1

Topic: Issues with PKCS#1_v1.5 (RSA with SHA256 signature)

Hi everyone!
We are going to use a wolfSSL library in our project, but we have faced issues with it.

First of all, we've made some experiments with PKCS#1_v1.5 (RSA with SHA256 signature) using WolfSSL, Python (pycryptodome lib) and OpenSSL (linux console-based and our custom C code), and we see that Python and OpenSSL generate the same signature, but not as the WolfSSL's one.
It is important to note that our goal is sending signed messages to the third-party server. Using some set of APIs we have an opportunity to validate signatures on the remote side, and we see, that signatures made with OpenSSL and Python were validated, while signature made with WolfSSL was refused. Thus, I believe, that signatures from Python and OpenSSL are correct.

We investigated wolfSSL manuals and examples in git repo, and made a simple test with wolfSSL signature. All details and a source code are below.

Probably, we are doing something wrong, but we don't know what exactly.
Any help is appreciated. Thanks in advance!



Here is a keypair in PEM format:
Private Key:

-----BEGIN RSA PRIVATE KEY-----\n
MIIEpAIBAAKCAQEAq6UTzL3bzW85zqixWhuLcsSxkwpqwlYuG9hUQ/WuskWhcNOx\n
qOQ03c5V7MVjnX5P25tXKVlNLtmlnlIYnAqXJd3f/7zlNodw12RS+Cd9HyRbIQ/6\n
G8s5UUb/JNPiIjYNDseQfaI4nrpnzmD99O7N7KxI8nNf1zc+T8sYt8jX1CrPuuPe\n
5n38AEN2k/23ijHHdln7hWCVCk5pT1rHx4QgDdDLft6eKltm8wrwXv20r5d6W6dk\n
cRS1nPBOyESKrBvSdjQqj6XartZh+Os5v13+ikyPJIAJk8A5hvLEo6uhCU2sz7UI\n
1kPoDmHPFZbAqjzm/jNmPm9YYVaRheL7JmRm1wIDAQABAoIBADwukJ8ocIF6vp+F\n
iU2JO98dNQ/TxrPl6JvNwVnksgCCpoS7TN7lSN3+YyU13mQRrilXMXvnekbze/zj\n
VwqbMfzOayQtVIbGfVugKvEkU1wQcL1Kb0zAeBPV207L1c1d+z0T3scWElkhDZWQ\n
b2qqMlyJ2bfcmR2KGph6ouuJiZczaobyhSyesdpQ0aRtGpw0liRm4C7FV+zvjQaw\n
TRofICs5yD/36UcuJ466/ht5ZKeSrolpaBRx5AGjKKfU11uH+FQGn4whdUPHnljK\n
z+ksz7I/ztWg+RBx4ymn3/cTtf5h6Iua+GEoafgKO0IhGUPguqsa4umXq3l6r0PC\n
H0gF/N0CgYEAzh/vKF0NK94thsYrZeQPCt1sDefW9W3OMfzYzYxnpXV5Vd8NR5jq\n
wExiUJlmMJeC2OJ96LjNATceFmbO6ZvgRWf4ZGs+x1dnI7ZplViGMuo4N/YOGEW6\n
nbMtzRmHB46jjdcLeD6F57t8s++qQ4SSDPAvvbm06rIpVdH8wP+mpo0CgYEA1S1X\n
L4ZiS/rzmHT+KdEl+CDuXgfN5eJ7e06BJ8aKwNtD6FVPvrvqT911wFCLzMnZ81/L\n
gqPU1mY4bFHHXhG/7C0cY7AMLEcWLo1cKYBooin5qx4GjzMKEFfjaHEHj2PcPShF\n
yZw01turPiM0/qMybJvgLKp3ib2odC/+MNBNS/MCgYEAwPi+orAyw432W0WtnW9b\n
8dUH8yDIau8I6l2H7y9yXUHUfWMcAJqVs8APDtv+AqHluvyX2cchDfE29sv7DFOF\n
LBVBQ2nv1RnrklCVGl9NC9+hECsIWQr2werchzZN5vJQBlt7/m+yVxd8kMxgP2Oe\n
hARc/acdS9fNwO2dTmZI84UCgYAhvN9Dgj0kUT8kLb/b1mHv9yZCc3G+pC1uwmnm\n
ZaGoDAufRYEtaogWw7HTEexOKNP5lHuc3Vjd5aegXQD0flKlii4oCMCkcUutamnf\n
l5b3szT0Q/g9yZIaLA6thNXxd5hvhWQmGDa0mmdrmh7U/fcJAVJlP0VT41Q5ry7H\n
gu/4yQKBgQDKc65UNsvaPxSI5y7JnoQ9l+P8DknPY1RXXzwfQVdq20EhxXeirzuh\n
6qrB0uW3Fa8Du2t1pRdnVqmFe9BW7Sem5PTH1iwxBGYHYciErzFvHKVTRCpEY8/a\n
KfGSVxMUK8EefX0JSj4Tm8zrZTGxlSDK1PsHU8UsKZR7anh+TkTM3g==\n
-----END RSA PRIVATE KEY-----

Public Key:

-----BEGIN PUBLIC KEY-----\n
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6UTzL3bzW85zqixWhuL\n
csSxkwpqwlYuG9hUQ/WuskWhcNOxqOQ03c5V7MVjnX5P25tXKVlNLtmlnlIYnAqX\n
Jd3f/7zlNodw12RS+Cd9HyRbIQ/6G8s5UUb/JNPiIjYNDseQfaI4nrpnzmD99O7N\n
7KxI8nNf1zc+T8sYt8jX1CrPuuPe5n38AEN2k/23ijHHdln7hWCVCk5pT1rHx4Qg\n
DdDLft6eKltm8wrwXv20r5d6W6dkcRS1nPBOyESKrBvSdjQqj6XartZh+Os5v13+\n
ikyPJIAJk8A5hvLEo6uhCU2sz7UI1kPoDmHPFZbAqjzm/jNmPm9YYVaRheL7JmRm\n
1wIDAQAB\n
-----END PUBLIC KEY-----

Here is the plain-text message we are trying to sign:

ed6235936c5c81ce8ea007480f955441204605a0a6777f17ee75af7a369442ec

We see the following signature results (All in Base64):
WolfSSL:

NzJlMzBmNjRkMGY0ZTM1ZjU2MGQyODlkZjdkNWJmNTRhNzVlMGE4NTc0ODMxMGJkOGNmNTE0NGVlMjFkOGNmZjQ4MzU3YTA0YWFlOTBjODgwZmY5M2FlMjUyZjA4YWRhOTQxNjkwMTRmNWU4Njc5ODczYTJkYzAwNmYxYjc3MDIwYTM3ZDJkZjJhZTMxY2Y1ZWNlZjkwOTkyNWQxYjE1MDk1NzYyMGMwNzI1NDkzNDFiYTRmMjMzMzg5NzVkNjcxZmM2NjA0MThmZWFkOTNmYmRiM2Y0ZmM0ZDk0NzMzZWMzMmE4ZmYzMjM2MGRlYjFjMmJlZTNkNGE3ZGEyN2ZjMDY1ODkzZGZkNWFjMjc3MjE3N2FlZTNmNDllODI4NDAzZWNmYjM0NTMxYzhlOTg1NWI5N2FkNzg0ZDFjOTI0NGVlODU1NDhjYzBjZmY1ODgzYTE3Y2E0Njc4NDgyYWU2ODk4OTk2YTQyMTQzZTc2Yzg5MTYyMWY1N2VjYzU2NTM0N2RhZmExMGExZTJkZjA0MjQ5ZmYzZjI2ZGU0OGI4OGEwM2Q3OWVkOGU4MjYyMGM1ZDVjNzM5NjYwZmNjMjY3NjBjODBhNDYxZmU1OTZkZDUyNWJmNThjZjIyYzg3Y2E5NTkwMGI3NTFkZGFmODJhNjBiODZjNmY0OWNjN2U4YzU=

OpenSSL:

fjC40FP6WHZ/wgHrJ/46ivXD0PTGattWnhQ1w1SmQMfZza3kNhvln/kh5bfyIzi+35lFDndlvl+Srhd8+n3lfW91UnVxOmi90rM0x8SsIeh9LU+vd293rfK2rgLS47p+iK8ZL4BIvJQ0Z9aK4/QCSvyft2Oeto5vG4FbByrsbR7H4gsZpiHwujOUI6S/GlOPzCSe++MIPkPFWDV07YVKPv7E+Fos/XfLmOR7MY5lERRIj+NqAWLeOKRht+XNpuflxDpQ9vXJnPn/h5feYsT6AFHCrn3fCqr74kAYdHqbEiWrdleIaQrSI05FtBpHlD5ncP4hImojA6BTpPnRznVbrQ==

Python:

fjC40FP6WHZ/wgHrJ/46ivXD0PTGattWnhQ1w1SmQMfZza3kNhvln/kh5bfyIzi+35lFDndlvl+Srhd8+n3lfW91UnVxOmi90rM0x8SsIeh9LU+vd293rfK2rgLS47p+iK8ZL4BIvJQ0Z9aK4/QCSvyft2Oeto5vG4FbByrsbR7H4gsZpiHwujOUI6S/GlOPzCSe++MIPkPFWDV07YVKPv7E+Fos/XfLmOR7MY5lERRIj+NqAWLeOKRht+XNpuflxDpQ9vXJnPn/h5feYsT6AFHCrn3fCqr74kAYdHqbEiWrdleIaQrSI05FtBpHlD5ncP4hImojA6BTpPnRznVbrQ==

Source code with our experiments (OpenSSL and Python) are in the attachment.
WolfSSL-based source code (signature part only) is below:

//...

