rsa_varification using mbedtls libs

取消
显示结果 
显示  仅  | 搜索替代 
您的意思是: 
已解决

rsa_varification using mbedtls libs

跳至解决方案
3,243 次查看
slimSHA
Contributor III

I was trying to verify a signature of a binary file using mbedtls library (v2.26.0)

I took the reference code from https://github.com/ARMmbed/mbedtls/blob/v2.26.0/programs/pkey/rsa_verify.c 

In the reference code, they are using the mbedtls_md_file() function to calculate the hash of the file.
But I'm using the FATFS library to access the files. so I had to modify the reference code as follows.

 

/**
 * Function to get hash of a file of path.
 * the hash will be stored in output buffer.
 * return 0 on success and error code on failure.
 */
int rsa_get_hash_of_file(const mbedtls_md_info_t *md_info, char *path,unsigned char *output)
{
	int ret = -1;
    FIL f;
    mbedtls_md_context_t ctx;
    FRESULT error;
    int br=0;
    unsigned char buf[1024];
    if( md_info == NULL )
    {
    	PRINTF("bad input data\r\n");
    	blogd("bad input data\r\n");
    	return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
    }
    error=f_open(&f, path, FA_READ);
    if( error != FR_OK )
    {
    	PRINTF("Unable to open update file for security check\r\n");
    	blogd("Unable to open update file for security check\r\n");
    	return( MBEDTLS_ERR_MD_FILE_IO_ERROR );
    }
    mbedtls_md_init( &ctx );

    if( ( ret = mbedtls_md_init_ctx(&ctx, md_info4) ) != 0 )
        goto cleanup;
    if( ( ret = mbedtls_md_starts( &ctx ) ) != 0 )
        goto cleanup;

    while( (f_read(&f, buf, sizeof(buf), &br) == FR_OK ) && br > 0)
        {
   	if( ( ret = mbedtls_md_update( &ctx, buf, br ) ) != 0 )
            goto cleanup;
        }
    if( f_error( &f ) != 0 )
        ret = MBEDTLS_ERR_MD_FILE_IO_ERROR;
    else
        ret = mbedtls_md_finish( &ctx, output );
cleanup:
	memset(buf, 0, sizeof(buf));
	f_close( &f );
	mbedtls_md_free( &ctx );
	return( ret );
}

 

the problem is im getting no values in the output buffer and no error code is returning from mbedtls functions.
is there any macro or to be enabled to get this work ? 
any help are appreciated .

thanks

标签 (1)
0 项奖励
回复
1 解答
3,219 次查看
slimSHA
Contributor III

Thanks for the reply,

the problem was I did not call CRYPTO_InitHardware()  initially, 

now I'm able to generate sha256 hashes of inputs properly.

BUT 

my calles to mbedtls_rsa_pkcs1_verify( &g_rsa,NULL,NULL,MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_SHA1,20, hash, buf ) is failed. the error code returned is -0x4290 but i couldn't find this error code from rsa.h file, but the closest one is 

#define MBEDTLS_ERR_RSA_PUBLIC_FAILED -0x4280 /**< The public key operation failed. */

am i missing any other initialization here ?

 

 

在原帖中查看解决方案

0 项奖励
回复
3 回复数
3,225 次查看
FelipeGarcia
NXP Employee
NXP Employee

Hi,

As this is a library from ARM I would recommend to open an issue in GitHub directly. If you would like to get more information on how to implement file system, I recommend you to check our FatFS examples in our MCUXpresso SDK.

Have a great day,

Felipe

-------------------------------------------------------------------------------

Note:

- If this post answers your question, please click the "Mark Correct" button. Thank you!

- We are following threads for 7 weeks after the last post, later replies are ignored. Please open a new thread and refer to the closed one, if you have a related question at a later point in time. 

------------------------------------------------------------------------------ 

0 项奖励
回复
3,220 次查看
slimSHA
Contributor III

Thanks for the reply,

the problem was I did not call CRYPTO_InitHardware()  initially, 

now I'm able to generate sha256 hashes of inputs properly.

BUT 

my calles to mbedtls_rsa_pkcs1_verify( &g_rsa,NULL,NULL,MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_SHA1,20, hash, buf ) is failed. the error code returned is -0x4290 but i couldn't find this error code from rsa.h file, but the closest one is 

#define MBEDTLS_ERR_RSA_PUBLIC_FAILED -0x4280 /**< The public key operation failed. */

am i missing any other initialization here ?

 

 

0 项奖励
回复
3,204 次查看
slimSHA
Contributor III

I increased the heap to 0x8000  and the problem resolved

0 项奖励
回复