Mpi_read_string Issue

LeMoussel · December 10, 2018, 2:17pm

Hi,

I’m trying to use mbedtls_rsa_rsassa_pkcs1_v15_sign API.

In a first one, I used a file for RSA configuration with the following information:

N = a9fe737c85c64f5a14f0644678868cd36c309e7b24ad3bcedcc889efeb268f7059d58a634c733fd462705a90bce357d144677049383ad717eefefb30a2094ac76a39915a8f0791dd4c746ab33a372c967ec8f7f7a8d4690e9d9dac0a554d5dcee468844dbb01908180f2dced4cca5a96c80edfff3a4e76be547542c1cccd84bb8b2a45bd1d98cc2aa6339a3cdc98c61e5ec437d7be3252d2dcf2a3982b68f029a8e0afcf0e5cae1b1aead8a724a5aa617b2e7d63b3d4e570d5d48d51b2e414f2f4042aa8bd2b6063527808da5dc6a81d92926642e8a943b22fd19d95c23cc150341e2a9cb2a5c0034bf05bec3637bf88c1f2047144e1f6f87c0b3c07a0aeeb2dd2541a17f9b3cfe59a0dc067c71e4d44ef1341b30306faf742ef8d305896b23685ecc247c39a0b8a74f156939a7edc0696b6b2e475ba717a2cda5b736b61390b907fc1f2d9aa3f3f9e3938165d6974a267f6c17e5d68133308b5a7e4fd3b071d87192e05d63123c0cfc926460c17790f4724ff5bc33f45a4257ee778b1de9e44ad18e01df8eb8883c83ad40aaa93679de712d2c40b01a83c4584334a732791b0c0c7c147174c9baf39f854d837dcd24c801789ede421418cf733256afe298c227b5a2c809be4146d13623adba55df4bcc34698a71973d68b75217818d08f8f2418c3838dc724c9b3f3f1912458d9bfe2485f9830c93464281e710edce44c6d95
E = 010001
D = 21dc10a93a251aaba4f58fe7987ca662bb4f40d5e2e38d80e1e9a0cdf4aee8cdb65b0a1646c542eebd0fc77e425d5f21cbe7f58de40116544a52a7fa53201a30b7b8113b72374e06c00285393f4c7b995b5610cc17e8fd26ffde86c4c522649fbfcf90a0c1f1a9149e78616873cdef76ce90e5ed7ab1e3c57be1a2632335c16d30a6421f4ddca03813843e41c6a7b87896a42b4251fc48927f17665dfa318bfaa44c62c0518a44d499cb32cdb2073c756fb97e18c49a507c25df5129b781e6295150de255f8e9b03958adaaa9218ae663b8a650b8937a3c8036dd35f5fc1c5b881b50b844c32271990ffe673598647a4880afa770c431cf3f8132dc910289f279d6e687e261b2058a620dc4dfb9f289866cfaeab4b029a125913db4367dc7d9f4eb26843d2b44047656116ce359840043f9f3a1984c91b442e1aca63b4a03c73479e5a6877d12e7da28e3abf771f2f5b4b6b96a0c66983fa458bf79df1c41e8f704fffc0b8912fa065a4f4128365cfa1a55730e73833c309cffbe011ae5e420108508edd01e24f0e093d87efe91a8be62062a5bd54e00272ac742ffdaf8e852cdab769347198d14526b9d2629bff921a3b835977a791cedda68d8479d552276a16a7e052a5fdaa3f618302c432f5420c45ab2452a0703cb90d6b35964ac9d43fa2b6ffb86ad2f7843279add2744bfd26a9fb12baf3813111df926216690fd999
