Topic: [SOLVED] wc_RsaKeyToPublicDer error when key is 4096 bits
Hello,
I have problem with wc_RsaKeyToPublicDer function when I use private key 4096 bits length.
When I use 2048 or 3072 key length everything is ok.
I generated private key by the function:
wc_MakeRsaKey(&key_, 4096, 65537, &rng);
....
int error = wc_RsaKeyToPublicDer(&privateKey4096bits, data, data_size);
I have got error: BUFFER_E = -132, /* output buffer too small or input too large */
I have large output buffer, so I don't have to small.
I debug asn.c file, it seems that input is too large. But 4096 key length is acceptable by WolfSSl library:
RSA_MIN_SIZE = 512,
RSA_MAX_SIZE = 4096,
Please see my debug comments bellow.
Maybe is problem with variable leadingBit = 1, maybe should be leadingBit = 0
asn.c file from Wolfssl libray:
/* USER RSA ifdef portions used instead of refactor in consideration for
possible fips build */
/* Write a public RSA key to output */
static int SetRsaPublicKey(byte* output, RsaKey* key,
int outLen, int with_header)
{
#ifdef WOLFSSL_SMALL_STACK
byte* n = NULL;
byte* e = NULL;
#else
byte n[MAX_RSA_INT_SZ];
byte e[MAX_RSA_E_SZ];
#endif
byte seq[MAX_SEQ_SZ];
byte len[MAX_LENGTH_SZ + 1]; /* trailing 0 */
int nSz;
int eSz;
int seqSz;
int lenSz;
int idx;
int rawLen;
int leadingBit;
int err;
if (output == NULL || key == NULL || outLen < MAX_SEQ_SZ)
return BAD_FUNC_ARG;
/* n */
#ifdef WOLFSSL_SMALL_STACK
n = (byte*)XMALLOC(MAX_RSA_INT_SZ, NULL, DYNAMIC_TYPE_TMP_BUFFER);
if (n == NULL)
return MEMORY_E;
#endif
#ifdef HAVE_USER_RSA
leadingBit = wc_Rsa_leading_bit(key->n);
rawLen = wc_Rsa_unsigned_bin_size(key->n) + leadingBit;
#else
leadingBit = mp_leading_bit(&key->n); // I have leadingBit =1
rawLen = mp_unsigned_bin_size(&key->n) + leadingBit; // rawLen = 513
#endif
n[0] = ASN_INTEGER;
nSz = SetLength(rawLen, n + 1) + 1; /* int tag */ //nSz = 4
if ( (nSz + rawLen) < MAX_RSA_INT_SZ) { // 4 + 513 < 517 I've got BUFFER_E error
if (leadingBit)
n[nSz] = 0;
#ifdef HAVE_USER_RSA
err = wc_Rsa_to_unsigned_bin(key->n, n + nSz, rawLen);
#else
err = mp_to_unsigned_bin(&key->n, n + nSz + leadingBit);
#endif
if (err == MP_OKAY)
nSz += rawLen;
else {
#ifdef WOLFSSL_SMALL_STACK
XFREE(n, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return MP_TO_E;
}
}
else {
#ifdef WOLFSSL_SMALL_STACK
XFREE(n, NULL, DYNAMIC_TYPE_TMP_BUFFER);
#endif
return BUFFER_E;
}