SHA256RSA Signing problem

Hi all,

I have problem when I do RSA SHA256 sign with RSA private key.

I trying compare signed results with online resource RSA Signature generation and verification tool with RSASSA-PSS,SHA1WithRSA,SHA1withRSAandMGF1, sha384WithRSA, SHA224WithRSA/PSS, RSAPSS .

My tests I did on stm32f4-discovery board.

I need sign this string:
c491f829462acf230dded26e241dde45867c92bc3bb3192bad4577f377715c18

I got next result:

mbedTLS generated for me next signature:

PKCS1_5_SIGN from SHA256_STR
07d17955cb29bcc2173ad1819429e7ed5760bbfca59ea7602db43ca1e162f26ce80dafcae9f1c5a6496e908f8ac276c13e5511ca83d78b81383260ac991e9136867ad05cdcf3e7796c80a915eb482043b7d4968e14992e43976043686e18a16e45d0213d7d94c96b796d69e39e662de10d9e0624f10883a33fe1b7cceb345537141384fc2bcaf0c755536780d24aedf6a030c2bb9b63c4107ac9a9724b34003d8371c27681185a2a6aa61016d54204ab8b9f9ff9e382136551fddca7efa888b38faf60eb7e0bc7a6c609904d4e94f72c17e1e27304e82ffc3e2b6a0ada90cf13cbc0a4dc54189407c77be57975835da58be90fb2d3a462bb4f3a14d3a1cc4271

I tried also convert this to Base64:
MDdkMTc5NTVjYjI5YmNjMjE3M2FkMTgxOTQyOWU3ZWQ1NzYwYmJmY2E1OWVhNzYwMmRiNDNjYTFlMTYyZjI2Y2U4MGRhZmNhZTlmMWM1YTY0OTZlOTA4ZjhhYzI3NmMxM2U1NTExY2E4M2Q3OGI4MTM4MzI2MGFjOTkxZTkxMzY4NjdhZDA1Y2RjZjNlNzc5NmM4MGE5MTVlYjQ4MjA0M2I3ZDQ5NjhlMTQ5OTJlNDM5NzYwNDM2ODZlMThhMTZlNDVkMDIxM2Q3ZDk0Yzk2Yjc5NmQ2OWUzOWU2NjJkZTEwZDllMDYyNGYxMDg4M2EzM2ZlMWI3Y2NlYjM0NTUzNzE0MTM4NGZjMmJjYWYwYzc1NTUzNjc4MGQyNGFlZGY2YTAzMGMyYmI5YjYzYzQxMDdhYzlhOTcyNGIzNDAwM2Q4MzcxYzI3NjgxMTg1YTJhNmFhNjEwMTZkNTQyMDRhYjhiOWY5ZmY5ZTM4MjEzNjU1MWZkZGNhN2VmYTg4OGIzOGZhZjYwZWI3ZTBiYzdhNmM2MDk5MDRkNGU5NGY3MmMxN2UxZTI3MzA0ZTgyZmZjM2UyYjZhMGFkYTkwY2YxM2NiYzBhNGRjNTQxODk0MDdjNzdiZTU3OTc1ODM1ZGE1OGJlOTBmYjJkM2E0NjJiYjRmM2ExNGQzYTFjYzQyNzE=

But online generator got next result:
PrfnVeYtO/G5F0I0mCrKUjMLUhIICVXKBX9OVJNhRnZxRM2MHoW4hZn9oenhdDPSmsUdbG3q2/Re+FyWk/NvGrQ6bkQKZ1SdgphNW37An+fBOFYbD44KsFPuKtY47ASRggAqUtmYfrDab2dQrP7jCU5dl4WjITvSI+4BmnNyn2QnmMg/yF5yyzTD4e08SqYXZleIgcKuVnITBjmMrKJZM/R8eH2X85snXXJWDZsiGsoR8hMkxc5MDULwHAGu27OES2cqRAyheKdNPh/DM+/Irn5SDuodfV6RB8ZaNfpDPTiICPedRd28Ue25MRz5TdYH6f1jOQFGcJBpm6zIXUuqxQ==