    static const byte private_key_pem[] =
"-----BEGIN RSA PRIVATE KEY-----\n\
MIIEpAIBAAKCAQEAq6UTzL3bzW85zqixWhuLcsSxkwpqwlYuG9hUQ/WuskWhcNOx\n\
qOQ03c5V7MVjnX5P25tXKVlNLtmlnlIYnAqXJd3f/7zlNodw12RS+Cd9HyRbIQ/6\n\
G8s5UUb/JNPiIjYNDseQfaI4nrpnzmD99O7N7KxI8nNf1zc+T8sYt8jX1CrPuuPe\n\
5n38AEN2k/23ijHHdln7hWCVCk5pT1rHx4QgDdDLft6eKltm8wrwXv20r5d6W6dk\n\
cRS1nPBOyESKrBvSdjQqj6XartZh+Os5v13+ikyPJIAJk8A5hvLEo6uhCU2sz7UI\n\
1kPoDmHPFZbAqjzm/jNmPm9YYVaRheL7JmRm1wIDAQABAoIBADwukJ8ocIF6vp+F\n\
iU2JO98dNQ/TxrPl6JvNwVnksgCCpoS7TN7lSN3+YyU13mQRrilXMXvnekbze/zj\n\
VwqbMfzOayQtVIbGfVugKvEkU1wQcL1Kb0zAeBPV207L1c1d+z0T3scWElkhDZWQ\n\
b2qqMlyJ2bfcmR2KGph6ouuJiZczaobyhSyesdpQ0aRtGpw0liRm4C7FV+zvjQaw\n\
TRofICs5yD/36UcuJ466/ht5ZKeSrolpaBRx5AGjKKfU11uH+FQGn4whdUPHnljK\n\
z+ksz7I/ztWg+RBx4ymn3/cTtf5h6Iua+GEoafgKO0IhGUPguqsa4umXq3l6r0PC\n\
H0gF/N0CgYEAzh/vKF0NK94thsYrZeQPCt1sDefW9W3OMfzYzYxnpXV5Vd8NR5jq\n\
wExiUJlmMJeC2OJ96LjNATceFmbO6ZvgRWf4ZGs+x1dnI7ZplViGMuo4N/YOGEW6\n\
nbMtzRmHB46jjdcLeD6F57t8s++qQ4SSDPAvvbm06rIpVdH8wP+mpo0CgYEA1S1X\n\
L4ZiS/rzmHT+KdEl+CDuXgfN5eJ7e06BJ8aKwNtD6FVPvrvqT911wFCLzMnZ81/L\n\
gqPU1mY4bFHHXhG/7C0cY7AMLEcWLo1cKYBooin5qx4GjzMKEFfjaHEHj2PcPShF\n\
yZw01turPiM0/qMybJvgLKp3ib2odC/+MNBNS/MCgYEAwPi+orAyw432W0WtnW9b\n\
8dUH8yDIau8I6l2H7y9yXUHUfWMcAJqVs8APDtv+AqHluvyX2cchDfE29sv7DFOF\n\
LBVBQ2nv1RnrklCVGl9NC9+hECsIWQr2werchzZN5vJQBlt7/m+yVxd8kMxgP2Oe\n\
hARc/acdS9fNwO2dTmZI84UCgYAhvN9Dgj0kUT8kLb/b1mHv9yZCc3G+pC1uwmnm\n\
ZaGoDAufRYEtaogWw7HTEexOKNP5lHuc3Vjd5aegXQD0flKlii4oCMCkcUutamnf\n\
l5b3szT0Q/g9yZIaLA6thNXxd5hvhWQmGDa0mmdrmh7U/fcJAVJlP0VT41Q5ry7H\n\
gu/4yQKBgQDKc65UNsvaPxSI5y7JnoQ9l+P8DknPY1RXXzwfQVdq20EhxXeirzuh\n\
6qrB0uW3Fa8Du2t1pRdnVqmFe9BW7Sem5PTH1iwxBGYHYciErzFvHKVTRCpEY8/a\n\
KfGSVxMUK8EefX0JSj4Tm8zrZTGxlSDK1PsHU8UsKZR7anh+TkTM3g==\n\
-----END RSA PRIVATE KEY-----";
        
    static const byte public_key_pem[] =
"-----BEGIN PUBLIC KEY-----\n\
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6UTzL3bzW85zqixWhuL\n\
csSxkwpqwlYuG9hUQ/WuskWhcNOxqOQ03c5V7MVjnX5P25tXKVlNLtmlnlIYnAqX\n\
Jd3f/7zlNodw12RS+Cd9HyRbIQ/6G8s5UUb/JNPiIjYNDseQfaI4nrpnzmD99O7N\n\
7KxI8nNf1zc+T8sYt8jX1CrPuuPe5n38AEN2k/23ijHHdln7hWCVCk5pT1rHx4Qg\n\
DdDLft6eKltm8wrwXv20r5d6W6dkcRS1nPBOyESKrBvSdjQqj6XartZh+Os5v13+\n\
ikyPJIAJk8A5hvLEo6uhCU2sz7UI1kPoDmHPFZbAqjzm/jNmPm9YYVaRheL7JmRm\n\
1wIDAQAB\n\
-----END PUBLIC KEY-----";
    
    printf("private_key_pem:\n%s\n", private_key_pem);
    printf("public_key_pem:\n%s\n", public_key_pem);
    
    static byte private_key_der[4096] = {0};
    
    RsaKey key;
    WC_RNG rng;
    wc_InitRng(&rng);
    wc_InitRsaKey(&key, NULL);
    
    int32_t private_key_der_size = wc_KeyPemToDer(private_key_pem, strlen((const char*)private_key_pem), private_key_der, sizeof(private_key_der), NULL);
    
    word32 idx = 0;
    return_value = wc_RsaPrivateKeyDecode(private_key_der, &idx, &key, private_key_der_size);
    
    static byte message[] = "ed6235936c5c81ce8ea007480f955441204605a0a6777f17ee75af7a369442ec";
    
    // Get signature length
    int message_signed_size = wc_SignatureGetSize(WC_SIGNATURE_TYPE_RSA, &key, sizeof(key));
    static byte message_signed[4096] = {0};
    // Perform signature generation using private key
    return_value = wc_SignatureGenerate(
                        WC_HASH_TYPE_SHA256, WC_SIGNATURE_TYPE_RSA,
                        message, (strlen(message) + 1),
                        message_signed, &message_signed_size,
                        &key, sizeof(key),
                        &rng);
    printf("Signature Generation: %s (%d)\n", (return_value == 0) ? "Pass" : "Fail", return_value);
    
    static byte message_signed_base16[4096] = {0};
    word32 message_signed_base16_size = sizeof(message_signed_base16);
    Base16_Encode(message_signed, message_signed_size, message_signed_base16, &message_signed_base16_size);
    //Convert all chars to lowercase
    for(int cnt = 0; message_signed_base16[cnt]; cnt++)
    {
        message_signed_base16[cnt] = tolower(message_signed_base16[cnt]);
    }
    printf("message_signed_base16:\n%s\n", message_signed_base16);

    static byte message_signed_base16_base64[4096] = {0};
    word32 message_signed_base16_base64_size = sizeof(message_signed_base16_base64);
    return_value = Base64_Encode_NoNl(message_signed_base16, strlen((const char*)message_signed_base16), message_signed_base16_base64, &message_signed_base16_base64_size);
    printf("message_signed_base16_base64:\n%s\n", message_signed_base16_base64);
Post's attachments

python_and_openssl_src.zip 5.82 kb, 4 downloads since 2019-10-10 

You don't have the permssions to download the attachments of this post.

Share

Re: Issues with PKCS#1_v1.5 (RSA with SHA256 signature)

Hi @DS,

Thank you for reaching out to wolfSSL. Please checkout our example here that does signature generation using the same method as OpenSSL

https://github.com/wolfSSL/wolfssl-exam … re/sigtest

It looks like you may have missed the step to encode the hash before calling wc_SignatureGenerate. Encoding the hash is an extra step OpenSSL does but that is opaque to the end user. I do wish the OpenSSL project would make more clear the steps being taken in their logs. This question does come up about 2 - 3 times a year, thus why we finally put up an example for it :-)

https://github.com/wolfSSL/wolfssl-exam … est.c#L165

Warm Regards,

KH

3

Re: Issues with PKCS#1_v1.5 (RSA with SHA256 signature)

Hi Kaleb,

First of all, thank you very much for your response!

I've checked demo you provided, and changed given digest, expected result and PEM keys to mine, replaced SHA1 to SHA256 and increased buffer sizes where it was necessary.
"wc_EncodeSignature" function was also called exactly as in the original demo, so the hash should be encoded at this stage as well.
Unfortunately, after all these steps, it didn't show me an expected result.

I would be grateful if you could take a look at it. I feel that I am close to solution, but missing some small step and can't figure out which one exactly.
The source code below is almost the original demo, except of the changes I mentioned above.

Thank you for your help!


wolfssl-examples/signature/sigtest/wolfsigtest.c with changes:

#include <stdio.h>
#include <stdlib.h>

#include <wolfssl/options.h>
#include <wolfssl/wolfcrypt/ecc.h>
#include <wolfssl/wolfcrypt/signature.h>
#include <wolfssl/wolfcrypt/hash.h>
#include <wolfssl/wolfcrypt/logging.h>
#include <wolfssl/wolfcrypt/error-crypt.h>
#include <wolfssl/wolfcrypt/asn.h>
#include <wolfssl/ssl.h>

#include "wolfssl/wolfcrypt/rsa.h"      // For RSA functions

/* wolfSSL must be build with WOLFSSL_CERT_EXT defined */
#ifdef WOLFSSL_CERT_EXT

