Mbed forum

mbedTLS equivalent for Java's "RSA/ECB/OAEPWithSHA-256AndMGF1Padding"

(Matt Hu) #1

I have a server that sends down a key encrypted with “RSA/ECB/OAEPWithSHA-256AndMGF1Padding” (via Java).

I’m currently trying to convert my client application from Java to C++, but when decrypting the key mbedTLS returns back to me -0x4100 (MBEDTLS_ERR_RSA_INVALID_PADDING). I’ve tried using mbedtls_rsa_set_padding in conjunction with mbedtls_pk_decrypt, mbedtls_rsa_pkcs1_decrypt, and mbedtls_rsa_rsaes_oaep_decrypt all to no avail. Can someone help guide me in the right direction so I can successfully decrypt my key with mbedTLS?


(Ron Eldor) #2

Hi @matthu1
Thank you for your question!

According to this post, te MGF1 is instantiated with SHA1. and the SHA256 is only for the hashing of the label.

Assuming you have MBEDTLS_PKCS1_V21 defined, and set the padding to MBEDTLS_RSA_PKCS_V21, have you set the hash_id to MBEDTLS_MD_SHA1?

Mbed TLS Team member