Topic: RSA Signing

Hi

I am trying to verify a data payload supplied with a RSA signature generated from the SHA256 hash of the data.

The WolfSSL example code seems to work if using the private key but it fails with the following error when using the public key.

MP_EXPTMOD_E -112 mp_exptmod error state

Can anyone explain what this error code means?

Code shown here...
##############################################
    // Create a hash of the payload
    InitSha256(&sha);
    Sha256Update(&sha, payload, sizeof(payload));
    Sha256Final(&sha, hash);

    //ret = CyaSSL_KeyPemToDer(privateKeyPem, sizeof(privateKeyPem), privateKeyDerFromPem,
    //        sizeof(privateKeyDerFromPem), NULL);

    InitRsaKey(&prikey, NULL); // not using heap hint. No custom memory
    ret = RsaPrivateKeyDecode(privateKeyDer, &idx, &prikey, sizeof(privateKeyDer));
    if( ret != 0 )
    {
    // error parsing private key
    }
    idx = 0 ;
    InitRsaKey(&pubkey, NULL); // not using heap hint. No custom memory
    ret = RsaPublicKeyDecode(publicKeyDer, &idx, &pubkey, sizeof(publicKeyDer));
    if( ret != 0 )
    {
    // error parsing public key
    }
    // Sign with private key
    ret = RsaSSL_Sign(hash, sizeof(hash), out, sizeof(out), &prikey, &rng);
    if (ret < 0) {
       return -1;
    }
    // Verify with private key
    memset(plain, 0, sizeof(plain));
    ret = RsaSSL_Verify(out, ret, plain, sizeof(plain), &prikey);
    if (ret < 0) {
       return -1;
    }
    memset(plain, 0, sizeof(plain));
    ret = RsaSSL_Verify(out, ret, plain, sizeof(plain), &pubkey);
    if (ret < 0) {
       return -1;
    }
##############################################

Regards

Jeff White

Share

Re: RSA Signing

Hi Jeff,

Where are you getting publicKeyDer from that is being used with RsaPublicKeyDecode?

Thanks,
Chris

Re: RSA Signing

Hi Chris

The public key was exported from the TLS certificate associated with the private key.

The extraction was done on a Windows C# program using Bouncy Castle.

Regards

Jeff White

Share

4 (edited by auroraautumn 2015-10-14 08:22:46)

Re: RSA Signing

Hi there,

Was there a resolution to this? I'm experiencing the same problem.

Edit: For anybody else that experiences this, I got past it because I made a careless mistake - the DER was that of my private key, and I was calling RsaPublicKeyDecode. The call from RsaPublicKeyDecode succeeded, but RsaSSL_Verify failed with the appropriate error listed here.

Share