I am trying to get a simple RSA encryption without padding test to work. It supplies the keys from RAM. I’ve tried a number of key sizes and am not having much luck. The code is running on x86. Any ideas why it doesn’t produce expected results?
I have tried reversing parameters - all 8 combinations.
static void dump(uint8_t const * data, size_t dataLength)
{
for (size_t i = 0; i < dataLength; i++)
{
if (i % 32 == 0)
{
printf("\n");
}
printf("%02X", data[i]);
}
printf("\n");
}
void main(int argc, char **argv)
{
const uint8_t exponent[] = { 0x01, 0x00, 0x01 };
const uint8_t modulus[] = {
0x75, 0x0F, 0x2E, 0xEE, 0x73, 0x7D, 0xCF, 0xC4, 0x5F, 0xE6, 0x86, 0xF3, 0xA0, 0x5B, 0xF4, 0xB1,
0x80, 0x42, 0x91, 0x8E, 0x18, 0x2C, 0xEA, 0xF0, 0x7B, 0xDC, 0x39, 0xF0, 0x07, 0xC2, 0xA5, 0x80,
0x98, 0xC8, 0xFD, 0x79, 0x29, 0xD1, 0x59, 0x11, 0xA1, 0x10, 0x2D, 0x29, 0xE1, 0x6D, 0x2A, 0x12,
0xA6, 0xD3, 0xED, 0xCD, 0x5E, 0x73, 0x8B, 0x54, 0xE5, 0xFB, 0x1F, 0x9F, 0x99, 0xC3, 0xD3, 0xA3
};
const uint8_t d[] = {
0x5E, 0xED, 0xC8, 0x36, 0x71, 0x8C, 0x36, 0xA0, 0x5E, 0xD1, 0x18, 0xE1, 0x9B, 0x4A, 0xD7, 0x3D,
0xD6, 0xF0, 0xA5, 0x0F, 0x61, 0x85, 0x93, 0xA5, 0x20, 0x1C, 0xF1, 0x13, 0x39, 0x87, 0xDD, 0x24,
0x34, 0x89, 0x05, 0xD2, 0x25, 0x4A, 0x95, 0xE8, 0xA0, 0x98, 0xF5, 0x2E, 0x78, 0x9C, 0x2A, 0x75,
0xC3, 0x00, 0xB5, 0x04, 0x7C, 0x52, 0xB2, 0xFE, 0xBF, 0x5F, 0x86, 0x50, 0xCC, 0x3E, 0x15, 0x51
};
const uint8_t input[] = {
0x01, 0x02, 0x03, 0x04, 0x01, 0x02, 0x03, 0x04, 0x01, 0x02, 0x03, 0x04, 0x01, 0x02, 0x03, 0x04,
0x01, 0x02, 0x03, 0x04, 0x01, 0x02, 0x03, 0x04, 0x01, 0x02, 0x03, 0x04, 0x01, 0x02, 0x03, 0x04,
0x01, 0x02, 0x03, 0x04, 0x01, 0x02, 0x03, 0x04, 0x01, 0x02, 0x03, 0x04, 0x01, 0x02, 0x03, 0x04,
0x01, 0x02, 0x03, 0x04, 0x01, 0x02, 0x03, 0x04, 0x01, 0x02, 0x03, 0x04, 0x01, 0x02, 0x03, 0x04
};
const uint8_t expected[] = {
0x21, 0x29, 0x2A, 0x54, 0x5A, 0x99, 0xAD, 0x70, 0xBF, 0x81, 0x51, 0x95, 0xE5, 0xA9, 0x2B, 0xC3,
0x43, 0x46, 0xC2, 0xA2, 0x27, 0x11, 0x37, 0x42, 0xCE, 0xFD, 0x93, 0x44, 0x30, 0x8D, 0xF4, 0x26,
0x30, 0xBB, 0x7F, 0x58, 0x23, 0x24, 0x29, 0xFC, 0xF2, 0x27, 0x19, 0x75, 0xD2, 0x96, 0x4E, 0xC7,
0x82, 0x1D, 0xD5, 0x75, 0x20, 0xF7, 0xCD, 0xE2, 0x61, 0x32, 0xD8, 0x48, 0x8C, 0x47, 0x80, 0x5E
};
uint8_t output[sizeof(input)];
mbedtls_rsa_context rsa;
printf("Expected:");
dump(expected, sizeof(expected));
memset(output, 0, sizeof(output));
mbedtls_rsa_init(&rsa, MBEDTLS_RSA_PKCS_V15, 0); // requires padding arg, but don't want padding
mbedtls_rsa_import_raw(&rsa, modulus, sizeof(modulus), NULL, 0, NULL, 0, NULL, 0, exponent, sizeof(exponent));
mbedtls_rsa_complete(&rsa);
mbedtls_rsa_public(&rsa, input, output);
mbedtls_rsa_free(&rsa);
printf("\nActual:");
dump(output, sizeof(output));
}
Results:
Expected:
21292A545A99AD70BF815195E5A92BC34346C2A227113742CEFD9344308DF426
30BB7F58232429FCF2271975D2964EC7821DD57520F7CDE26132D8488C47805E
Actual:
5516F581673F83DE5A8676F4FCD103953ECA2D38C4A02D430AF879E60FA96DDC
8FC2EE940DA2E2AAA284944A00F6ED0F3D7CB1B6F3CE35238144A7E31A960D55