//--------------------------------------------------------------------------------------------------------------------------------------
//--------------------------------------------------------------------------------------------------------------------------------------
//--------------------------------------------------------------------------------------------------------------------------------------
Generated keys:

-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEAgen25AONynFZnuGUjvzASwf8l5Nqv/8xeK6i59ueSxAk7C3A
LJXP7+vKE2AIUBpvR2yugp1Rky+wgn4UXfKST9UftxxjzWCIe8v4JHr8np5BKUpp
1HS8RCElnXxvLYp8f6C1ts8DvXFDKQZ7NFK07EnSN+omfeV5XmEu1wqymbKbZq2z
81OFQvdrjOn9f5CHBMrUS2WInk50oDbrOszIJ4KRRk+DimRmLGWTO0dFKtzehyUM
Qh4kgogFh5iu0zd/3EwlXqYx2AMaMTW1TvDcJoa2KSelS55C/Kw9qmxV4OdJarhM
+gpScs25tb2824SWWXWrEuBHiaiRrAo6acPZvwIDAQABAoIBAEJ04dQwMTdPFq5c
7PbcOq3nLwKG6cO/kpoOk80Rnn79ijW7DaSBGna74opYxMfdTfF2miq8uT8W1S9b
uaV5cfkep/OutSsZZ5gUdiKLO3EUuXaa11pUQP6FCk3umpzsS9Wp62rRqTMenmF9
LEdOy7hX5w6tW/VpDtYF1sUwdr6CTvr45fSY5vxurL5iQjAyHb82w3ZJIdBm2Cm4
3KIQ55NQ3JE21Jbj66KuGyP5r28DkjiRoT7uE2MJhvA4BnlL9mutzyCa25AVg3b0
qTckzJYj0fiXyRiCESs0ddrl+oK6+pkjPxyEoaCwyakT7Lkw+DPDDRQ2f3C/IzCl
dM3Z0CkCgYEA2KncAO/KbxQ98QSpWjV1WHhD4mw+gcGZFkJ3HtJ8JG/4TP4aOM4I
rRUyzXuZhgETCjlodhKrPB3r8zzN2YmbEO46MVRB9dQRKSiiP9Xx3zluA8VfdYS5
1tkSuYZrEVHTgz0vG1iZ+xuUizW3mKR6R0lB9lODm+qNLE/DRdFFdCUCgYEAmYAi
018tZUhBK7BrFxRoJ3HhgudTf6dGEXlccz+/eupmmXRXfORKiaxswTJvavZb+YVZ
+b+CSNIar4lY82jS9v4aquQsSog1kfnQghTRavho+Wb7vYIY9Bzl5FRrRsxqC1Bt
KO1huX4aacPMJ40UFnGXPHBY0Rrv5revE+iw3xMCgYAxtI43XMupPhCTyYj8nAUG
vdh9Cm4woHR5adggJxO53EIvj5/+Zi4RXyqff3qSBo8Sqmbvp4rHKOonjEyBWpNL
iAuro3PabMNfGOZYFMH/fxJhJReoQ0HLK1OjYlYPzCDlG9VBxcrVk9c5NKKhDyLK
VeEfHLu1ulKW1tmqm77+TQKBgEKcsIA5lWGWcXGcJVzmpiw35zz/VeTXmjiLCeuZ
hma4wb1mF3FDQHVuNePBF0i7kD4/+EPBL7CaPKpgWBGJM8OrkbcHPZE6esTWO/23
OwnIswVIA4bBpkKJJ9pmKAeZPYubY0OXgAkXCC9NoJKpTkZPFOpNdr2HiwP8QiXJ
nLexAoGBAIZPDgI73XIAawGx1Zwz/+AFhM7D6tHvXdokTjSwoRH/w/dyJtBQHP3H
lr8ChE8F3n50ntrAaHoGPYhMCBNfgPDbqUNMCGsDaMBOFtMMy1c3ex/zLC7hVnZb
zaPk8Do05waaYCr+9aa1Xy2uSwIEQChsEA0AGOb3k8FR3uUJ74Xw
-----END RSA PRIVATE KEY-----

