• State Not Answered
  • Replies 13 replies
  • Subscribers 63 subscribers
  • Views 3990 views
  • Users 0 members are here
Attachments (1) Download All
Nordic Case Info
  • Case ID: 261738
Options
This post is older than 2 years and might not be relevant anymore
More Info: Consider searching for newer posts

mbedtls RSA trouble, mbedtls_rsa_import/mbedtls_rsa_complete fails

basvkesteren

Hi,

Working on RSA encryption, I'm trying to build an RSA context from just the P, Q and E part of the key (as per https://tls.mbed.org/kb/development/how-to-fill-rsa-context-from-n-e-p-and-q)

I have this sequence working on a windows machine, using the latest mbedtls release on visual studio 2019.

mbedtls_rsa_init(&ctx, MBEDTLS_RSA_PKCS_V15, 0);
ret = mbedtls_rsa_import(&ctx, NULL, &P, &Q, NULL, &E);
if (ret != 0)
{
    mbedtls_printf(" failed\n  ! mbedtls_rsa_import returned %d\n\n", ret);
}
if ((ret = mbedtls_rsa_complete(&ctx)) != 0)
{
     mbedtls_printf(" failed\n  ! mbedtls_rsa_complete returned %d\n\n", ret);
}

When doing the same thing on a nrf52840 board, the mbedtls_rsa_complete call fails with errorcode -16512, 'RSA - Bad input parameters to function'.

When I compare the RSA context structure after the mbedtls_rsa_import call, the contents are identical (nrf vs windows), using the same P/Q/E input arrays.

So, this might be a long shot here, but I'm not sure where to look now. The mbedtls code is rather hard to follow, sofar I have not been able to tell why the function fails. Both machines are little endian, so that shouldn't be it, right? I've tried setting a larger heap (CONFIG_MBEDTLS_HEAP_SIZE=2048), but that did not make any difference either.

Any pointers?

  • 0 in reply to Didrik Rokhaug

    Hi Didrik,

    Thanks for the response. So, do I understand it right that this missing functionality will be added to a future NCS release? Looks to me the crypto-library is binary only, I can't modify it myself, right?

    Also, I did a quick test this morning. In the following code the test_RSA_N/P/Q/E contain a valid RSA key. This sequence works with CONFIG_CC3XX_BACKEND=n, but fails with CONFIG_CC3XX_BACKEND=y (I get a 'mbedtls_rsa_complete failed: -16512' printout).

    What am I missing? I'm using NCS 1.4.0

        LOG_DBG("RSA import, again:");
    mbedtls_rsa_init(&rsa, MBEDTLS_RSA_PKCS_V21, MBEDTLS_MD_SHA256);
    if((r = mbedtls_rsa_import_raw(&rsa, test_RSA_N, sizeof(test_RSA_N),
                                         test_RSA_P, sizeof(test_RSA_P), 
                                         test_RSA_Q, sizeof(test_RSA_Q),
                                         NULL, 0, /* D */
                                         test_RSA_E, sizeof(test_RSA_E)))) {
        mbedtls_strerror(r, errbuf, sizeof(errbuf));
        LOG_DBG("mbedtls_rsa_import_raw failed: %d (%s)", r, errbuf);
    }
    LOG_DBG("ok");

    LOG_DBG("mbedtls_rsa_complete");
    if((r = mbedtls_rsa_complete(&rsa))) {
        mbedtls_strerror(r, errbuf, sizeof(errbuf));
        LOG_DBG("mbedtls_rsa_complete failed: %d (%s)\n", r, errbuf);
    }
    LOG_DBG("ok");

  • 0 in reply to basvkesteren

    Hi, and sorry for the late reply.

    Since my last comment, the developers has found even more problems with the library.

    It seems like you at least also have to provide E, although that is unpractical for the application.

    However, I have been promised that a Pull Request with an updated version of the library will be available within the next few days.

    Sorry for the inconvenience, and the time this is taking.

    Best regards,

    Didrik

  • 0 in reply to Didrik Rokhaug

    The pull request which should fix your issues has now been published:https://github.com/nrfconnect/sdk-nrfxlib/pull/390

    I don't have the opportunity to test it myself today, but it should solve all the RSA problems in the cryptocell library.

Related