ARMmbed

How to generate a RSA Private Key

Hi there,

I’m trying to port mbedTLS to my embedded system (TI CC3200) to generate an RSA private key.

Unfortunately this MCU doesn’t have an hardware RNG, so I found on github a library to generate random numbers.

I found this function into RSA module:
int mbedtls_rsa_gen_key( mbedtls_rsa_context *ctx,
int (*f_rng)(void *, unsigned char *, size_t),
void *p_rng,
unsigned int nbits, int exponent )

I also read the related documentation but I don’t understand the parameters meaning.
What are the meaning of the rng function parameters?

Could someone provide an example?

Thanks in advance for the help.

PS: please note that my application is not for commercial use, so I can use a weak random number generator.

Hi Federico,
There is no need for you to integrate a separate RNG library. Mbed TLS is supplied with a couple of DRBG modules - ctr_drbg and hmac_drbg.
The HW RNG is used for seeding these DRBG modules, but you can use other methods for seeding, such as NV seed.
I suggest you look at the following articles:

An example for RSA generation is here

The key pair is generated as a random vector, and several checks are done, to verify it holds the proper conditions for the keys. This is why a callback function for a f_rng is given as parameter.
The parameters for the f_rng function are : the drbg context (p_rng in this case), the output buffer for the random, and size of random to collect.

Regards,
Mbed TLS Team member
Ron

Hello Ron,

thanks a lot for the example.

I’ll let you know!

Best Regards,
Federico

Hi Ron,

I read the articles and I have some question.

First of all, I receive the error -52 as return of “mbedtls_ctr_drbg_seed”. I think that it is related to the random generator. Is it true?

I use this code to feed the random numbers generator:

mbedResult = mbedtls_ctr_drbg_seed( &MBEDTLS_CtrDrbg, mbedtls_entropy_func, &MBEDTLS_Entropy, (const unsigned char *)MBEDTLS_Pers, strlen(MBEDTLS_Pers) );
if( mbedResult != 0 )
{
	opResult = APP_FALSE;
	UART_PRINT( " failed\r\n  ! mbedtls_ctr_drbg_seed returned %d\r\n", mbedResult );
}

Should I define the literal MBEDTLS_HAVEGE_C? Because if I need the HAVEGE module I also need to develop the timing function.

Thanks for the help!

BR,
Federico

Hi Federico,
The error you are receiving is MBEDTLS_ERR_CTR_DRBG_ENTROPY_SOURCE_FAILED. It is received when your entropy function fails for some reson. You should verify you have at least one strong entropy source added to your entropy. HAVEGE is not a strong entropy source. Since you don’t have a HW RNG, and not a platform specific entropy, i am assuming you don’t have a strong entropy source, and this causes the entropy function to fail. Have you integrated the NV seed feature, as mentioned earlier?
Regards,
Mbed TLS Team member
Ron

Hi Ron,
thanks for the reply.

Regarding the question “Have you integrated the NV seed feature, as mentioned earlier?” Can you explain how is intended for NV seed feature?

Thanks for the help!

Hi Federico,
The NV seed featuer is used, when there is no other means of generating a strong seed.
You generate a random seed, offline, and write it to flash \ a file, that only Mbed TLS should read it \ write to it.

There are several ways to implement NV seed read \ write functions.
All of them should have MBEDTLS_ENTROPY_NV_SEED defined.

On your platform, you probably don’t have FS IO, so using the standard NV functionality will not work.

The simplest solution for you should be defining MBEDTLS_PLATFORM_NV_SEED_ALT , and implementing you won functions with the following signatures:

int (*)( unsigned char *buf, size_t buf_len );
int (*)( unsigned char *buf, size_t buf_len );

In your application, at startup, you should call: mbedtls_platform_set_nv_seed with these functions as parameters for the read \ write callbacks.

You could read about Mbed TLS abstraction layers which shows a general idea on the abstraction of Mbed TLS.
Regards,
Mbed TLS Team member
Ron

1 Like

Hi Ron,

thanks again for your help!

Due to time constrain, I decided to turn off the entropy source (this is a test project, not for production) and go away.

Now I can generate the private key! I followed your example.

I have another question :slight_smile:

I need to generate the CSR associated to the private key. How I can generate the CSR?
I found this example .

Before generate the CSR, the private key should be converted in a string or I can use the MPI structure?
Should I write the private key on a file in order to generate the CSR?

Thanks for your time!

Best Regards,
Federico

Hi Federico,
I am glad I could help!

Please try to post new questions in new topics next time, for the benefit of the community

To answer your question, yes that example shows how to generate a CSR.

mbedtls_x509write_csr_set_key() receives mbedtls_pk_context () as parameter, which is the parsed key. You can store the key in DER or PEM format in a file and parse it into the context, or use the context as is. If you need the key for future use, you can either store it, or generate a new key pair every time.

I hope this answers your question

Regards,
Mbed TLS Team member
Ron

1 Like

Thanks Ron for the help!

I’ll post a new help request into the forum.

BR,
Federico