-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgen25AONynFZnuGUjvzA
Swf8l5Nqv/8xeK6i59ueSxAk7C3ALJXP7+vKE2AIUBpvR2yugp1Rky+wgn4UXfKS
T9UftxxjzWCIe8v4JHr8np5BKUpp1HS8RCElnXxvLYp8f6C1ts8DvXFDKQZ7NFK0
7EnSN+omfeV5XmEu1wqymbKbZq2z81OFQvdrjOn9f5CHBMrUS2WInk50oDbrOszI
J4KRRk+DimRmLGWTO0dFKtzehyUMQh4kgogFh5iu0zd/3EwlXqYx2AMaMTW1TvDc
Joa2KSelS55C/Kw9qmxV4OdJarhM+gpScs25tb2824SWWXWrEuBHiaiRrAo6acPZ
vwIDAQAB
-----END PUBLIC KEY-----

BASE64 Public Key
LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUFnZW4yNUFPTnluRlpudUdVanZ6QQpTd2Y4bDVOcXYvOHhlSzZpNTl1ZVN4QWs3QzNBTEpYUDcrdktFMkFJVUJwdlIyeXVncDFSa3krd2duNFVYZktTClQ5VWZ0eHhqeldDSWU4djRKSHI4bnA1QktVcHAxSFM4UkNFbG5YeHZMWXA4ZjZDMXRzOER2WEZES1FaN05GSzAKN0VuU04rb21mZVY1WG1FdTF3cXltYktiWnEyejgxT0ZRdmRyak9uOWY1Q0hCTXJVUzJXSW5rNTBvRGJyT3N6SQpKNEtSUmsrRGltUm1MR1dUTzBkRkt0emVoeVVNUWg0a2dvZ0ZoNWl1MHpkLzNFd2xYcVl4MkFNYU1UVzFUdkRjCkpvYTJLU2VsUzU1Qy9LdzlxbXhWNE9kSmFyaE0rZ3BTY3MyNXRiMjgyNFNXV1hXckV1QkhpYWlSckFvNmFjUFoKdndJREFRQUIKLS0tLS1FTkQgUFVCTElDIEtFWS0tLS0t

SHA256 from Public key in Base64
c491f829462acf230dded26e241dde45867c92bc3bb3192bad4577f377715c18

PKCS1_5_SIGN from SHA256_STR
07d17955cb29bcc2173ad1819429e7ed5760bbfca59ea7602db43ca1e162f26ce80dafcae9f1c5a6496e908f8ac276c13e5511ca83d78b81383260ac991e9136867ad05cdcf3e7796c80a915eb482043b7d4968e14992e43976043686e18a16e45d0213d7d94c96b796d69e39e662de10d9e0624f10883a33fe1b7cceb345537141384fc2bcaf0c755536780d24aedf6a030c2bb9b63c4107ac9a9724b34003d8371c27681185a2a6aa61016d54204ab8b9f9ff9e382136551fddca7efa888b38faf60eb7e0bc7a6c609904d4e94f72c17e1e27304e82ffc3e2b6a0ada90cf13cbc0a4dc54189407c77be57975835da58be90fb2d3a462bb4f3a14d3a1cc4271