P = c8ec1b3955b689c6b2c7d40439b883e808ae604681cab7272322fc9efac0a94819887ba8a50fb0d6a880a003da5ba7c396b7693ba6e8d4a3a72ac8e485877f9dab82e8e11a1f570fb5baeabaae6970a197333b23fa8a2e5d72d8c39fe73733566be712baa69a36b52ffec3e18aece7dad63f01496ab275fa87bdca0c6c0d5f809c1e6a80761ba81cf64b85986f0d9864a3f5a583626b6d1e66eac9d5b6d1a173080a78c91ac0bb42806af24d5fa43b9e7b8a5d52b9599611a8dca7e114e41e5b85afe1cebad755724a36c496d89808a31bf855c268a24d601fc1fc9be1e9bf9888ab7f9295b0cc94fe36b58cec22c20e77242ec363b934da2f63aab0f4a4c819
Q = d897ec08309ef5a6853a054c56c850628e03b29176ac03500a5724077f48f8c04aa2f6c1576bdd350d958b56627fe77a999902c795c5aedfeb23e1c218f92296d8a50c4719dd330e7c1e97ed0de9186efee6c669311f429fcf9a799dafd818fe92fcb93cf8a6899feb3f67b8fc4272bd5a376110e340333b70a01067a68e4a41dc752d963d7c2c13180dabc1efc672b08bf81d2fbdda79ff18b706a5b7fb9d49c016a0e8437c2065aa33bea85a1b8857c8f38b92c998e73ba3c7d8fbdf014673b1a3b3ec5bc7cd9088332daef9be1522d790d26c2f35e9a69b5afb428fd5b9a15c888440049479148be67f29441ee5cf7b0bc09e4c1b3b02d47093ab4d9f30dd
DP = 3365daccfef53427854283251592f3035f7d2419c54813344ad3bf65f7e5632893878b82a7beecd0ecc802a719abcaadc917602f2752765aeaff91e68b960efa498eb27e2b0d8b5af4753d68c607290ddd3cf8cb0a6360dafcef2093fe34ebc816d044c544ab3c857b22a3ff4567b7240f1c8cfab7f5b12286a8f14fde304996ffd8f40baaab06856a2805a3e9fcc358336d3a8af299628f9d6a4079904bee0e1c2779a0905c6f4ae2c8f8f4fc1b6a38ef8784ba0dba321e9060e9fd3537e9e025c1c974f5ecf1e9cbbc58ebf1ba6ab3370b7efcbd818f63a09c223fca39de8e699fdd81a51356326319a1b5cc0e54301920436a2e4f898aab06c6fa7f8acbb9
DQ = a820859f75de6e60ec59b573248a299bd71117b3c2a2938fb5f71e88934d598a2a6585955efee39f23044a3cac090cee25fc9823c526c6301a9ea7c7bb0ae8c69f34beeb12309a494c1f935ef7c550aa18439b105c891f765df8531f0c387a6e623abaaf9173f4b0a633799826788e085dd74f0984dd78e752ed6cce88833b3114a800d2f6b7449f2db4aef6c3e10f75ebb0953751f01d72df0473ac7fbc58c3becfd1e7793b090ae1ab78fbc5b649879afd3202a76a8153d23677404c42f9252567256afb7385260413760ab4e1d01653ae9f284b1d5659758e922b80eb2e450b470d21846c9bf04f0884fccb5c109795b3f1b8eeead44bc60bfd14a4144621
QP = c48c47d5b3321a940117674c2c1730b2530d25a287afd12a56e011bf38219d6a537048c6618d19d4d4a3ff39ae20509fa0c28ba96066ad981c93b8c46ce661eff96375e44d94580d7a6e5f607509909b9c5b7639a3e244e835edd8253eceef34de1680dd65a11808352ad2b9f41ff2e890334575de4d0e8e4278fa51991b03800fa41ba2269e66247f86f5badc1cf92cd555877c3b8798cf6201d2bab3a05af5d14803d80e1b10589437a61e63fbbb4962f07cfb182104575840f6962161b92b15b6d3806e26fc9714318cd9c87f67128eef2dad839da3e486eae2555a7974fca9651fdc28f50cdbcc2adc7ac50f24a4b7a42e2a2003b38a188811461de542e5