/* this is from ./certs/ca-key.pem */
const char* pubPemKey  = 
"-----BEGIN PUBLIC KEY-----\n\
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6UTzL3bzW85zqixWhuL\n\
csSxkwpqwlYuG9hUQ/WuskWhcNOxqOQ03c5V7MVjnX5P25tXKVlNLtmlnlIYnAqX\n\
Jd3f/7zlNodw12RS+Cd9HyRbIQ/6G8s5UUb/JNPiIjYNDseQfaI4nrpnzmD99O7N\n\
7KxI8nNf1zc+T8sYt8jX1CrPuuPe5n38AEN2k/23ijHHdln7hWCVCk5pT1rHx4Qg\n\
DdDLft6eKltm8wrwXv20r5d6W6dkcRS1nPBOyESKrBvSdjQqj6XartZh+Os5v13+\n\
ikyPJIAJk8A5hvLEo6uhCU2sz7UI1kPoDmHPFZbAqjzm/jNmPm9YYVaRheL7JmRm\n\
1wIDAQAB\n\
-----END PUBLIC KEY-----";
const char* privPemKey = 
"-----BEGIN RSA PRIVATE KEY-----\n\
MIIEpAIBAAKCAQEAq6UTzL3bzW85zqixWhuLcsSxkwpqwlYuG9hUQ/WuskWhcNOx\n\
qOQ03c5V7MVjnX5P25tXKVlNLtmlnlIYnAqXJd3f/7zlNodw12RS+Cd9HyRbIQ/6\n\
G8s5UUb/JNPiIjYNDseQfaI4nrpnzmD99O7N7KxI8nNf1zc+T8sYt8jX1CrPuuPe\n\
5n38AEN2k/23ijHHdln7hWCVCk5pT1rHx4QgDdDLft6eKltm8wrwXv20r5d6W6dk\n\
cRS1nPBOyESKrBvSdjQqj6XartZh+Os5v13+ikyPJIAJk8A5hvLEo6uhCU2sz7UI\n\
1kPoDmHPFZbAqjzm/jNmPm9YYVaRheL7JmRm1wIDAQABAoIBADwukJ8ocIF6vp+F\n\
iU2JO98dNQ/TxrPl6JvNwVnksgCCpoS7TN7lSN3+YyU13mQRrilXMXvnekbze/zj\n\
VwqbMfzOayQtVIbGfVugKvEkU1wQcL1Kb0zAeBPV207L1c1d+z0T3scWElkhDZWQ\n\
b2qqMlyJ2bfcmR2KGph6ouuJiZczaobyhSyesdpQ0aRtGpw0liRm4C7FV+zvjQaw\n\
TRofICs5yD/36UcuJ466/ht5ZKeSrolpaBRx5AGjKKfU11uH+FQGn4whdUPHnljK\n\
z+ksz7I/ztWg+RBx4ymn3/cTtf5h6Iua+GEoafgKO0IhGUPguqsa4umXq3l6r0PC\n\
H0gF/N0CgYEAzh/vKF0NK94thsYrZeQPCt1sDefW9W3OMfzYzYxnpXV5Vd8NR5jq\n\
wExiUJlmMJeC2OJ96LjNATceFmbO6ZvgRWf4ZGs+x1dnI7ZplViGMuo4N/YOGEW6\n\
nbMtzRmHB46jjdcLeD6F57t8s++qQ4SSDPAvvbm06rIpVdH8wP+mpo0CgYEA1S1X\n\
L4ZiS/rzmHT+KdEl+CDuXgfN5eJ7e06BJ8aKwNtD6FVPvrvqT911wFCLzMnZ81/L\n\
gqPU1mY4bFHHXhG/7C0cY7AMLEcWLo1cKYBooin5qx4GjzMKEFfjaHEHj2PcPShF\n\
yZw01turPiM0/qMybJvgLKp3ib2odC/+MNBNS/MCgYEAwPi+orAyw432W0WtnW9b\n\
8dUH8yDIau8I6l2H7y9yXUHUfWMcAJqVs8APDtv+AqHluvyX2cchDfE29sv7DFOF\n\
LBVBQ2nv1RnrklCVGl9NC9+hECsIWQr2werchzZN5vJQBlt7/m+yVxd8kMxgP2Oe\n\
hARc/acdS9fNwO2dTmZI84UCgYAhvN9Dgj0kUT8kLb/b1mHv9yZCc3G+pC1uwmnm\n\
ZaGoDAufRYEtaogWw7HTEexOKNP5lHuc3Vjd5aegXQD0flKlii4oCMCkcUutamnf\n\
l5b3szT0Q/g9yZIaLA6thNXxd5hvhWQmGDa0mmdrmh7U/fcJAVJlP0VT41Q5ry7H\n\
gu/4yQKBgQDKc65UNsvaPxSI5y7JnoQ9l+P8DknPY1RXXzwfQVdq20EhxXeirzuh\n\
6qrB0uW3Fa8Du2t1pRdnVqmFe9BW7Sem5PTH1iwxBGYHYciErzFvHKVTRCpEY8/a\n\
KfGSVxMUK8EefX0JSj4Tm8zrZTGxlSDK1PsHU8UsKZR7anh+TkTM3g==\n\
-----END RSA PRIVATE KEY-----";

uint8_t Digest_given[] = 
"ed6235936c5c81ce8ea007480f955441204605a0a6777f17ee75af7a369442ec";

uint8_t expected_signed_results[] =
{
    0x7E,0x30,0xB8,0xD0,0x53,0xFA,0x58,0x76,0x7F,0xC2,0x01,0xEB,0x27,0xFE,0x3A,0x8A,
    0xF5,0xC3,0xD0,0xF4,0xC6,0x6A,0xDB,0x56,0x9E,0x14,0x35,0xC3,0x54,0xA6,0x40,0xC7,
    0xD9,0xCD,0xAD,0xE4,0x36,0x1B,0xE5,0x9F,0xF9,0x21,0xE5,0xB7,0xF2,0x23,0x38,0xBE,
    0xDF,0x99,0x45,0x0E,0x77,0x65,0xBE,0x5F,0x92,0xAE,0x17,0x7C,0xFA,0x7D,0xE5,0x7D,
    0x6F,0x75,0x52,0x75,0x71,0x3A,0x68,0xBD,0xD2,0xB3,0x34,0xC7,0xC4,0xAC,0x21,0xE8,
    0x7D,0x2D,0x4F,0xAF,0x77,0x6F,0x77,0xAD,0xF2,0xB6,0xAE,0x02,0xD2,0xE3,0xBA,0x7E,
    0x88,0xAF,0x19,0x2F,0x80,0x48,0xBC,0x94,0x34,0x67,0xD6,0x8A,0xE3,0xF4,0x02,0x4A,
    0xFC,0x9F,0xB7,0x63,0x9E,0xB6,0x8E,0x6F,0x1B,0x81,0x5B,0x07,0x2A,0xEC,0x6D,0x1E,
    0xC7,0xE2,0x0B,0x19,0xA6,0x21,0xF0,0xBA,0x33,0x94,0x23,0xA4,0xBF,0x1A,0x53,0x8F,
    0xCC,0x24,0x9E,0xFB,0xE3,0x08,0x3E,0x43,0xC5,0x58,0x35,0x74,0xED,0x85,0x4A,0x3E,
    0xFE,0xC4,0xF8,0x5A,0x2C,0xFD,0x77,0xCB,0x98,0xE4,0x7B,0x31,0x8E,0x65,0x11,0x14,
    0x48,0x8F,0xE3,0x6A,0x01,0x62,0xDE,0x38,0xA4,0x61,0xB7,0xE5,0xCD,0xA6,0xE7,0xE5,
    0xC4,0x3A,0x50,0xF6,0xF5,0xC9,0x9C,0xF9,0xFF,0x87,0x97,0xDE,0x62,0xC4,0xFA,0x00,
    0x51,0xC2,0xAE,0x7D,0xDF,0x0A,0xAA,0xFB,0xE2,0x40,0x18,0x74,0x7A,0x9B,0x12,0x25,
    0xAB,0x76,0x57,0x88,0x69,0x0A,0xD2,0x23,0x4E,0x45,0xB4,0x1A,0x47,0x94,0x3E,0x67,
    0x70,0xFE,0x21,0x22,0x6A,0x23,0x03,0xA0,0x53,0xA4,0xF9,0xD1,0xCE,0x75,0x5B,0xAD
};

#define SHA256_HASH_LEN  32
#define DATA_BLOCK_LEN sizeof(Digest_given)
#define SIGNED_LEN     256

static void print_buf(char *str, uint8_t *buf, int blen)
{
   int i, j;

   printf("%s\n", str);
   for (i = 0, j = 0; i < blen; i++)
   {
      printf("%02X ", *buf++);
      if (++j == 16)
      {
         j = 0;
         printf("\n");
      }
   }
   printf("\n");
}

int main(int argc, char** argv)
{
   int ret = 0;
   RNG rng;
   byte DER_buf[4096]; word32 DER_len = sizeof(DER_buf);
   byte Sig_buf[SIGNED_LEN]; word32 Sig_len = sizeof(Sig_buf);
   byte Hash_buf[SHA256_HASH_LEN]; word32 Hash_len = sizeof(Hash_buf);
   byte Digest_buf[SHA256_HASH_LEN+DATA_BLOCK_LEN]; word32 Digest_len = sizeof(Digest_buf);
   byte DigestVer_buf[SHA256_HASH_LEN+DATA_BLOCK_LEN]; word32 DigestVer_len = sizeof(DigestVer_buf);
   word32 inOutIdx=0;
   RsaKey rsakey;
   byte pemPublic = 0;
   enum wc_HashType hash_type = WC_HASH_TYPE_SHA256;
   enum wc_SignatureType sig_type = WC_SIGNATURE_TYPE_RSA_W_ENC;

   // Create input data (65 bytes)
   print_buf("Digest Input Data:", Digest_given, DATA_BLOCK_LEN);

   /* Init */
   wc_InitRng(&rng);

   /* Init Rsa Key */
   wc_InitRsaKey(&rsakey, NULL);

   memset(DER_buf, 0, sizeof(DER_buf));
   ret = wolfSSL_KeyPemToDer((const byte*)privPemKey, strlen(privPemKey), DER_buf, sizeof(DER_buf), NULL);
   if (ret < 0) {
       ret = wolfSSL_PubKeyPemToDer((const byte*)pubPemKey, strlen(pubPemKey), DER_buf, sizeof(DER_buf)); /* Needs WOLFSSL_CERT_EXT defined or --enable-certgen --enable-certext  */
       pemPublic = 1;
   }
   printf("DER_len = %d DER_buf:\n", ret);
   if (ret < 0) goto exit;
   DER_len = ret;
   print_buf("DER:", DER_buf, DER_len);

   // PEM key selection
   if (!pemPublic) {
       ret = wc_RsaPrivateKeyDecode(DER_buf, &inOutIdx, &rsakey, DER_len);
   }
   else {
       ret = wc_RsaPublicKeyDecode(DER_buf, &inOutIdx, &rsakey, DER_len);
   }
   printf("decode %s key =%d\n", pemPublic ? "public" : "private", ret);

   /* Get signature length and allocate buffer */
   ret = wc_SignatureGetSize(sig_type, &rsakey, sizeof(rsakey));
   printf("Sig Len: %d\n", ret);
   if (ret < 0) goto exit;
   Sig_len = ret;

   /* Get Hash length */
   ret = wc_HashGetDigestSize(hash_type);
   printf("Hash Digest Len: %d\n", ret);
   if (ret < 0) goto exit;
   Hash_len = ret;

   /* Hash digest with SHA256 */
   ret = wc_Hash(hash_type, Digest_given, sizeof(Digest_given), Hash_buf, Hash_len);
   printf("Digest SHA256 Hash: %d\n", ret);
   if (ret < 0) goto exit;
   print_buf("Digest Output 32 Data:", Hash_buf, Hash_len);

   /* Add ASN digest info header */
   ret = wc_EncodeSignature(Digest_buf, Hash_buf, Hash_len, SHAh);
   printf("Digest Header: %d\n", ret);
   if (ret <= 0) goto exit;
   Digest_len = ret;
   print_buf("Signed data results:", Digest_buf, Digest_len);

   if (!pemPublic) {
       /* Perform hash and sign to create signature */
       ret = wc_RsaSSL_Sign(Digest_buf, Digest_len, Sig_buf, Sig_len, &rsakey, &rng);
       printf("RSA Sign Result: %d\n", ret);
       if (ret < 0) goto exit;
       Sig_len = ret;

       print_buf("RSA Sign Data:", Sig_buf, Sig_len);

       ret = wc_SignatureGenerate(hash_type, sig_type, Digest_given, sizeof(Digest_given), Sig_buf, &Sig_len, &rsakey, sizeof(rsakey), &rng);
       printf("Sig Generation: ret %d, Sig_len=%d\n", ret, Sig_len);
       print_buf("Sign Data:", Sig_buf, Sig_len);
   }
   else {
       /* Use digest for RSA verify */
       ret = wc_RsaSSL_Verify(Sig_buf, Sig_len, DigestVer_buf, DigestVer_len, &rsakey);
       if (ret != Digest_len || XMEMCMP(DigestVer_buf, Digest_buf, Digest_len) != 0) {
            printf("RSA Verify Failed! %d\n", ret);
       }
       else {
           printf("RSA Verify Success!\n");
           ret = 0;
       }
       print_buf("Ecpected Verify Data:", DigestVer_buf, DigestVer_len);
       print_buf("RSA Verify Data:", Digest_buf, Digest_len);

       if (ret == 0) {
           ret = wc_SignatureVerify(hash_type, sig_type, Digest_given, sizeof(Digest_given), Sig_buf, Sig_len, &rsakey, sizeof(rsakey));
           printf("Sig Verification: %s (%d)\n", (ret == wc_HashGetDigestSize(hash_type)) ? "Pass" : "Fail", ret);
           print_buf("Sig Verify Data:", Digest_buf, Digest_len);
       }
   }