PKCS1_5_SIGN from SHA256_STR encoded to base64
MDdkMTc5NTVjYjI5YmNjMjE3M2FkMTgxOTQyOWU3ZWQ1NzYwYmJmY2E1OWVhNzYwMmRiNDNjYTFlMTYyZjI2Y2U4MGRhZmNhZTlmMWM1YTY0OTZlOTA4ZjhhYzI3NmMxM2U1NTExY2E4M2Q3OGI4MTM4MzI2MGFjOTkxZTkxMzY4NjdhZDA1Y2RjZjNlNzc5NmM4MGE5MTVlYjQ4MjA0M2I3ZDQ5NjhlMTQ5OTJlNDM5NzYwNDM2ODZlMThhMTZlNDVkMDIxM2Q3ZDk0Yzk2Yjc5NmQ2OWUzOWU2NjJkZTEwZDllMDYyNGYxMDg4M2EzM2ZlMWI3Y2NlYjM0NTUzNzE0MTM4NGZjMmJjYWYwYzc1NTUzNjc4MGQyNGFlZGY2YTAzMGMyYmI5YjYzYzQxMDdhYzlhOTcyNGIzNDAwM2Q4MzcxYzI3NjgxMTg1YTJhNmFhNjEwMTZkNTQyMDRhYjhiOWY5ZmY5ZTM4MjEzNjU1MWZkZGNhN2VmYTg4OGIzOGZhZjYwZWI3ZTBiYzdhNmM2MDk5MDRkNGU5NGY3MmMxN2UxZTI3MzA0ZTgyZmZjM2UyYjZhMGFkYTkwY2YxM2NiYzBhNGRjNTQxODk0MDdjNzdiZTU3OTc1ODM1ZGE1OGJlOTBmYjJkM2E0NjJiYjRmM2ExNGQzYTFjYzQyNzE=

My code for mbedTLS is below:

void SSL_Server(void const *argument)
{

int len;
UNUSED(argument);
int exit_code = MBEDTLS_EXIT_FAILURE;
mbedtls_rsa_context rsa;
mbedtls_entropy_context entropy;
mbedtls_ctr_drbg_context ctr_drbg;
mbedtls_mpi N, P, Q, D, E, DP, DQ, QP;
mbedtls_pk_context key;

const char *pers = "rsa_genkey";

mbedtls_pk_init( &key );  

mbedtls_ctr_drbg_init( &ctr_drbg );
mbedtls_rsa_init( &rsa, MBEDTLS_RSA_PKCS_V15, 0 );
mbedtls_mpi_init( &N ); mbedtls_mpi_init( &P ); mbedtls_mpi_init( &Q );
mbedtls_mpi_init( &D ); mbedtls_mpi_init( &E ); mbedtls_mpi_init( &DP );
mbedtls_mpi_init( &DQ ); mbedtls_mpi_init( &QP );

mbedtls_printf( "\n  . Seeding the random number generator..." );

mbedtls_entropy_init( &entropy );
if( ( ret = mbedtls_ctr_drbg_seed( &ctr_drbg, mbedtls_entropy_func, &entropy,
                           (const unsigned char *) pers,
                           strlen( pers ) ) ) != 0 )
{
    mbedtls_printf( " failed\n  ! mbedtls_ctr_drbg_seed returned %d\n", ret );
    goto exit;
}

mbedtls_printf( " ok\n  . Generating the RSA key [ %d-bit ]...", KEY_SIZE );

if( ( ret = mbedtls_pk_setup( &key,
                             mbedtls_pk_info_from_type( (mbedtls_pk_type_t) MBEDTLS_PK_RSA ) ) ) != 0 )
{
  mbedtls_printf( " failed\n  !  mbedtls_pk_setup returned -0x%04x", -ret );
  goto exit;
}


if( ( ret = mbedtls_rsa_gen_key( mbedtls_pk_rsa( key ), mbedtls_ctr_drbg_random, &ctr_drbg,
                                KEY_SIZE, 65537 )) != 0 )
{
  if( ret != 0 )
  {
    mbedtls_printf( " failed\n  !  mbedtls_rsa_gen_key returned -0x%04x", -ret );
    goto exit;
  }
}

memset(private_key, 0, 16000);
memset(public_key, 0, 16000);
memset(sha256_buf, 0, 32);
memset(pkcs15_sign, 0, KEY_SIZE/2);

if( ( ret = mbedtls_pk_write_key_pem( &key, private_key, 16000 ) ) != 0 )
{
  len = strlen( (char *) private_key );
  mbedtls_printf( " failed\n  !  mbedtls_pk_write_key_pem returned -0x%04x", -ret );
}

len = strlen( (char *) private_key );

