Arm Mbed OS support forum

Mbedtls_pk_decrypt returned -0x4080 - Can't find error code on pk.h (please help)

Hi everyone,

I’m still new to coding on micro-controllers so please excuse the lack of knowledge.

What I’m trying to do is:

1: With an already existing private key I would like to decrypt an encrypted message sent from an Android app. I have tried 512, 1024, and 2048 but with no luck (would ideally like to use 2048 key).

2: Thus only decryption on the device is needed and as soon as that is sorted, then I can integrate it with the rest of my app.

Note: The private key shown here will be replaced :wink: .

Device details:
ESP32 Pico Dev Kit

Code:

#include "mbedtls/pk.h"
#include "mbedtls/entropy.h"
#include "mbedtls/ctr_drbg.h"

void setup() {
  
}
Serial.begin(115200);

  unsigned char test_ca_cert[] =
    "-----BEGIN RSA PRIVATE KEY-----\n"
"MIICWgIBAAKBgHFSoEWWHHquN6L+sCH+WLDlaasOp4e+7aqoFwHTYy+RnbNBedv/\n"
"5/DzdhENTUouRYey9DE8Cf8SYUXx9iQSL+iHr4ueoi8+CxlK8/KqG2aMv6lThPv4\n"
"VKh2iEI9YFeYHpq2AkjoOg1wCvuSDQJnuG9xVqAvPbhQbV9uk/637JrDAgMBAAEC\n"
"gYBbZ+g6+M/T7L6XzJNJeB0V4pYPEezzw390zcxw/o7ciboIIuImIA53/gjXzEDx\n"
"es0+nYv2QpVVlv+7KWX+xmS5Og5cWcVoSgZkvlWle2ap5fot2HLx8tiSDQLAR8DT\n"
"ApaUpq2a7dvDeYswS4QgBFP9cumv3T1qtCBhvxNpoVvAUQJBAK6GSL4grwpe6sjJ\n"
"PaK6u9bbs0eAnwc9U2oppJLSQpiKd4yBs2VidRvzhrm0jtSy0/fpf4aXBhXuuaM/\n"
"ILJbc8cCQQCmOgPt/UhMoQodvCgZK1ncmno0MGbLA7lnHqfX5cqE2r1F8phXhlsA\n"
"rRIT4X7HQZxU+8rq2w6LS+BYqHrHhiklAkAHfFUEaqx3WmjhodgV8cJ6zcObzoWD\n"
"rvqz9ANOFNysZEwKZ8nFEHsLbt+ZeYgi0WTMHmTM5g9pw2qM+PkzDT8jAkABm6oS\n"
"EVMzupMYeouAwtSZt7za6GT2LdELWFaTVhvBcURHevNSVXBn70SvgIzzbIUQpWbv\n"
"IrNfUZqYAPk/GOMpAkACU8scIJHo5X6f4tr72SjVaX0DGEPu4D2h8o5hw2+kPgNl\n"
"8ft8gyCYvyjjD26H3WxYi/845hwQFAYVxL8Rac4e\n"
"-----END RSA PRIVATE KEY-----\n";

 int ret = NULL;
  mbedtls_pk_context pk;
  mbedtls_entropy_context entropy;
  mbedtls_entropy_init( &entropy );
  mbedtls_ctr_drbg_context ctr_drbg;

  unsigned char to_decrypt[] = "aIaLQvqpGr5NQ11kuSKDOC7z07AN1I8NBAhjsbKfGa8z/gf46LUxr55quDD3cEki3aaTyE88heJjBodgbb3I7GZLrDrMOfDCCw/nnjz1acyRzkfgkjnVfVL5H5Ch81peLYO8nzdWjerVUGNDYOyTv2ez1cuo1LDNb7rDtWx4EKM=";
  
  size_t olen = 0;
  
  unsigned char *result = NULL;
  
  mbedtls_pk_init( &pk );
   
  /*
   Read the RSA privatekey
  */
  if ( ( ret = mbedtls_pk_parse_key( &pk, test_ca_cert, sizeof(test_ca_cert), NULL, 0) ) != 0 )
  {
    printf( " failed\n  ! mbedtls_pk_parse_key returned -0x%04x\n", -ret );
  }else{
    printf("Success\n ! Size of test_ca_cert is: %d\n", sizeof(test_ca_cert));
  }

  if( ( ret = mbedtls_pk_decrypt( &pk, to_decrypt, sizeof(to_decrypt), result, &olen, sizeof(result)+1, mbedtls_ctr_drbg_random, &ctr_drbg ) ) != 0 )
  {
    printf( " failed\n  ! mbedtls_pk_decrypt returned -0x%04x\n", -ret );
  }else{
    printf("The decoded result: %d",result);
  }
}

void loop() {
  // put your main code here, to run repeatedly:

}

The serial output:

13:33:30.050 -> rst:0x1 (POWERON_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
13:33:30.050 -> configsip: 188777542, SPIWP:0xee
13:33:30.050 -> clk_drv:0x00,q_drv:0x00,d_drv:0x00,cs0_drv:0x00,hd_drv:0x00,wp_drv:0x00
13:33:30.050 -> mode:DIO, clock div:1
13:33:30.050 -> load:0x3fff0018,len:4
13:33:30.050 -> load:0x3fff001c,len:1044
13:33:30.050 -> load:0x40078000,len:10124
13:33:30.050 -> load:0x40080400,len:5856
13:33:30.050 -> entry 0x400806a8
13:33:30.190 -> Success
13:33:30.190 ->  ! Size of test_ca_cert is: 884
13:33:30.190 ->  failed
13:33:30.190 ->   ! mbedtls_pk_decrypt returned -0x4080

I would really appreciate it if someone could point out I’m doing wrong?
Thanks