Parsing RSA2048 certificate fails with error code MBEDTLS_ERR_PK_INVALID_PUBKEY

unknownissuer · July 25, 2018, 3:40pm

Hello,

I am trying to parse this AWS IoT Certificate provided by Amazon.
Every time I call mbedtls_x509_crt_parse() I get the error code MBEDTLS_ERR_PK_INVALID_PUBKEY.

I am not sure if I have the correct RSA configuration enabled.
My environment is within an RTOS, originally I was only using ECC certificate so I had disable all RSA related configuration. But now when I enable them this is the error code I get, please let me know the configuration that are required.

Thanks

unknownissuer · July 25, 2018, 4:01pm

Solved. My MPI size was incorrect for the RSA key size.
Has to use a MPI size 256.
I had adjusted the MPI to reduce memory

#define MBEDTLS_MPI_MAX_SIZE 256

Topic		Replies	Views
Handshake returns -2700 with Certificates created by AWS Crypto and SSL questions mbed_tls	2	662	December 9, 2019
Mbedtls_x509_crt_parse CRT returns -0x3B00 MBEDTLS_ERR_PK_INVALID_PUBKEY Generic	4	2244	August 25, 2019
Parsing a private key only throws an error if trying to decrypt, but not by itself Platform specific questions	4	3165	January 6, 2019
Certification verification failed only on target board Generic	3	794	May 14, 2019
Mbedtls_pk_verify giving ECP - The signature is not valid as error Crypto and SSL questions mbed_tls	0	682	March 22, 2021

Parsing RSA2048 certificate fails with error code MBEDTLS_ERR_PK_INVALID_PUBKEY

Related Topics