if( ( ret = mbedtls_pk_write_pubkey_pem( &key, public_key, 16000 ) ) != 0 )
{
  len = strlen( (char *) public_key );
  mbedtls_printf( " failed\n  !  mbedtls_pk_write_pubkey_pem returned -0x%04x", -ret );
}

len = strlen( (char *) public_key );

if( (ret = mbedtls_base64_encode(public_key_base64, (1024 * 4), &public_key_base64_len, public_key, strlen(public_key)) ) != 0)
{
  mbedtls_printf( " failed\n  !  base64_encode returned -0x%04x", -ret );
}

mbedtls_sha256_context ctx2;

mbedtls_sha256_init(&ctx2);
mbedtls_sha256_starts(&ctx2, 0); /* SHA-256, not 224 */

/* Simulating multiple fragments */
mbedtls_sha256_update(&ctx2, public_key_base64, (public_key_base64_len-4));

mbedtls_sha256_finish(&ctx2, sha256_buf);

hex_to_char( sha256_buf, 32, sha256_buf_str);


if( ( ret = mbedtls_rsa_rsassa_pkcs1_v15_sign( mbedtls_pk_rsa( key ), NULL, NULL, MBEDTLS_RSA_PRIVATE, MBEDTLS_MD_SHA256,
                                   32, sha256_buf, pkcs15_sign ) ) != 0 )
{
  mbedtls_printf( " failed\n  ! mbedtls_rsa_pkcs1_sign returned -0x%0x\n\n", -ret );
  goto exit;
}


hex_to_char( pkcs15_sign, 256, pkcs15_sign_str);

mbedtls_printf( " ok\n\n" );

exit_code = MBEDTLS_EXIT_SUCCESS;

}

Could you explain to me why results are different?

Thanks in advance.

Hi @ArtGDen
Thank you for your question!

I have been looking at your code, and I have a few questions:

  1. Why are you generating a key every time? Don’t you want to use s ingle key pair (from the example) ?
  2. I believe you are trying to sign the hash of the public key in Base 64, is this correct?

I have looked at the link for the online signature generator, and it seems that the message it expects is the clear message, before hashing, as the tool itself will hash as well.
However, the Mbed TLS API expects the message to be hashed as input.

I took the private key from your example, and called mbedtls_pk_parse_key() to parse it into the mbedtls_pk_context . Then I took the hashed message (c491f829462acf230dded26e241dde45867c92bc3bb3192bad4577f377715c18) and sent it as the message to sign in mbedtls_rsa_rsassa_pkcs1_v15_sign().

The output signature, pkcs15_sign was converted to base 64, using mbedtls_base64_encode, and I got the following signature in base 64:

Wlvfv4Es18rbMJ6aVuKFDRHK1o9Vxb6sGp0e/zDoV62j1cdXh1rd4XzOQVaYX831Qs2B10zqbiIFvXsu4ROB4LA5rIf0aeqiKS0Le7EJ9SVj7jEHg0cfJ4ebMtFE/g7HYrlE0WRDIh8Qumi4cY2QSeJ3j3AMc/Kw1xNny6GQ9Funcb3NYp0NkYobcjx8TF3y4exU1idRdaKlFsrMVyx/cc8OhtB+Fb6rijM35uiG4XUpe/xnfPbAduS5V5dyCnzET8VyryIs1SBZyKpxzvqnXF9HJxRCQql2BgVClT5/5dM3EQ3I40nHaKpxPRiAJNpakkwZMElp0jll52YbjfgwCQ==

