564
[00:02:16.833,801] <inf> optiga: sign duration 1560
[00:02:19.441,223] <inf> optiga: sign duration 1608
[00:02:22.037,994] <inf> optiga: sign duration 1596
[00:02:24.636,413] <inf> optiga: sign duration 1598
[00:02:27.274,719] <inf> optiga: sign duration 1638
[00:02:29.913,604] <inf> optiga: sign duration 1639
[00:02:32.587,615] <inf> optiga: sign duration 1674
[00:02:35.265,777] <inf> optiga: sign duration 1678
[00:02:37.987,182] <inf> optiga: sign duration 1722
[00:02:40.705,322] <inf> optiga: sign duration 1718
[00:02:43.470,092] <inf> optiga: sign duration 1765
[00:02:46.221,679] <inf> optiga: sign duration 1751
[00:02:49.024,230] <inf> optiga: sign duration 1803
[00:02:51.817,932] <inf> optiga: sign duration 1793
[00:02:54.610,382] <inf> optiga: sign duration 1792
[00:02:57.441,680] <inf> optiga: sign duration 1831
[00:03:00.272,155] <inf> optiga: sign duration 1831
[00:03:03.154,113] <inf> optiga: sign duration 1882
[00:03:06.028,198] <inf> optiga: sign duration 1874
[00:03:08.948,425] <inf> optiga: sign duration 1920
[00:03:11.858,276] <inf> optiga: sign duration 1910
[00:03:14.762,786] <inf> optiga: sign duration 1904
[00:03:17.717,315] <inf> optiga: sign duration 1955
[00:03:20.666,656] <inf> optiga: sign duration 1949
[00:03:23.664,154] <inf> optiga: sign duration 1998
[00:03:26.654,754] <inf> optiga: sign duration 1990
[00:03:29.645,324] <inf> optiga: sign duration 1991
[00:03:32.681,427] <inf> optiga: sign duration 2036
[00:03:35.710,601] <inf> optiga: sign duration 2029
[00:03:38.783,355] <inf> optiga: sign duration 2073
[00:03:41.847,442] <inf> optiga: sign duration 2064
[00:03:44.910,247] <inf> optiga: sign duration 2063
# Sign data every 10 sec
[00:00:20.802,154] <inf> optiga: sign duration 1718
[00:00:32.479,370] <inf> optiga: sign duration 1677
[00:00:44.129,455] <inf> optiga: sign duration 1650
[00:00:55.690,124] <inf> optiga: sign duration 1561
[00:01:07.211,273] <inf> optiga: sign duration 1521
[00:01:18.696,228] <inf> optiga: sign duration 1485
[00:01:30.099,914] <inf> optiga: sign duration 1403
[00:01:41.467,254] <inf> optiga: sign duration 1367
[00:01:52.797,088] <inf> optiga: sign duration 1330
[00:02:04.093,109] <inf> optiga: sign duration 1296
[00:02:15.301,025] <inf> optiga: sign duration 1208
[00:02:26.469,207] <inf> optiga: sign duration 1168
[00:02:37.602,844] <inf> optiga: sign duration 1133
[00:02:48.705,169] <inf> optiga: sign duration 1103
[00:02:59.720,550] <inf> optiga: sign duration 1015
[00:03:10.697,570] <inf> optiga: sign duration 977
[00:03:21.637,451] <inf> optiga: sign duration 940
[00:03:32.534,942] <inf> optiga: sign duration 897
[00:03:43.402,435] <inf> optiga: sign duration 867
[00:03:54.183,685] <inf> optiga: sign duration 781
[00:04:04.927,124] <inf> optiga: sign duration 744
[00:04:15.627,685] <inf> optiga: sign duration 700
[00:04:26.291,137] <inf> optiga: sign duration 664
[00:04:36.917,541] <inf> optiga: sign duration 626
[00:04:47.501,251] <inf> optiga: sign duration 584
[00:04:58.054,748] <inf> optiga: sign duration 553
[00:05:08.525,543] <inf> optiga: sign duration 471
[00:05:18.954,528] <inf> optiga: sign duration 429
[00:05:29.345,275] <inf> optiga: sign duration 391
[00:05:39.693,878] <inf> optiga: sign duration 348
[00:05:50.005,737] <inf> optiga: sign duration 312
[00:06:00.279,724] <inf> optiga: sign duration 274
[00:06:10.516,601] <inf> optiga: sign duration 237
[00:06:20.710,449] <inf> optiga: sign duration 194
[00:06:30.865,600] <inf> optiga: sign duration 155
[00:06:40.985,809] <inf> optiga: sign duration 120
[00:06:51.068,817] <inf> optiga: sign duration 83
[00:07:01.144,989] <inf> optiga: sign duration 76
[00:07:11.226,806] <inf> optiga: sign duration 81

Frequency (1/1, 1/50, 1/100): 1/1 Build/Commit: f64c42da2cc5ac59825bb995df4f0499557a1708 Target: SoC: nRF52840, OS: Zephyr v3.0.0. Host OS and Version: Linux egor-WRT-WX9 5.15.0-41-generic #44-Ubuntu SMP Wed Jun 22 14:20:53 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux Compiler: arm-zephyr-eabi, SDK v0.14.2

PAL.zip

[ayushev]

Hello @aectaan this is an expected behavior as the Security Monitor is in play here. For customized samples that behavior can be changed (relaxed)

[aectaan]

WOW! Thank you so much for lighting fast response. Will check it now.

[ayushev]

can we close the issue?