rsa_varification using mbedtls libs

キャンセル
次の結果を表示 
表示  限定  | 次の代わりに検索 
もしかして: 

rsa_varification using mbedtls libs

ソリューションへジャンプ
3,239件の閲覧回数
slimSHA
Contributor III

I was trying to verify a signature of a binary file using mbedtls library (v2.26.0)

I took the reference code from https://github.com/ARMmbed/mbedtls/blob/v2.26.0/programs/pkey/rsa_verify.c 

In the reference code, they are using the mbedtls_md_file() function to calculate the hash of the file.
But I'm using the FATFS library to access the files. so I had to modify the reference code as follows.

 

/**
 * Function to get hash of a file of path.
 * the hash will be stored in output buffer.
 * return 0 on success and error code on failure.
 */
int rsa_get_hash_of_file(const mbedtls_md_info_t *md_info, char *path,unsigned char *output)
{
	int ret = -1;
    FIL f;
    mbedtls_md_context_t ctx;
    FRESULT error;
    int br=0;
    unsigned char buf[1024];
    if( md_info == NULL )
    {
    	PRINTF("bad input data\r\n");
    	blogd("bad input data\r\n");
    	return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
    }
    error=f_open(&f, path, FA_READ);
    if( error != FR_OK )
    {
    	PRINTF("Unable to open update file for security check\r\n");
    	blogd("Unable to open update file for security check\r\n");
    	return( MBEDTLS_ERR_MD_FILE_IO_ERROR );
    }
    mbedtls_md_init( &ctx );

    if( ( ret = mbedtls_md_init_ctx(&ctx, md_info4) ) != 0 )
        goto cleanup;
    if( ( ret = mbedtls_md_starts( &ctx ) ) != 0 )
        goto cleanup;

    while( (f_read(&f, buf, sizeof(buf), &br) == FR_OK ) && br > 0)
        {
   	if( ( ret = mbedtls_md_update( &ctx, buf, br ) ) != 0 )
            goto cleanup;
        }
    if( f_error( &f ) != 0 )
        ret = MBEDTLS_ERR_MD_FILE_IO_ERROR;
    else
        ret = mbedtls_md_finish( &ctx, output );
cleanup:
	memset(buf, 0, sizeof(buf));
	f_close( &f );
	mbedtls_md_free( &ctx );
	return( ret );
}

 

the problem is im getting no values in the output buffer and no error code is returning from mbedtls functions.
is there any macro or to be enabled to get this work ? 
any help are appreciated .

thanks

ラベル(1)
0 件の賞賛
返信
1 解決策
3,215件の閲覧回数
slimSHA
Contributor III

Thanks for the reply,

the problem was I did not call CRYPTO_InitHardware()  initially, 

now I'm able to generate sha256 hashes of inputs properly.

BUT 

my calles to mbedtls_rsa_pkcs1_verify( &g_rsa,NULL,NULL,MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_SHA1,20, hash, buf ) is failed. the error code returned is -0x4290 but i couldn't find this error code from rsa.h file, but the closest one is 

#define MBEDTLS_ERR_RSA_PUBLIC_FAILED -0x4280 /**< The public key operation failed. */

am i missing any other initialization here ?

 

 

元の投稿で解決策を見る

0 件の賞賛
返信
3 返答(返信)
3,221件の閲覧回数
FelipeGarcia
NXP Employee
NXP Employee

Hi,

As this is a library from ARM I would recommend to open an issue in GitHub directly. If you would like to get more information on how to implement file system, I recommend you to check our FatFS examples in our MCUXpresso SDK.

Have a great day,

Felipe

-------------------------------------------------------------------------------

Note:

- If this post answers your question, please click the "Mark Correct" button. Thank you!

- We are following threads for 7 weeks after the last post, later replies are ignored. Please open a new thread and refer to the closed one, if you have a related question at a later point in time. 

------------------------------------------------------------------------------ 

0 件の賞賛
返信
3,216件の閲覧回数
slimSHA
Contributor III

Thanks for the reply,

the problem was I did not call CRYPTO_InitHardware()  initially, 

now I'm able to generate sha256 hashes of inputs properly.

BUT 

my calles to mbedtls_rsa_pkcs1_verify( &g_rsa,NULL,NULL,MBEDTLS_RSA_PUBLIC, MBEDTLS_MD_SHA1,20, hash, buf ) is failed. the error code returned is -0x4290 but i couldn't find this error code from rsa.h file, but the closest one is 

#define MBEDTLS_ERR_RSA_PUBLIC_FAILED -0x4280 /**< The public key operation failed. */

am i missing any other initialization here ?

 

 

0 件の賞賛
返信
3,200件の閲覧回数
slimSHA
Contributor III

I increased the heap to 0x8000  and the problem resolved

0 件の賞賛
返信