In the online tool you referenced, I used the private key from your example, selected “SHA256withRSA”(2048 bit key size) and as the ClearText message I inserted the public key Base 64, beofre hashing (LS0tLS1CRUdJTiBQVUJMSUMgS0VZLS0tLS0KTUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUFnZW4yNUFPTnluRlpudUdVanZ6QQpTd2Y4bDVOcXYvOHhlSzZpNTl1ZVN4QWs3QzNBTEpYUDcrdktFMkFJVUJwdlIyeXVncDFSa3krd2duNFVYZktTClQ5VWZ0eHhqeldDSWU4djRKSHI4bnA1QktVcHAxSFM4UkNFbG5YeHZMWXA4ZjZDMXRzOER2WEZES1FaN05GSzAKN0VuU04rb21mZVY1WG1FdTF3cXltYktiWnEyejgxT0ZRdmRyak9uOWY1Q0hCTXJVUzJXSW5rNTBvRGJyT3N6SQpKNEtSUmsrRGltUm1MR1dUTzBkRkt0emVoeVVNUWg0a2dvZ0ZoNWl1MHpkLzNFd2xYcVl4MkFNYU1UVzFUdkRjCkpvYTJLU2VsUzU1Qy9LdzlxbXhWNE9kSmFyaE0rZ3BTY3MyNXRiMjgyNFNXV1hXckV1QkhpYWlSckFvNmFjUFoKdndJREFRQUIKLS0tLS1FTkQgUFVCTElDIEtFWS0tLS0t) and I got the same result.
Regards,
Mbed TLS Support
Ron

Hi @roneld01.
Thanks for your reply!

I added the load of existing key.
I doing project using mbed tls and I have a backend that is waiting from me to sign the same as the generated script in Python.

import ssl
from Crypto.Signature import pkcs1_15
from Crypto.Hash import SHA256
from Crypto.PublicKey import RSA
import base64
import binascii

RSA_GENERATE_NEW_KEYPAIR = 0
RSA_KEY_SIZE = 2048

RSA_PRIVATE_KEY_PREGENERATED = “-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAgen25AONynFZnuGUjvzASwf8l5Nqv/8xeK6i59ueSxAk7C3A\nLJXP7+vKE2AIUBpvR2yugp1Rky+wgn4UXfKST9UftxxjzWCIe8v4JHr8np5BKUpp\n1HS8RCElnXxvLYp8f6C1ts8DvXFDKQZ7NFK07EnSN+omfeV5XmEu1wqymbKbZq2z\n81OFQvdrjOn9f5CHBMrUS2WInk50oDbrOszIJ4KRRk+DimRmLGWTO0dFKtzehyUM\nQh4kgogFh5iu0zd/3EwlXqYx2AMaMTW1TvDcJoa2KSelS55C/Kw9qmxV4OdJarhM\n+gpScs25tb2824SWWXWrEuBHiaiRrAo6acPZvwIDAQABAoIBAEJ04dQwMTdPFq5c\n7PbcOq3nLwKG6cO/kpoOk80Rnn79ijW7DaSBGna74opYxMfdTfF2miq8uT8W1S9buaV5cfkep/OutSsZZ5gUdiKLO3EUuXaa11pUQP6FCk3umpzsS9Wp62rRqTMenmF9\nLEdOy7hX5w6tW/VpDtYF1sUwdr6CTvr45fSY5vxurL5iQjAyHb82w3ZJIdBm2Cm4\n3KIQ55NQ3JE21Jbj66KuGyP5r28DkjiRoT7uE2MJhvA4BnlL9mutzyCa25AVg3b0\nqTckzJYj0fiXyRiCESs0ddrl+oK6+pkjPxyEoaCwyakT7Lkw+DPDDRQ2f3C/IzCl\ndM3Z0CkCgYEA2KncAO/KbxQ98QSpWjV1WHhD4mw+gcGZFkJ3HtJ8JG/4TP4aOM4I\nrRUyzXuZhgETCjlodhKrPB3r8zzN2YmbEO46MVRB9dQRKSiiP9Xx3zluA8VfdYS5\n1tkSuYZrEVHTgz0vG1iZ+xuUizW3mKR6R0lB9lODm+qNLE/DRdFFdCUCgYEAmYAi\n018tZUhBK7BrFxRoJ3HhgudTf6dGEXlccz+/eupmmXRXfORKiaxswTJvavZb+YVZ\n+b+CSNIar4lY82jS9v4aquQsSog1kfnQghTRavho+Wb7vYIY9Bzl5FRrRsxqC1Bt\nKO1huX4aacPMJ40UFnGXPHBY0Rrv5revE+iw3xMCgYAxtI43XMupPhCTyYj8nAUG\nvdh9Cm4woHR5adggJxO53EIvj5/+Zi4RXyqff3qSBo8Sqmbvp4rHKOonjEyBWpNL\niAuro3PabMNfGOZYFMH/fxJhJReoQ0HLK1OjYlYPzCDlG9VBxcrVk9c5NKKhDyLK\nVeEfHLu1ulKW1tmqm77+TQKBgEKcsIA5lWGWcXGcJVzmpiw35zz/VeTXmjiLCeuZ\nhma4wb1mF3FDQHVuNePBF0i7kD4/+EPBL7CaPKpgWBGJM8OrkbcHPZE6esTWO/23\nOwnIswVIA4bBpkKJJ9pmKAeZPYubY0OXgAkXCC9NoJKpTkZPFOpNdr2HiwP8QiXJ\nnLexAoGBAIZPDgI73XIAawGx1Zwz/+AFhM7D6tHvXdokTjSwoRH/w/dyJtBQHP3H\nlr8ChE8F3n50ntrAaHoGPYhMCBNfgPDbqUNMCGsDaMBOFtMMy1c3ex/zLC7hVnZb\nzaPk8Do05waaYCr+9aa1Xy2uSwIEQChsEA0AGOb3k8FR3uUJ74Xw\n-----END RSA PRIVATE KEY-----”
RSA_PUBLIC_KEY_PREGENERATED = “-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgen25AONynFZnuGUjvzA\nSwf8l5Nqv/8xeK6i59ueSxAk7C3ALJXP7+vKE2AIUBpvR2yugp1Rky+wgn4UXfKS\nT9UftxxjzWCIe8v4JHr8np5BKUpp1HS8RCElnXxvLYp8f6C1ts8DvXFDKQZ7NFK0\n7EnSN+omfeV5XmEu1wqymbKbZq2z81OFQvdrjOn9f5CHBMrUS2WInk50oDbrOszI\nJ4KRRk+DimRmLGWTO0dFKtzehyUMQh4kgogFh5iu0zd/3EwlXqYx2AMaMTW1TvDc\nJoa2KSelS55C/Kw9qmxV4OdJarhM+gpScs25tb2824SWWXWrEuBHiaiRrAo6acPZ\nvwIDAQAB\n-----END PUBLIC KEY-----”

