5 years, 3 months ago.

Some time mbedtls_mpi_size () is returning larger value than buffer len.

I am using MBEDTLS_RSA_PUBLIC for the signature verification with MBEDTLS_MD_SHA256 algorithm.

Some time i am getting MBEDTLS_ERR_RSA_INVALID_PADDING, so i have done some analysis and found that mbedtls_mpi_size () API is returning larger value than buffer len.

This error is continually coming if occurred once, even every time I am initializing the mpi.

mbedtls_rsa_public () API is returning 0 value but mbedtls_mpi_write_binary () API is corrupting the output buffer due to this incorrect value of mbedtls_mpi_size ().

I have verified below things, 1. Signature was OK 2. RSA context is OK, i am not sure about that, how can i verify it? 3. Calculated hash is OK

Please help on this, i am very new in this security part.

1 Answer

5 years, 3 months ago.

Hi Piyush,

Do you know what is the key size you are using?

Do you have a sufficient value of MBEDLTS_MPI_MAX_SIZE set in your configuration? Note it should be at least the size of the key length, in bytes.

Please share more information on what key size you are using and when do you get the failures?( what's the buffer len in that case and what is the returned value of mbedtls_mpi_size?())

Regards,

Mbed Support

Ron

Hi Ron,

Thanks for your reply.

I got the root cause, actually mpi 'N' of RSA context was getting corrupted by my application.

Thanks & Regards, Piyush

posted by Piyush Purohit 27 Aug 2019

Assigned to Ron Eldor 5 years, 3 months ago.

This means that the question has been accepted and is being worked on.