   /* Verify against expected signature */
   print_buf("Expected Signature:", expected_signed_results, sizeof(expected_signed_results));
   if (memcmp(Sig_buf, expected_signed_results, Sig_len) == 0) {
       printf("Signatures match!\n");
   }
   else {
       printf("Signature invalid!\n");
   }

exit:
   wc_FreeRsaKey(&rsakey);
   wc_FreeRng(&rng);
   return 0;
}

#else

int main(int argc, char** argv)
{
    (void)argc;
    (void)argv;
    printf("Error wolfSSL must be build with WOLFSSL_CERT_EXT enable ./configure --enable-certgen --enable-certext\n");
    return 0;
}

#endif /* WOLFSSL_CERT_EXT */

A debug from the console:

Digest Input Data:
65 64 36 32 33 35 39 33 36 63 35 63 38 31 63 65 
38 65 61 30 30 37 34 38 30 66 39 35 35 34 34 31 
32 30 34 36 30 35 61 30 61 36 37 37 37 66 31 37 
65 65 37 35 61 66 37 61 33 36 39 34 34 32 65 63 
00 
DER_len = 1192 DER_buf:
DER:
30 82 04 A4 02 01 00 02 82 01 01 00 AB A5 13 CC 
BD DB CD 6F 39 CE A8 B1 5A 1B 8B 72 C4 B1 93 0A 
6A C2 56 2E 1B D8 54 43 F5 AE B2 45 A1 70 D3 B1 
A8 E4 34 DD CE 55 EC C5 63 9D 7E 4F DB 9B 57 29 
59 4D 2E D9 A5 9E 52 18 9C 0A 97 25 DD DF FF BC 
E5 36 87 70 D7 64 52 F8 27 7D 1F 24 5B 21 0F FA 
1B CB 39 51 46 FF 24 D3 E2 22 36 0D 0E C7 90 7D 
A2 38 9E BA 67 CE 60 FD F4 EE CD EC AC 48 F2 73 
5F D7 37 3E 4F CB 18 B7 C8 D7 D4 2A CF BA E3 DE 
E6 7D FC 00 43 76 93 FD B7 8A 31 C7 76 59 FB 85 
60 95 0A 4E 69 4F 5A C7 C7 84 20 0D D0 CB 7E DE 
9E 2A 5B 66 F3 0A F0 5E FD B4 AF 97 7A 5B A7 64 
71 14 B5 9C F0 4E C8 44 8A AC 1B D2 76 34 2A 8F 
A5 DA AE D6 61 F8 EB 39 BF 5D FE 8A 4C 8F 24 80 
09 93 C0 39 86 F2 C4 A3 AB A1 09 4D AC CF B5 08 
D6 43 E8 0E 61 CF 15 96 C0 AA 3C E6 FE 33 66 3E 
6F 58 61 56 91 85 E2 FB 26 64 66 D7 02 03 01 00 
01 02 82 01 00 3C 2E 90 9F 28 70 81 7A BE 9F 85 
89 4D 89 3B DF 1D 35 0F D3 C6 B3 E5 E8 9B CD C1 
59 E4 B2 00 82 A6 84 BB 4C DE E5 48 DD FE 63 25 
35 DE 64 11 AE 29 57 31 7B E7 7A 46 F3 7B FC E3 
57 0A 9B 31 FC CE 6B 24 2D 54 86 C6 7D 5B A0 2A 
F1 24 53 5C 10 70 BD 4A 6F 4C C0 78 13 D5 DB 4E 
CB D5 CD 5D FB 3D 13 DE C7 16 12 59 21 0D 95 90 
6F 6A AA 32 5C 89 D9 B7 DC 99 1D 8A 1A 98 7A A2 
EB 89 89 97 33 6A 86 F2 85 2C 9E B1 DA 50 D1 A4 
6D 1A 9C 34 96 24 66 E0 2E C5 57 EC EF 8D 06 B0 
4D 1A 1F 20 2B 39 C8 3F F7 E9 47 2E 27 8E BA FE 
1B 79 64 A7 92 AE 89 69 68 14 71 E4 01 A3 28 A7 
D4 D7 5B 87 F8 54 06 9F 8C 21 75 43 C7 9E 58 CA 
CF E9 2C CF B2 3F CE D5 A0 F9 10 71 E3 29 A7 DF 
F7 13 B5 FE 61 E8 8B 9A F8 61 28 69 F8 0A 3B 42 
21 19 43 E0 BA AB 1A E2 E9 97 AB 79 7A AF 43 C2 
1F 48 05 FC DD 02 81 81 00 CE 1F EF 28 5D 0D 2B 
DE 2D 86 C6 2B 65 E4 0F 0A DD 6C 0D E7 D6 F5 6D 
CE 31 FC D8 CD 8C 67 A5 75 79 55 DF 0D 47 98 EA 
C0 4C 62 50 99 66 30 97 82 D8 E2 7D E8 B8 CD 01 
37 1E 16 66 CE E9 9B E0 45 67 F8 64 6B 3E C7 57 
67 23 B6 69 95 58 86 32 EA 38 37 F6 0E 18 45 BA 
9D B3 2D CD 19 87 07 8E A3 8D D7 0B 78 3E 85 E7 
BB 7C B3 EF AA 43 84 92 0C F0 2F BD B9 B4 EA B2 
29 55 D1 FC C0 FF A6 A6 8D 02 81 81 00 D5 2D 57 
2F 86 62 4B FA F3 98 74 FE 29 D1 25 F8 20 EE 5E 
07 CD E5 E2 7B 7B 4E 81 27 C6 8A C0 DB 43 E8 55 
4F BE BB EA 4F DD 75 C0 50 8B CC C9 D9 F3 5F CB 
82 A3 D4 D6 66 38 6C 51 C7 5E 11 BF EC 2D 1C 63 
B0 0C 2C 47 16 2E 8D 5C 29 80 68 A2 29 F9 AB 1E 
06 8F 33 0A 10 57 E3 68 71 07 8F 63 DC 3D 28 45 
C9 9C 34 D6 DB AB 3E 23 34 FE A3 32 6C 9B E0 2C 
AA 77 89 BD A8 74 2F FE 30 D0 4D 4B F3 02 81 81 
00 C0 F8 BE A2 B0 32 C3 8D F6 5B 45 AD 9D 6F 5B 
F1 D5 07 F3 20 C8 6A EF 08 EA 5D 87 EF 2F 72 5D 
41 D4 7D 63 1C 00 9A 95 B3 C0 0F 0E DB FE 02 A1 
E5 BA FC 97 D9 C7 21 0D F1 36 F6 CB FB 0C 53 85 
2C 15 41 43 69 EF D5 19 EB 92 50 95 1A 5F 4D 0B 
DF A1 10 2B 08 59 0A F6 C1 EA DC 87 36 4D E6 F2 
50 06 5B 7B FE 6F B2 57 17 7C 90 CC 60 3F 63 9E 
84 04 5C FD A7 1D 4B D7 CD C0 ED 9D 4E 66 48 F3 
85 02 81 80 21 BC DF 43 82 3D 24 51 3F 24 2D BF 
DB D6 61 EF F7 26 42 73 71 BE A4 2D 6E C2 69 E6 
65 A1 A8 0C 0B 9F 45 81 2D 6A 88 16 C3 B1 D3 11 
EC 4E 28 D3 F9 94 7B 9C DD 58 DD E5 A7 A0 5D 00 
F4 7E 52 A5 8A 2E 28 08 C0 A4 71 4B AD 6A 69 DF 
97 96 F7 B3 34 F4 43 F8 3D C9 92 1A 2C 0E AD 84 
D5 F1 77 98 6F 85 64 26 18 36 B4 9A 67 6B 9A 1E 
D4 FD F7 09 01 52 65 3F 45 53 E3 54 39 AF 2E C7 
82 EF F8 C9 02 81 81 00 CA 73 AE 54 36 CB DA 3F 
14 88 E7 2E C9 9E 84 3D 97 E3 FC 0E 49 CF 63 54 
57 5F 3C 1F 41 57 6A DB 41 21 C5 77 A2 AF 3B A1 
EA AA C1 D2 E5 B7 15 AF 03 BB 6B 75 A5 17 67 56 
A9 85 7B D0 56 ED 27 A6 E4 F4 C7 D6 2C 31 04 66 
07 61 C8 84 AF 31 6F 1C A5 53 44 2A 44 63 CF DA 
29 F1 92 57 13 14 2B C1 1E 7D 7D 09 4A 3E 13 9B 
CC EB 65 31 B1 95 20 CA D4 FB 07 53 C5 2C 29 94 
7B 6A 78 7E 4E 44 CC DE 
decode private key =0
Sig Len: 256
Hash Digest Len: 32
Digest SHA256 Hash: 0
Digest Output 32 Data:
AA 34 E9 40 9F A1 8D 12 7A 07 A0 74 99 1E 61 14 
A8 91 67 88 E3 BA 29 BA 84 07 BA DB 75 DA F1 66 

Digest Header: 47
Signed data results:
30 2D 30 09 06 05 2B 0E 03 02 1A 05 00 04 20 AA 
34 E9 40 9F A1 8D 12 7A 07 A0 74 99 1E 61 14 A8 
91 67 88 E3 BA 29 BA 84 07 BA DB 75 DA F1 66 
RSA Sign Result: 256
RSA Sign Data:
28 01 8B D9 09 6F 88 D8 F3 5D 41 AA 14 F6 92 6A 
D5 07 14 05 7C 07 FF D2 BF 79 3B 97 50 34 E6 58 
F6 E0 EC 4B 26 B0 5D C4 E4 5B 16 96 97 00 04 AD 
80 6B C1 0B 92 D8 79 86 9F D2 3D B4 23 AA D7 43 
86 CC 83 DE 67 E4 DA F2 35 B2 21 4A D1 46 D8 99 
9A E9 40 F5 AC AB 57 3E 09 45 CF 2C AB 88 4B 66 
79 92 3D A1 13 55 B1 E6 FF DB 92 45 39 17 70 53 
F9 1E 52 5E 89 EB AA DC 28 0B 2A B2 5E B1 BE 7B 
E5 0F 1A 4F 6B D8 BE A9 6C E9 55 66 FE 0B 09 BD 
E0 03 D0 BC B3 89 E7 5C 95 1B F7 AD A9 F2 CA 9E 
B0 94 9C 23 80 4F A4 22 58 D4 A0 94 1C A3 67 61 
2A DA D4 A7 9B AB 9E 71 CD CA A4 D9 B0 4D 25 4F 
5E 68 E1 50 7C 95 15 8C 9D A9 1D FE 89 15 D5 A0 
8E 4D 4A BE 71 42 A1 41 91 D3 F2 09 60 75 C7 64 
B9 AC B7 1F 83 88 56 32 AE 29 33 A3 2D 7A 26 B0 
1A 4B EC 1D A6 7C C5 5C 0C EE D1 76 7A 88 E8 07 