#“-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6UTzL3bzW85zqixWhuL\ncsSxkwpqwlYuG9hUQ/WuskWhcNOxqOQ03c5V7MVjnX5P25tXKVlNLtmlnlIYnAqX\nJd3f/7zlNodw12RS+Cd9HyRbIQ/6G8s5UUb/JNPiIjYNDseQfaI4nrpnzmD99O7N\n7KxI8nNf1zc+T8sYt8jX1CrPuuPe5n38AEN2k/23ijHHdln7hWCVCk5pT1rHx4Qg\nDdDLft6eKltm8wrwXv20r5d6W6dkcRS1nPBOyESKrBvSdjQqj6XartZh+Os5v13+\nikyPJIAJk8A5hvLEo6uhCU2sz7UI1kPoDmHPFZbAqjzm/jNmPm9YYVaRheL7JmRm\n1wIDAQAB\n-----END PUBLIC KEY-----”

def generate_rsa_keypair(bits=2048):
‘’’
Generate an RSA keypair with an exponent of 65537 in PEM format
param: bits The key length in bits
Return private key and public key
‘’’
new_key = RSA.generate(bits, e=65537)
public_key = new_key.publickey().exportKey(“PEM”)
private_key = new_key.exportKey(“PEM”)

return private_key, public_key

def sign_sha256withrsa(private_key, message):
h = SHA256.new(str. encode(message))
signature = pkcs1_15.new(RSA.import_key(private_key)).sign(h)
return signature

if name == ‘main’:
#CID generation is done on the device side. Our approach is to generate the RSA public/private key pair,
#take the SHA256 hash of the public key (in PEM format) and that becomes device’s CID
if RSA_GENERATE_NEW_KEYPAIR:
print(“Generating new RSA keypair… \nPlease, wait. It may take some time\n”)
private_key, public_key = generate_rsa_keypair(bits=RSA_KEY_SIZE)
else:
private_key = RSA_PRIVATE_KEY_PREGENERATED
public_key = RSA_PUBLIC_KEY_PREGENERATED

print(private_key, end='\n');
print(public_key, end='\n');