And this C code :
mbedtls_rsa_init(&rsa, MBEDTLS_RSA_PKCS_V15, 0);
mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q); mbedtls_mpi_init(&D); mbedtls_mpi_init(&E);

	if ((f = fopen("rsa_priv.txt", "rb")) == NULL) goto cleanup;
	if ((ret = mbedtls_mpi_read_file(&N, 16, f)) != 0 ||
		(ret = mbedtls_mpi_read_file(&E, 16, f)) != 0 ||
		(ret = mbedtls_mpi_read_file(&D, 16, f)) != 0 ||
		(ret = mbedtls_mpi_read_file(&P, 16, f)) != 0 ||
		(ret = mbedtls_mpi_read_file(&Q, 16, f)) != 0 )
	{
		fclose(f);
		goto cleanup;
	}
	fclose(f);

	if ((ret = mbedtls_rsa_import(&rsa, &N, &P, &Q, &D, &E)) != 0) goto cleanup;
	if ((ret = mbedtls_rsa_complete(&rsa)) != 0) goto cleanup;
	if ((ret = mbedtls_rsa_check_privkey(&rsa)) != 0) goto cleanup;

	if ((ret = mbedtls_rsa_rsassa_pkcs1_v15_sign(&rsa, NULL, NULL, MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_SHA1, 20, sha1sum, buf)) != 0) goto cleanup;

It’S OK.

However, I don’t want to use a file, so I want to store RSA information in character strings
I do this :

    	const char *modulus_N = "a9fe737c85c64f5a14f0644678868cd36c309e7b24ad3bcedcc889efeb268f7059d58a634c733fd462705a90bce357d144677049383ad717eefefb30a2094ac76a39915a8f0791dd4c746ab33a372c967ec8f7f7a8d4690e9d9dac0a554d5dcee468844dbb01908180f2dced4cca5a96c80edfff3a4e76be547542c1cccd84bb8b2a45bd1d98cc2aa6339a3cdc98c61e5ec437d7be3252d2dcf2a3982b68f029a8e0afcf0e5cae1b1aead8a724a5aa617b2e7d63b3d4e570d5d48d51b2e414f2f4042aa8bd2b6063527808da5dc6a81d92926642e8a943b22fd19d95c23cc150341e2a9cb2a5c0034bf05bec3637bf88c1f2047144e1f6f87c0b3c07a0aeeb2dd2541a17f9b3cfe59a0dc067c71e4d44ef1341b30306faf742ef8d305896b23685ecc247c39a0b8a74f156939a7edc0696b6b2e475ba717a2cda5b736b61390b907fc1f2d9aa3f3f9e3938165d6974a267f6c17e5d68133308b5a7e4fd3b071d87192e05d63123c0cfc926460c17790f4724ff5bc33f45a4257ee778b1de9e44ad18e01df8eb8883c83ad40aaa93679de712d2c40b01a83c4584334a732791b0c0c7c147174c9baf39f854d837dcd24c801789ede421418cf733256afe298c227b5a2c809be4146d13623adba55df4bcc34698a71973d68b75217818d08f8f2418c3838dc724c9b3f3f1912458d9bfe2485f9830c93464281e710edce44c6d95";
    	const char *publicExponent_E = "010001";
    	const char *privateExponent_D = "58955221dc10a93a251aaba4f58fe7987ca662bb4f40d5e2e38d80e1e9a0cdf4aee8cdb65b0a1646c542eebd0fc77e425d5f21cbe7f58de40116544a52a7fa53201a30b7b8113b72374e06c00285393f4c7b995b5610cc17e8fd26ffde86c4c522649fbfcf90a0c1f1a9149e78616873cdef76ce90e5ed7ab1e3c57be1a2632335c16d30a6421f4ddca03813843e41c6a7b87896a42b4251fc48927f17665dfa318bfaa44c62c0518a44d499cb32cdb2073c756fb97e18c49a507c25df5129b781e6295150de255f8e9b03958adaaa9218ae663b8a650b8937a3c8036dd35f5fc1c5b881b50b844c32271990ffe673598647a4880afa770c431cf3f8132dc910289f279d6e687e261b2058a620dc4dfb9f289866cfaeab4b029a125913db4367dc7d9f4eb26843d2b44047656116ce359840043f9f3a1984c91b442e1aca63b4a03c73479e5a6877d12e7da28e3abf771f2f5b4b6b96a0c66983fa458bf79df1c41e8f704fffc0b8912fa065a4f4128365cfa1a55730e73833c309cffbe011ae5e420108508edd01e24f0e093d87efe91a8be62062a5bd54e00272ac742ffdaf8e852cdab769347198d14526b9d2629bff921a3b835977a791cedda68d8479d552276a16a7e052a5fdaa3f618302c432f5420c45ab2452a0703cb90d6b35964ac9d43fa2b6ffb86ad2f7843279add2744bfd26a9fb12baf3813111df926216690fd999";
    	const char *prime1_P = "c8ec1b3955b689c6b2c7d40439b883e808ae604681cab7272322fc9efac0a94819887ba8a50fb0d6a880a003da5ba7c396b7693ba6e8d4a3a72ac8e485877f9dab82e8e11a1f570fb5baeabaae6970a197333b23fa8a2e5d72d8c39fe73733566be712baa69a36b52ffec3e18aece7dad63f01496ab275fa87bdca0c6c0d5f809c1e6a80761ba81cf64b85986f0d9864a3f5a583626b6d1e66eac9d5b6d1a173080a78c91ac0bb42806af24d5fa43b9e7b8a5d52b9599611a8dca7e114e41e5b85afe1cebad755724a36c496d89808a31bf855c268a24d601fc1fc9be1e9bf9888ab7f9295b0cc94fe36b58cec22c20e77242ec363b934da2f63aab0f4a4c819";
    	const char *prime2_Q = "d897ec08309ef5a6853a054c56c850628e03b29176ac03500a5724077f48f8c04aa2f6c1576bdd350d958b56627fe77a999902c795c5aedfeb23e1c218f92296d8a50c4719dd330e7c1e97ed0de9186efee6c669311f429fcf9a799dafd818fe92fcb93cf8a6899feb3f67b8fc4272bd5a376110e340333b70a01067a68e4a41dc752d963d7c2c13180dabc1efc672b08bf81d2fbdda79ff18b706a5b7fb9d49c016a0e8437c2065aa33bea85a1b8857c8f38b92c998e73ba3c7d8fbdf014673b1a3b3ec5bc7cd9088332daef9be1522d790d26c2f35e9a69b5afb428fd5b9a15c888440049479148be67f29441ee5cf7b0bc09e4c1b3b02d47093ab4d9f30dd";