Sig Generation: ret 0, Sig_len=256
Sign Data:
2C 5C C4 43 5D C0 D1 E2 B2 91 82 93 10 D4 64 61 
68 A1 0D A5 63 64 0A 0D A7 AE 0B A0 64 22 AA 0F 
15 76 C0 EF 4A 2D 99 9D 16 FA AB 01 BA 6F 82 43 
16 DD 3A 79 6D B3 17 E3 9B F3 81 0A 22 7A 9E 1D 
B6 44 61 9C 85 03 85 4F 0D F0 45 F1 3E BA B3 2B 
1F 36 37 D9 D2 37 3D 05 84 4F 3E 36 B3 88 C9 23 
03 85 24 92 54 E7 35 EF 9E 73 55 5D EC 3A 44 83 
08 86 C6 FD CE 82 92 06 75 8E DF 4C 7D 2C 46 BF 
3F 5D 2B 02 87 76 AA 76 C6 91 62 5A F0 28 87 45 
07 24 C5 6E 35 9C B4 10 D0 80 87 38 9E 2B 3D BB 
06 06 C9 A1 0D 65 9D 0E B5 3C 60 B9 7F 0E 7D 1C 
7D 72 0D 8A A4 5D 55 E1 1E 93 F6 4A E9 BF EA 74 
F1 77 E6 00 BE FF 3E 73 78 4B 29 EC 1F 61 1A 55 
74 C6 74 7F C3 83 75 36 EC 7A 54 5D A5 35 B8 21 
77 15 C5 4A 9B BB 32 04 1C 48 B2 6D 86 25 64 3D 
B8 C0 D1 08 25 69 4F 93 50 1C 1E 4A 7C 02 80 16 

Expected Signature:
7E 30 B8 D0 53 FA 58 76 7F C2 01 EB 27 FE 3A 8A 
F5 C3 D0 F4 C6 6A DB 56 9E 14 35 C3 54 A6 40 C7 
D9 CD AD E4 36 1B E5 9F F9 21 E5 B7 F2 23 38 BE 
DF 99 45 0E 77 65 BE 5F 92 AE 17 7C FA 7D E5 7D 
6F 75 52 75 71 3A 68 BD D2 B3 34 C7 C4 AC 21 E8 
7D 2D 4F AF 77 6F 77 AD F2 B6 AE 02 D2 E3 BA 7E 
88 AF 19 2F 80 48 BC 94 34 67 D6 8A E3 F4 02 4A 
FC 9F B7 63 9E B6 8E 6F 1B 81 5B 07 2A EC 6D 1E 
C7 E2 0B 19 A6 21 F0 BA 33 94 23 A4 BF 1A 53 8F 
CC 24 9E FB E3 08 3E 43 C5 58 35 74 ED 85 4A 3E 
FE C4 F8 5A 2C FD 77 CB 98 E4 7B 31 8E 65 11 14 
48 8F E3 6A 01 62 DE 38 A4 61 B7 E5 CD A6 E7 E5 
C4 3A 50 F6 F5 C9 9C F9 FF 87 97 DE 62 C4 FA 00 
51 C2 AE 7D DF 0A AA FB E2 40 18 74 7A 9B 12 25 
AB 76 57 88 69 0A D2 23 4E 45 B4 1A 47 94 3E 67 
70 FE 21 22 6A 23 03 A0 53 A4 F9 D1 CE 75 5B AD 

Signature invalid!

Share

Re: Issues with PKCS#1_v1.5 (RSA with SHA256 signature)

Hi @DS,

Is the input supposed to be string or hex format? Just curious, if I leave your test app as-is I see in the output:

Digest Input Data:
65 64 36 32 33 35 39 33 36 63 35 63 38 31 63 65 
38 65 61 30 30 37 34 38 30 66 39 35 35 34 34 31 
32 30 34 36 30 35 61 30 61 36 37 37 37 66 31 37 
65 65 37 35 61 66 37 61 33 36 39 34 34 32 65 63 
00

If I modify it to hex format I see:

Digest Input Data:
ED 62 35 93 6C 5C 81 CE 8E A0 07 48 0F 95 54 41 
20 46 05 A0 A6 77 7F 17 EE 75 AF 7A 36 94 42 EC 

Changing that still doesn't get the expected output but I am not sure of the original test case. Can you send over the steps for doing this with openSSL so I can run both an OpenSSL and wolfSSL test and compare the two?

Thanks!

K

5

Re: Issues with PKCS#1_v1.5 (RSA with SHA256 signature)

Hi Kaleb,

First of all, I have to say, that I found a solution!
As it turned out, I was in a small step of the success.

Answering your question, the input is supposed to be a string. I figured out that the problem was in the last byte which contains a null-terminator and also was used for generating signature. So, I removed the last byte, and a valid signature was generated.

Below is a fixed code and an open-ssl shell script just in case. An open-ssl C code and a python script are attached to my first post. I hope it might be useful for someone.

Thanks a lot for your help! Without your suggestion I might wouldn't be back to that demo soon.

Regards



Fixed wolfssl-examples/signature/sigtest/wolfsigtest.c with last changes:

#include <stdio.h>
#include <stdlib.h>

#include <wolfssl/options.h>
#include <wolfssl/wolfcrypt/ecc.h>
#include <wolfssl/wolfcrypt/signature.h>
#include <wolfssl/wolfcrypt/hash.h>
#include <wolfssl/wolfcrypt/logging.h>
#include <wolfssl/wolfcrypt/error-crypt.h>
#include <wolfssl/wolfcrypt/asn.h>
#include <wolfssl/ssl.h>

#include "wolfssl/wolfcrypt/rsa.h"      // For RSA functions

/* wolfSSL must be build with WOLFSSL_CERT_EXT defined */
#ifdef WOLFSSL_CERT_EXT

/* this is from ./certs/ca-key.pem */
const char* pubPemKey  = 
"-----BEGIN PUBLIC KEY-----\n\
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6UTzL3bzW85zqixWhuL\n\
csSxkwpqwlYuG9hUQ/WuskWhcNOxqOQ03c5V7MVjnX5P25tXKVlNLtmlnlIYnAqX\n\
Jd3f/7zlNodw12RS+Cd9HyRbIQ/6G8s5UUb/JNPiIjYNDseQfaI4nrpnzmD99O7N\n\
7KxI8nNf1zc+T8sYt8jX1CrPuuPe5n38AEN2k/23ijHHdln7hWCVCk5pT1rHx4Qg\n\
DdDLft6eKltm8wrwXv20r5d6W6dkcRS1nPBOyESKrBvSdjQqj6XartZh+Os5v13+\n\
ikyPJIAJk8A5hvLEo6uhCU2sz7UI1kPoDmHPFZbAqjzm/jNmPm9YYVaRheL7JmRm\n\
1wIDAQAB\n\
-----END PUBLIC KEY-----";
const char* privPemKey = 
"-----BEGIN RSA PRIVATE KEY-----\n\
MIIEpAIBAAKCAQEAq6UTzL3bzW85zqixWhuLcsSxkwpqwlYuG9hUQ/WuskWhcNOx\n\
qOQ03c5V7MVjnX5P25tXKVlNLtmlnlIYnAqXJd3f/7zlNodw12RS+Cd9HyRbIQ/6\n\
G8s5UUb/JNPiIjYNDseQfaI4nrpnzmD99O7N7KxI8nNf1zc+T8sYt8jX1CrPuuPe\n\
5n38AEN2k/23ijHHdln7hWCVCk5pT1rHx4QgDdDLft6eKltm8wrwXv20r5d6W6dk\n\
cRS1nPBOyESKrBvSdjQqj6XartZh+Os5v13+ikyPJIAJk8A5hvLEo6uhCU2sz7UI\n\
1kPoDmHPFZbAqjzm/jNmPm9YYVaRheL7JmRm1wIDAQABAoIBADwukJ8ocIF6vp+F\n\
iU2JO98dNQ/TxrPl6JvNwVnksgCCpoS7TN7lSN3+YyU13mQRrilXMXvnekbze/zj\n\
VwqbMfzOayQtVIbGfVugKvEkU1wQcL1Kb0zAeBPV207L1c1d+z0T3scWElkhDZWQ\n\
b2qqMlyJ2bfcmR2KGph6ouuJiZczaobyhSyesdpQ0aRtGpw0liRm4C7FV+zvjQaw\n\
TRofICs5yD/36UcuJ466/ht5ZKeSrolpaBRx5AGjKKfU11uH+FQGn4whdUPHnljK\n\
z+ksz7I/ztWg+RBx4ymn3/cTtf5h6Iua+GEoafgKO0IhGUPguqsa4umXq3l6r0PC\n\
H0gF/N0CgYEAzh/vKF0NK94thsYrZeQPCt1sDefW9W3OMfzYzYxnpXV5Vd8NR5jq\n\
wExiUJlmMJeC2OJ96LjNATceFmbO6ZvgRWf4ZGs+x1dnI7ZplViGMuo4N/YOGEW6\n\
nbMtzRmHB46jjdcLeD6F57t8s++qQ4SSDPAvvbm06rIpVdH8wP+mpo0CgYEA1S1X\n\
L4ZiS/rzmHT+KdEl+CDuXgfN5eJ7e06BJ8aKwNtD6FVPvrvqT911wFCLzMnZ81/L\n\
gqPU1mY4bFHHXhG/7C0cY7AMLEcWLo1cKYBooin5qx4GjzMKEFfjaHEHj2PcPShF\n\
yZw01turPiM0/qMybJvgLKp3ib2odC/+MNBNS/MCgYEAwPi+orAyw432W0WtnW9b\n\
8dUH8yDIau8I6l2H7y9yXUHUfWMcAJqVs8APDtv+AqHluvyX2cchDfE29sv7DFOF\n\
LBVBQ2nv1RnrklCVGl9NC9+hECsIWQr2werchzZN5vJQBlt7/m+yVxd8kMxgP2Oe\n\
hARc/acdS9fNwO2dTmZI84UCgYAhvN9Dgj0kUT8kLb/b1mHv9yZCc3G+pC1uwmnm\n\
ZaGoDAufRYEtaogWw7HTEexOKNP5lHuc3Vjd5aegXQD0flKlii4oCMCkcUutamnf\n\
l5b3szT0Q/g9yZIaLA6thNXxd5hvhWQmGDa0mmdrmh7U/fcJAVJlP0VT41Q5ry7H\n\
gu/4yQKBgQDKc65UNsvaPxSI5y7JnoQ9l+P8DknPY1RXXzwfQVdq20EhxXeirzuh\n\
6qrB0uW3Fa8Du2t1pRdnVqmFe9BW7Sem5PTH1iwxBGYHYciErzFvHKVTRCpEY8/a\n\
KfGSVxMUK8EefX0JSj4Tm8zrZTGxlSDK1PsHU8UsKZR7anh+TkTM3g==\n\
-----END RSA PRIVATE KEY-----";