# Standard Base64 Encoding
if RSA_GENERATE_NEW_KEYPAIR:
    public_key_encoded_bytes = base64.b64encode(str(public_key, "utf-8").encode("utf-8"))
else:
    public_key_encoded_bytes = base64.b64encode(public_key.encode("utf-8"))
public_key_encoded_str = str(public_key_encoded_bytes, "utf-8")
print("Public key (BASE64):\n"+public_key_encoded_str, end='\n')

hasher = SHA256.new()
hasher.update(public_key_encoded_bytes)
device_cid = hasher.hexdigest()
print("Device's CID:"+device_cid, end='\n')

print("Sign CID with a private key (SHA256withRSA)")
signature = sign_sha256withrsa(private_key, device_cid)
print("Signature:", end='\n')
print(binascii.hexlify(bytearray(signature)), end='\n')
signature_encoded_bytes = base64.b64encode(signature)
signature_encoded_str = str(signature_encoded_bytes, "utf-8")
print("Signed CID:"+signature_encoded_str, end='\n')

This python script do similar things as mbedtls code but signature results is different. Python do correct signature.

Could you help me understand why?

As described in first my post backend wait from me pkcs1_15 rsa-sha256 sign from hash taked from public key in base64 format.

Reference hash sha256 taked from public key in base64:

CID:c491f829462acf230dded26e241dde45867c92bc3bb3192bad4577f377715c18

Reference and correct for backend sign value PKCS1_15 RSA-SHA256. Result below in base16 format.
3eb7e755e62d3bf1b9174234982aca52330b5212080955ca057f4e54936146767144cd8c1e85b8
8599fda1e9e17433d29ac51d6c6deadbf45ef85c9693f36f1ab43a6e440a67549d82984d5b7ec09f
e7c138561b0f8e0ab053ee2ad638ec049182002a52d9987eb0da6f6750acfee3094e5d9785a3213b
d223ee019a73729f642798c83fc85e72cb34c3e1ed3c4aa61766578881c2ae56721306398caca259
33f47c787d97f39b275d72560d9b221aca11f21324c5ce4c0d42f01c01aedbb3844b672a440ca178
a74d3e1fc333efc8ae7e520eea1d7d5e9107c65a35fa433d388808f79d45ddbc51edb9311cf94dd6
07e9fd633901467090699bacc85d4baac5

Reference and correct for sign value PKCS1_15 RSA-SHA256. Result below in base64 format.
PrfnVeYtO/G5F0I0mCrKUjMLUhIICVXKBX9OVJNhRnZxRM2MHoW4hZn9oenhdDPSmsUdb
G3q2/Re+FyWk/NvGrQ6bkQKZ1SdgphNW37An+fBOFYbD44KsFPuKtY47ASRggAqUtmYfrDab2dQrP7jC
U5dl4WjITvSI+4BmnNyn2QnmMg/yF5yyzTD4e08SqYXZleIgcKuVnITBjmMrKJZM/R8eH2X85snXXJWD
ZsiGsoR8hMkxc5MDULwHAGu27OES2cqRAyheKdNPh/DM+/Irn5SDuodfV6RB8ZaNfpDPTiICPedRd28U
e25MRz5TdYH6f1jOQFGcJBpm6zIXUuqxQ==

Also if will you want run my Python script then you will need install for python cryptolibraries using command:

pip install pycryptodome

Python script result screenshot from command line:

I attached file with this script also at this link https://pastebin.com/KDT3cC2h

Thanks in advance!

Hi @roneld01
Thanks for you first message in this topic. The answer lies in it.
I found why RSA signing on mbedTLS and Python was with different results.
Some later I will post code example. Maybe for somebody it will be helpfull.