    	mbedtls_rsa_init(&rsa, MBEDTLS_RSA_PKCS_V15, 0);
    	mbedtls_mpi_init(&N); mbedtls_mpi_init(&P); mbedtls_mpi_init(&Q); mbedtls_mpi_init(&D); mbedtls_mpi_init(&E); 

    	MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&N, 16, modulus_N));
    	MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&E, 16, publicExponent_E));
    	MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&D, 16, privateExponent_D));
    	MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&P, 16, prime1_P));
    	MBEDTLS_MPI_CHK(mbedtls_mpi_read_string(&Q, 16, prime2_Q));

    	if ((ret = mbedtls_rsa_import(&rsa, &N, &P, &Q, &D, &E)) != 0) goto cleanup;
    	if ((ret = mbedtls_rsa_complete(&rsa)) != 0) goto cleanup;
    	// RSA Check is invalid !
    	if ((ret = mbedtls_rsa_check_privkey(&rsa)) != 0) goto cleanup;

    	if ((ret = mbedtls_rsa_rsassa_pkcs1_v15_sign(&rsa, NULL, NULL, MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_SHA1, 20, sha1sum, buf)) != 0) goto cleanup;

But mbedtls_rsa_check_privkey is invalid with return code != 0
I don’t see why the RSA check is invalid.

Any suggestion ?

Thanks!

Regards,

roneld01 · December 11, 2018, 2:35pm

Hi @LeMoussel
You have a typo in you privateExponent_D as it is not same as D in your file.
privateExponent_D is too big, and this is why your private jey check is failing.
Regards,
Mbed TLS TEam member
Ron

LeMoussel · January 9, 2019, 12:28pm

Thank you for your help.

Topic		Replies	Views
RSA-512 Encryption Problem on ESP32 (RSA - Bad input parameters to function) Crypto and SSL questions	1	2467	July 7, 2019
Problem with mbedtls_rsa_import_raw while mbedtls_rsa_import is working fine Crypto and SSL questions mbed_tls	1	1967	January 16, 2020
Mbedtls_ecp_point_read_binary: -0x0010 Crypto and SSL questions	0	25	August 13, 2024
Code stucks at mbedtls_mpi_mod_mpi() Generic	5	1144	September 13, 2018
Mbedtls_ecp_point_read_binary get MBEDTLS_ERR_MPI_ALLOC_FAILED Mbed TLS	0	14	July 30, 2024

Mpi_read_string Issue

Related topics