uint8_t Digest_given[] = 
"ed6235936c5c81ce8ea007480f955441204605a0a6777f17ee75af7a369442ec";

uint8_t expected_signed_results[] =
{
    0x7E,0x30,0xB8,0xD0,0x53,0xFA,0x58,0x76,0x7F,0xC2,0x01,0xEB,0x27,0xFE,0x3A,0x8A,
    0xF5,0xC3,0xD0,0xF4,0xC6,0x6A,0xDB,0x56,0x9E,0x14,0x35,0xC3,0x54,0xA6,0x40,0xC7,
    0xD9,0xCD,0xAD,0xE4,0x36,0x1B,0xE5,0x9F,0xF9,0x21,0xE5,0xB7,0xF2,0x23,0x38,0xBE,
    0xDF,0x99,0x45,0x0E,0x77,0x65,0xBE,0x5F,0x92,0xAE,0x17,0x7C,0xFA,0x7D,0xE5,0x7D,
    0x6F,0x75,0x52,0x75,0x71,0x3A,0x68,0xBD,0xD2,0xB3,0x34,0xC7,0xC4,0xAC,0x21,0xE8,
    0x7D,0x2D,0x4F,0xAF,0x77,0x6F,0x77,0xAD,0xF2,0xB6,0xAE,0x02,0xD2,0xE3,0xBA,0x7E,
    0x88,0xAF,0x19,0x2F,0x80,0x48,0xBC,0x94,0x34,0x67,0xD6,0x8A,0xE3,0xF4,0x02,0x4A,
    0xFC,0x9F,0xB7,0x63,0x9E,0xB6,0x8E,0x6F,0x1B,0x81,0x5B,0x07,0x2A,0xEC,0x6D,0x1E,
    0xC7,0xE2,0x0B,0x19,0xA6,0x21,0xF0,0xBA,0x33,0x94,0x23,0xA4,0xBF,0x1A,0x53,0x8F,
    0xCC,0x24,0x9E,0xFB,0xE3,0x08,0x3E,0x43,0xC5,0x58,0x35,0x74,0xED,0x85,0x4A,0x3E,
    0xFE,0xC4,0xF8,0x5A,0x2C,0xFD,0x77,0xCB,0x98,0xE4,0x7B,0x31,0x8E,0x65,0x11,0x14,
    0x48,0x8F,0xE3,0x6A,0x01,0x62,0xDE,0x38,0xA4,0x61,0xB7,0xE5,0xCD,0xA6,0xE7,0xE5,
    0xC4,0x3A,0x50,0xF6,0xF5,0xC9,0x9C,0xF9,0xFF,0x87,0x97,0xDE,0x62,0xC4,0xFA,0x00,
    0x51,0xC2,0xAE,0x7D,0xDF,0x0A,0xAA,0xFB,0xE2,0x40,0x18,0x74,0x7A,0x9B,0x12,0x25,
    0xAB,0x76,0x57,0x88,0x69,0x0A,0xD2,0x23,0x4E,0x45,0xB4,0x1A,0x47,0x94,0x3E,0x67,
    0x70,0xFE,0x21,0x22,0x6A,0x23,0x03,0xA0,0x53,0xA4,0xF9,0xD1,0xCE,0x75,0x5B,0xAD
};

#define SHA256_HASH_LEN  32
#define DATA_BLOCK_LEN strlen(Digest_given)
#define SIGNED_LEN     256

static void print_buf(char *str, uint8_t *buf, int blen)
{
   int i, j;

   printf("%s\n", str);
   for (i = 0, j = 0; i < blen; i++)
   {
      printf("%02X ", *buf++);
      if (++j == 16)
      {
         j = 0;
         printf("\n");
      }
   }
   printf("\n");
}

int main(int argc, char** argv)
{
   int ret = 0;
   RNG rng;
   byte DER_buf[4096]; word32 DER_len = sizeof(DER_buf);
   byte Sig_buf[SIGNED_LEN]; word32 Sig_len = sizeof(Sig_buf);
   byte Hash_buf[SHA256_HASH_LEN]; word32 Hash_len = sizeof(Hash_buf);
   byte Digest_buf[SHA256_HASH_LEN+DATA_BLOCK_LEN]; word32 Digest_len = sizeof(Digest_buf);
   byte DigestVer_buf[SHA256_HASH_LEN+DATA_BLOCK_LEN]; word32 DigestVer_len = sizeof(DigestVer_buf);
   word32 inOutIdx=0;
   RsaKey rsakey;
   byte pemPublic = 0;
   enum wc_HashType hash_type = WC_HASH_TYPE_SHA256;
   enum wc_SignatureType sig_type = WC_SIGNATURE_TYPE_RSA_W_ENC;

   // Create input data (65 bytes)
   print_buf("Digest Input Data:", Digest_given, DATA_BLOCK_LEN);

   /* Init */
   wc_InitRng(&rng);

   /* Init Rsa Key */
   wc_InitRsaKey(&rsakey, NULL);

   memset(DER_buf, 0, sizeof(DER_buf));
   ret = wolfSSL_KeyPemToDer((const byte*)privPemKey, strlen(privPemKey), DER_buf, sizeof(DER_buf), NULL);
   if (ret < 0) {
       ret = wolfSSL_PubKeyPemToDer((const byte*)pubPemKey, strlen(pubPemKey), DER_buf, sizeof(DER_buf)); /* Needs WOLFSSL_CERT_EXT defined or --enable-certgen --enable-certext  */
       pemPublic = 1;
   }
   printf("DER_len = %d DER_buf:\n", ret);
   if (ret < 0) goto exit;
   DER_len = ret;
   print_buf("DER:", DER_buf, DER_len);

   // PEM key selection
   if (!pemPublic) {
       ret = wc_RsaPrivateKeyDecode(DER_buf, &inOutIdx, &rsakey, DER_len);
   }
   else {
       ret = wc_RsaPublicKeyDecode(DER_buf, &inOutIdx, &rsakey, DER_len);
   }
   printf("decode %s key =%d\n", pemPublic ? "public" : "private", ret);

   /* Get signature length and allocate buffer */
   ret = wc_SignatureGetSize(sig_type, &rsakey, sizeof(rsakey));
   printf("Sig Len: %d\n", ret);
   if (ret < 0) goto exit;
   Sig_len = ret;

   /* Get Hash length */
   ret = wc_HashGetDigestSize(hash_type);
   printf("Hash Digest Len: %d\n", ret);
   if (ret < 0) goto exit;
   Hash_len = ret;

   /* Hash digest with SHA256 */
   ret = wc_Hash(hash_type, Digest_given, strlen(Digest_given), Hash_buf, Hash_len);
   printf("Digest SHA256 Hash: %d\n", ret);
   if (ret < 0) goto exit;
   print_buf("Digest Output 32 Data:", Hash_buf, Hash_len);

   /* Add ASN digest info header */
   ret = wc_EncodeSignature(Digest_buf, Hash_buf, Hash_len, SHAh);
   printf("Digest Header: %d\n", ret);
   if (ret <= 0) goto exit;
   Digest_len = ret;
   print_buf("Signed data results:", Digest_buf, Digest_len);

   if (!pemPublic) {
       /* Perform hash and sign to create signature */
       ret = wc_RsaSSL_Sign(Digest_buf, Digest_len, Sig_buf, Sig_len, &rsakey, &rng);
       printf("RSA Sign Result: %d\n", ret);
       if (ret < 0) goto exit;
       Sig_len = ret;

       print_buf("RSA Sign Data:", Sig_buf, Sig_len);

       ret = wc_SignatureGenerate(hash_type, sig_type, Digest_given, strlen(Digest_given), Sig_buf, &Sig_len, &rsakey, sizeof(rsakey), &rng);
       printf("Sig Generation: ret %d, Sig_len=%d\n", ret, Sig_len);
       print_buf("Sign Data:", Sig_buf, Sig_len);
   }
   else {
       /* Use digest for RSA verify */
       ret = wc_RsaSSL_Verify(Sig_buf, Sig_len, DigestVer_buf, DigestVer_len, &rsakey);
       if (ret != Digest_len || XMEMCMP(DigestVer_buf, Digest_buf, Digest_len) != 0) {
            printf("RSA Verify Failed! %d\n", ret);
       }
       else {
           printf("RSA Verify Success!\n");
           ret = 0;
       }
       print_buf("Ecpected Verify Data:", DigestVer_buf, DigestVer_len);
       print_buf("RSA Verify Data:", Digest_buf, Digest_len);

       if (ret == 0) {
           ret = wc_SignatureVerify(hash_type, sig_type, Digest_given, strlen(Digest_given), Sig_buf, Sig_len, &rsakey, sizeof(rsakey));
           printf("Sig Verification: %s (%d)\n", (ret == wc_HashGetDigestSize(hash_type)) ? "Pass" : "Fail", ret);
           print_buf("Sig Verify Data:", Digest_buf, Digest_len);
       }
   }

   /* Verify against expected signature */
   print_buf("Expected Signature:", expected_signed_results, sizeof(expected_signed_results));
   if (memcmp(Sig_buf, expected_signed_results, Sig_len) == 0) {
       printf("Signatures match!\n");
   }
   else {
       printf("Signature invalid!\n");
   }

exit:
   wc_FreeRsaKey(&rsakey);
   wc_FreeRng(&rng);
   return 0;
}

#else

int main(int argc, char** argv)
{
    (void)argc;
    (void)argv;
    printf("Error wolfSSL must be build with WOLFSSL_CERT_EXT enable ./configure --enable-certgen --enable-certext\n");
    return 0;
}

#endif /* WOLFSSL_CERT_EXT */

Output:

Digest Input Data:
65 64 36 32 33 35 39 33 36 63 35 63 38 31 63 65 
38 65 61 30 30 37 34 38 30 66 39 35 35 34 34 31 
32 30 34 36 30 35 61 30 61 36 37 37 37 66 31 37 
65 65 37 35 61 66 37 61 33 36 39 34 34 32 65 63 

DER_len = 1192 DER_buf:
DER:
30 82 04 A4 02 01 00 02 82 01 01 00 AB A5 13 CC 
BD DB CD 6F 39 CE A8 B1 5A 1B 8B 72 C4 B1 93 0A 
6A C2 56 2E 1B D8 54 43 F5 AE B2 45 A1 70 D3 B1 
A8 E4 34 DD CE 55 EC C5 63 9D 7E 4F DB 9B 57 29 
59 4D 2E D9 A5 9E 52 18 9C 0A 97 25 DD DF FF BC 
E5 36 87 70 D7 64 52 F8 27 7D 1F 24 5B 21 0F FA 
1B CB 39 51 46 FF 24 D3 E2 22 36 0D 0E C7 90 7D 
A2 38 9E BA 67 CE 60 FD F4 EE CD EC AC 48 F2 73 
5F D7 37 3E 4F CB 18 B7 C8 D7 D4 2A CF BA E3 DE 
E6 7D FC 00 43 76 93 FD B7 8A 31 C7 76 59 FB 85 
60 95 0A 4E 69 4F 5A C7 C7 84 20 0D D0 CB 7E DE 
9E 2A 5B 66 F3 0A F0 5E FD B4 AF 97 7A 5B A7 64 
71 14 B5 9C F0 4E C8 44 8A AC 1B D2 76 34 2A 8F 
A5 DA AE D6 61 F8 EB 39 BF 5D FE 8A 4C 8F 24 80 
09 93 C0 39 86 F2 C4 A3 AB A1 09 4D AC CF B5 08 
D6 43 E8 0E 61 CF 15 96 C0 AA 3C E6 FE 33 66 3E 
6F 58 61 56 91 85 E2 FB 26 64 66 D7 02 03 01 00 
01 02 82 01 00 3C 2E 90 9F 28 70 81 7A BE 9F 85 
89 4D 89 3B DF 1D 35 0F D3 C6 B3 E5 E8 9B CD C1 
59 E4 B2 00 82 A6 84 BB 4C DE E5 48 DD FE 63 25 
35 DE 64 11 AE 29 57 31 7B E7 7A 46 F3 7B FC E3 
57 0A 9B 31 FC CE 6B 24 2D 54 86 C6 7D 5B A0 2A 
F1 24 53 5C 10 70 BD 4A 6F 4C C0 78 13 D5 DB 4E 
CB D5 CD 5D FB 3D 13 DE C7 16 12 59 21 0D 95 90 
6F 6A AA 32 5C 89 D9 B7 DC 99 1D 8A 1A 98 7A A2 
EB 89 89 97 33 6A 86 F2 85 2C 9E B1 DA 50 D1 A4 
6D 1A 9C 34 96 24 66 E0 2E C5 57 EC EF 8D 06 B0 
4D 1A 1F 20 2B 39 C8 3F F7 E9 47 2E 27 8E BA FE 
1B 79 64 A7 92 AE 89 69 68 14 71 E4 01 A3 28 A7 
D4 D7 5B 87 F8 54 06 9F 8C 21 75 43 C7 9E 58 CA 
CF E9 2C CF B2 3F CE D5 A0 F9 10 71 E3 29 A7 DF 
F7 13 B5 FE 61 E8 8B 9A F8 61 28 69 F8 0A 3B 42 
21 19 43 E0 BA AB 1A E2 E9 97 AB 79 7A AF 43 C2 
1F 48 05 FC DD 02 81 81 00 CE 1F EF 28 5D 0D 2B 
DE 2D 86 C6 2B 65 E4 0F 0A DD 6C 0D E7 D6 F5 6D 
CE 31 FC D8 CD 8C 67 A5 75 79 55 DF 0D 47 98 EA 
C0 4C 62 50 99 66 30 97 82 D8 E2 7D E8 B8 CD 01 
37 1E 16 66 CE E9 9B E0 45 67 F8 64 6B 3E C7 57 
67 23 B6 69 95 58 86 32 EA 38 37 F6 0E 18 45 BA 
9D B3 2D CD 19 87 07 8E A3 8D D7 0B 78 3E 85 E7 
BB 7C B3 EF AA 43 84 92 0C F0 2F BD B9 B4 EA B2 
29 55 D1 FC C0 FF A6 A6 8D 02 81 81 00 D5 2D 57 
2F 86 62 4B FA F3 98 74 FE 29 D1 25 F8 20 EE 5E 
07 CD E5 E2 7B 7B 4E 81 27 C6 8A C0 DB 43 E8 55 
4F BE BB EA 4F DD 75 C0 50 8B CC C9 D9 F3 5F CB 
82 A3 D4 D6 66 38 6C 51 C7 5E 11 BF EC 2D 1C 63 
B0 0C 2C 47 16 2E 8D 5C 29 80 68 A2 29 F9 AB 1E 
06 8F 33 0A 10 57 E3 68 71 07 8F 63 DC 3D 28 45 
C9 9C 34 D6 DB AB 3E 23 34 FE A3 32 6C 9B E0 2C 
AA 77 89 BD A8 74 2F FE 30 D0 4D 4B F3 02 81 81 
00 C0 F8 BE A2 B0 32 C3 8D F6 5B 45 AD 9D 6F 5B 
F1 D5 07 F3 20 C8 6A EF 08 EA 5D 87 EF 2F 72 5D 
41 D4 7D 63 1C 00 9A 95 B3 C0 0F 0E DB FE 02 A1 
E5 BA FC 97 D9 C7 21 0D F1 36 F6 CB FB 0C 53 85 
2C 15 41 43 69 EF D5 19 EB 92 50 95 1A 5F 4D 0B 
DF A1 10 2B 08 59 0A F6 C1 EA DC 87 36 4D E6 F2 
50 06 5B 7B FE 6F B2 57 17 7C 90 CC 60 3F 63 9E 
84 04 5C FD A7 1D 4B D7 CD C0 ED 9D 4E 66 48 F3 
85 02 81 80 21 BC DF 43 82 3D 24 51 3F 24 2D BF 
DB D6 61 EF F7 26 42 73 71 BE A4 2D 6E C2 69 E6 
65 A1 A8 0C 0B 9F 45 81 2D 6A 88 16 C3 B1 D3 11 
EC 4E 28 D3 F9 94 7B 9C DD 58 DD E5 A7 A0 5D 00 
F4 7E 52 A5 8A 2E 28 08 C0 A4 71 4B AD 6A 69 DF 
97 96 F7 B3 34 F4 43 F8 3D C9 92 1A 2C 0E AD 84 
D5 F1 77 98 6F 85 64 26 18 36 B4 9A 67 6B 9A 1E 
D4 FD F7 09 01 52 65 3F 45 53 E3 54 39 AF 2E C7 
82 EF F8 C9 02 81 81 00 CA 73 AE 54 36 CB DA 3F 
14 88 E7 2E C9 9E 84 3D 97 E3 FC 0E 49 CF 63 54 
57 5F 3C 1F 41 57 6A DB 41 21 C5 77 A2 AF 3B A1 
EA AA C1 D2 E5 B7 15 AF 03 BB 6B 75 A5 17 67 56 
A9 85 7B D0 56 ED 27 A6 E4 F4 C7 D6 2C 31 04 66 
07 61 C8 84 AF 31 6F 1C A5 53 44 2A 44 63 CF DA 
29 F1 92 57 13 14 2B C1 1E 7D 7D 09 4A 3E 13 9B 
CC EB 65 31 B1 95 20 CA D4 FB 07 53 C5 2C 29 94 
7B 6A 78 7E 4E 44 CC DE 
decode private key =0
Sig Len: 256
Hash Digest Len: 32
Digest SHA256 Hash: 0
Digest Output 32 Data:
13 CB F4 99 8E E2 D8 D7 AB DF 6A 64 FA 09 27 63 
97 34 07 56 41 79 73 4F 8F 64 8B EF CF A9 00 18 

Digest Header: 47
Signed data results:
30 2D 30 09 06 05 2B 0E 03 02 1A 05 00 04 20 13 
CB F4 99 8E E2 D8 D7 AB DF 6A 64 FA 09 27 63 97 
34 07 56 41 79 73 4F 8F 64 8B EF CF A9 00 18 
RSA Sign Result: 256
RSA Sign Data:
87 9A 73 CD E7 08 67 04 70 CF F7 DE 1D A8 EC 8E 
EB 64 11 34 17 81 49 D1 92 6D F5 AC 50 6D BA EE 
40 22 F3 14 9E 3A 3E AB A0 F1 CB 98 CA 14 50 3E 
A3 70 DF 7E BE 5F 96 D5 A7 13 72 12 86 D8 AD 26 
0A 6A 0B B1 66 47 C3 0B E4 E2 8A 32 B0 99 0E 81 
2C 4C 2A B6 3C 43 03 29 96 1B F5 EF AA F0 5E 33 
63 36 88 71 F4 E2 71 42 5F 3A B4 AA 32 41 DE 5A 
0F 57 D4 10 09 18 53 97 EA 13 6C 9C 2D E1 3C 12 
D1 D2 D4 14 B4 13 AF BA 1A 79 87 E8 F4 E5 A7 91 
FF 3F CB 12 9E 52 BA 7B E5 34 F5 99 3A 6A 17 06 
2E 30 1F 64 6F 1E FD F1 2C F8 74 AC 29 03 E9 3B 
0A 72 FF 85 93 69 E5 02 90 81 63 7A C3 90 AA 52 
0F DA D4 0C D4 FE C3 0D 1B 69 1A 63 11 15 7D 55 
EC 12 AD 03 B6 84 51 74 87 29 46 8F 29 20 97 7F 
0C D2 54 DC A2 DF FB 12 9C A7 61 59 2D 46 E3 CA 
39 02 20 89 D1 BB 5E 18 95 E1 A8 08 A4 40 E8 A5 

Sig Generation: ret 0, Sig_len=256
Sign Data:
7E 30 B8 D0 53 FA 58 76 7F C2 01 EB 27 FE 3A 8A 
F5 C3 D0 F4 C6 6A DB 56 9E 14 35 C3 54 A6 40 C7 
D9 CD AD E4 36 1B E5 9F F9 21 E5 B7 F2 23 38 BE 
DF 99 45 0E 77 65 BE 5F 92 AE 17 7C FA 7D E5 7D 
6F 75 52 75 71 3A 68 BD D2 B3 34 C7 C4 AC 21 E8 
7D 2D 4F AF 77 6F 77 AD F2 B6 AE 02 D2 E3 BA 7E 
88 AF 19 2F 80 48 BC 94 34 67 D6 8A E3 F4 02 4A 
FC 9F B7 63 9E B6 8E 6F 1B 81 5B 07 2A EC 6D 1E 
C7 E2 0B 19 A6 21 F0 BA 33 94 23 A4 BF 1A 53 8F 
CC 24 9E FB E3 08 3E 43 C5 58 35 74 ED 85 4A 3E 
FE C4 F8 5A 2C FD 77 CB 98 E4 7B 31 8E 65 11 14 
48 8F E3 6A 01 62 DE 38 A4 61 B7 E5 CD A6 E7 E5 
C4 3A 50 F6 F5 C9 9C F9 FF 87 97 DE 62 C4 FA 00 
51 C2 AE 7D DF 0A AA FB E2 40 18 74 7A 9B 12 25 
AB 76 57 88 69 0A D2 23 4E 45 B4 1A 47 94 3E 67 
70 FE 21 22 6A 23 03 A0 53 A4 F9 D1 CE 75 5B AD 

Expected Signature:
7E 30 B8 D0 53 FA 58 76 7F C2 01 EB 27 FE 3A 8A 
F5 C3 D0 F4 C6 6A DB 56 9E 14 35 C3 54 A6 40 C7 
D9 CD AD E4 36 1B E5 9F F9 21 E5 B7 F2 23 38 BE 
DF 99 45 0E 77 65 BE 5F 92 AE 17 7C FA 7D E5 7D 
6F 75 52 75 71 3A 68 BD D2 B3 34 C7 C4 AC 21 E8 
7D 2D 4F AF 77 6F 77 AD F2 B6 AE 02 D2 E3 BA 7E 
88 AF 19 2F 80 48 BC 94 34 67 D6 8A E3 F4 02 4A 
FC 9F B7 63 9E B6 8E 6F 1B 81 5B 07 2A EC 6D 1E 
C7 E2 0B 19 A6 21 F0 BA 33 94 23 A4 BF 1A 53 8F 
CC 24 9E FB E3 08 3E 43 C5 58 35 74 ED 85 4A 3E 
FE C4 F8 5A 2C FD 77 CB 98 E4 7B 31 8E 65 11 14 
48 8F E3 6A 01 62 DE 38 A4 61 B7 E5 CD A6 E7 E5 
C4 3A 50 F6 F5 C9 9C F9 FF 87 97 DE 62 C4 FA 00 
51 C2 AE 7D DF 0A AA FB E2 40 18 74 7A 9B 12 25 
AB 76 57 88 69 0A D2 23 4E 45 B4 1A 47 94 3E 67 
70 FE 21 22 6A 23 03 A0 53 A4 F9 D1 CE 75 5B AD 

Signatures match!

OpenSSL shell script:

# Create a file containing message
echo -n "ed6235936c5c81ce8ea007480f955441204605a0a6777f17ee75af7a369442ec" > myfile.txt
#echo -n -e '\x65\x64\x36\x32\x33\x35\x39\x33\x36\x63\x35\x63\x38\x31\x63\x65\x38\x65\x61\x30\x30\x37\x34\x38\x30\x66\x39\x35\x35\x34\x34\x31\x32\x30\x34\x36\x30\x35\x61\x30\x61\x36\x37\x37\x37\x66\x31\x37\x65\x65\x37\x35\x61\x66\x37\x61\x33\x36\x39\x34\x34\x32\x65\x63' > myfile.txt

# Dump the target file
echo "Message string:"
hexdump myfile.txt -C

# Generate 512 bit Private key
#openssl genrsa -out private_key.pem 512

echo "-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAq6UTzL3bzW85zqixWhuLcsSxkwpqwlYuG9hUQ/WuskWhcNOx
qOQ03c5V7MVjnX5P25tXKVlNLtmlnlIYnAqXJd3f/7zlNodw12RS+Cd9HyRbIQ/6
G8s5UUb/JNPiIjYNDseQfaI4nrpnzmD99O7N7KxI8nNf1zc+T8sYt8jX1CrPuuPe
5n38AEN2k/23ijHHdln7hWCVCk5pT1rHx4QgDdDLft6eKltm8wrwXv20r5d6W6dk
cRS1nPBOyESKrBvSdjQqj6XartZh+Os5v13+ikyPJIAJk8A5hvLEo6uhCU2sz7UI
1kPoDmHPFZbAqjzm/jNmPm9YYVaRheL7JmRm1wIDAQABAoIBADwukJ8ocIF6vp+F
iU2JO98dNQ/TxrPl6JvNwVnksgCCpoS7TN7lSN3+YyU13mQRrilXMXvnekbze/zj
VwqbMfzOayQtVIbGfVugKvEkU1wQcL1Kb0zAeBPV207L1c1d+z0T3scWElkhDZWQ
b2qqMlyJ2bfcmR2KGph6ouuJiZczaobyhSyesdpQ0aRtGpw0liRm4C7FV+zvjQaw
TRofICs5yD/36UcuJ466/ht5ZKeSrolpaBRx5AGjKKfU11uH+FQGn4whdUPHnljK
z+ksz7I/ztWg+RBx4ymn3/cTtf5h6Iua+GEoafgKO0IhGUPguqsa4umXq3l6r0PC
H0gF/N0CgYEAzh/vKF0NK94thsYrZeQPCt1sDefW9W3OMfzYzYxnpXV5Vd8NR5jq
wExiUJlmMJeC2OJ96LjNATceFmbO6ZvgRWf4ZGs+x1dnI7ZplViGMuo4N/YOGEW6
nbMtzRmHB46jjdcLeD6F57t8s++qQ4SSDPAvvbm06rIpVdH8wP+mpo0CgYEA1S1X
L4ZiS/rzmHT+KdEl+CDuXgfN5eJ7e06BJ8aKwNtD6FVPvrvqT911wFCLzMnZ81/L
gqPU1mY4bFHHXhG/7C0cY7AMLEcWLo1cKYBooin5qx4GjzMKEFfjaHEHj2PcPShF
yZw01turPiM0/qMybJvgLKp3ib2odC/+MNBNS/MCgYEAwPi+orAyw432W0WtnW9b
8dUH8yDIau8I6l2H7y9yXUHUfWMcAJqVs8APDtv+AqHluvyX2cchDfE29sv7DFOF
LBVBQ2nv1RnrklCVGl9NC9+hECsIWQr2werchzZN5vJQBlt7/m+yVxd8kMxgP2Oe
hARc/acdS9fNwO2dTmZI84UCgYAhvN9Dgj0kUT8kLb/b1mHv9yZCc3G+pC1uwmnm
ZaGoDAufRYEtaogWw7HTEexOKNP5lHuc3Vjd5aegXQD0flKlii4oCMCkcUutamnf
l5b3szT0Q/g9yZIaLA6thNXxd5hvhWQmGDa0mmdrmh7U/fcJAVJlP0VT41Q5ry7H
gu/4yQKBgQDKc65UNsvaPxSI5y7JnoQ9l+P8DknPY1RXXzwfQVdq20EhxXeirzuh
6qrB0uW3Fa8Du2t1pRdnVqmFe9BW7Sem5PTH1iwxBGYHYciErzFvHKVTRCpEY8/a
KfGSVxMUK8EefX0JSj4Tm8zrZTGxlSDK1PsHU8UsKZR7anh+TkTM3g==
-----END RSA PRIVATE KEY-----" > private_key.pem

# Separate the public part from the Private key file.
openssl rsa -in private_key.pem -pubout > public_key.pem

# Cat the contents of private key
#echo "Private key:"
#cat private_key.pem

# Cat the contents of public key
#echo "Public key:"
#cat public_key.pem

# Sign the file using sha256 digest and PKCS1 padding scheme
openssl dgst -sha256 -sign private_key.pem -out sha256.sign myfile.txt

# Dump the signature file
echo "Signature:"
hexdump sha256.sign -C

# Verify the signature of file
openssl dgst -sha256 -verify public_key.pem -signature sha256.sign myfile.txt

#Remove all generated files
echo "Remove all generated files"
rm myfile.txt private_key.pem public_key.pem sha256.sign

Output:

Message string:
00000000  65 64 36 32 33 35 39 33  36 63 35 63 38 31 63 65  |ed6235936c5c81ce|
00000010  38 65 61 30 30 37 34 38  30 66 39 35 35 34 34 31  |8ea007480f955441|
00000020  32 30 34 36 30 35 61 30  61 36 37 37 37 66 31 37  |204605a0a6777f17|
00000030  65 65 37 35 61 66 37 61  33 36 39 34 34 32 65 63  |ee75af7a369442ec|
00000040
writing RSA key
Signature:
00000000  7e 30 b8 d0 53 fa 58 76  7f c2 01 eb 27 fe 3a 8a  |~0..S.Xv....'.:.|
00000010  f5 c3 d0 f4 c6 6a db 56  9e 14 35 c3 54 a6 40 c7  |.....j.V..5.T.@.|
00000020  d9 cd ad e4 36 1b e5 9f  f9 21 e5 b7 f2 23 38 be  |....6....!...#8.|
00000030  df 99 45 0e 77 65 be 5f  92 ae 17 7c fa 7d e5 7d  |..E.we._...|.}.}|
00000040  6f 75 52 75 71 3a 68 bd  d2 b3 34 c7 c4 ac 21 e8  |ouRuq:h...4...!.|
00000050  7d 2d 4f af 77 6f 77 ad  f2 b6 ae 02 d2 e3 ba 7e  |}-O.wow........~|
00000060  88 af 19 2f 80 48 bc 94  34 67 d6 8a e3 f4 02 4a  |.../.H..4g.....J|
00000070  fc 9f b7 63 9e b6 8e 6f  1b 81 5b 07 2a ec 6d 1e  |...c...o..[.*.m.|
00000080  c7 e2 0b 19 a6 21 f0 ba  33 94 23 a4 bf 1a 53 8f  |.....!..3.#...S.|
00000090  cc 24 9e fb e3 08 3e 43  c5 58 35 74 ed 85 4a 3e  |.$....>C.X5t..J>|
000000a0  fe c4 f8 5a 2c fd 77 cb  98 e4 7b 31 8e 65 11 14  |...Z,.w...{1.e..|
000000b0  48 8f e3 6a 01 62 de 38  a4 61 b7 e5 cd a6 e7 e5  |H..j.b.8.a......|
000000c0  c4 3a 50 f6 f5 c9 9c f9  ff 87 97 de 62 c4 fa 00  |.:P.........b...|
000000d0  51 c2 ae 7d df 0a aa fb  e2 40 18 74 7a 9b 12 25  |Q..}.....@.tz..%|
000000e0  ab 76 57 88 69 0a d2 23  4e 45 b4 1a 47 94 3e 67  |.vW.i..#NE..G.>g|
000000f0  70 fe 21 22 6a 23 03 a0  53 a4 f9 d1 ce 75 5b ad  |p.!"j#..S....u[.|
00000100
Verified OK
Remove all generated files

Share

Re: Issues with PKCS#1_v1.5 (RSA with SHA256 signature)

@DS,

That is great news! I had a sneaky suspicion it was something about the input data because the app looked good. It should have been generating the same signature IFF the input was 100% identical. Happy to hear it was as simple as removing the null terminator from the input string. I see you resolved by switching from "sizeof" to "strlen", we also provide a more portable wolfSSL unique solution XSTRLEN if you ever need a more portable solution.  :-)


Cheers,

K