Welcome to the wolfSSL Forums!

LordCapybara · 2016-06-01 21:02:04

LordCapybara
Member
Offline

Registered: 2016-04-26
Posts: 2

Topic: RSA in OAEP mode

I am using RSA-2048 in OAEP mode with SHA-1.

In this mode, I can not encypt data larger than 214 bytes (256 bytes - 42). If I encrypt data chunks with 213 bytes or less using wolfSSL, the results can be decrypted as expected. However when I encrypt data chunks or 214 bytes, decryption with wolfSSL fails. I attached a test code which proves this behavior.

I think there is a problem with wolfSSL because I can encrypt chunks of 214 bytes and then decrypt the results with no problems when I use OpenSSL.

PS: inspecting the execution during decryption I noticed wc_RsaUnPad_OAEP returns BAD_PADDING_E. I don't understand exactly why, but this happens because 'ret' becomes non-zero in line 679 of rsa.c (I'm using wolfSSL 3.9.0).

Best regards.

PS: In the following code, setting IN_BUFFER_LENGTH to RSA_OAEP_DECRYPTED_DATA_LENGTH causes an error, while setting it to RSA_OAEP_DECRYPTED_DATA_LENGTH-1 does not.

#include <stdio.h>
#include <wolfssl/wolfcrypt/rsa.h>
#include <wolfssl/wolfcrypt/error-crypt.h>

#define BITS_TO_BYTES(b)                (b/8)
#define MIN_OAEP_PADDING                (2*BITS_TO_BYTES(160)+2)

#define RSA_LENGTH                      (BITS_TO_BYTES(2048))

#define RSA_OAEP_DECRYPTED_DATA_LENGTH  (RSA_LENGTH-MIN_OAEP_PADDING)
#define RSA_OAEP_ENCRYPTED_DATA_LENGTH  (RSA_LENGTH)

#define IN_BUFFER_LENGTH                (RSA_OAEP_DECRYPTED_DATA_LENGTH)
#define PRIVATE_KEY_LENGTH              (1190)
#define PUBLIC_KEY_LENGTH               (294)

extern unsigned char private_key[PRIVATE_KEY_LENGTH];
extern unsigned char public_key[PUBLIC_KEY_LENGTH];

unsigned char in_buffer[IN_BUFFER_LENGTH];
unsigned char encrypted_buffer[RSA_LENGTH];
unsigned char decrypted_buffer[RSA_LENGTH];

void test_wolfcryprt_rsa();

void main()
{
    test_wolfcryprt_rsa();
    getchar();
}

// #############################################################################
//
//         TEST CODE
//
// #############################################################################

void test_wolfcryprt_rsa()
{
    RsaKey key;
    RNG rng;
    word32 index;
    int ret;

    int encrypted_len;
    int decrypted_len;

    // encrypt data.
    index = 0;
    ret = wc_InitRng(&rng);
    if (ret != 0) { printf("Error at wc_InitRng: %i.", ret); return; }
    ret = wc_InitRsaKey(&key, NULL);
    if (ret != 0) { printf("Error at wc_InitRsaKey: %i.", ret); return; }
    ret = wc_RsaPublicKeyDecode((const byte*)public_key, &index, &key, PUBLIC_KEY_LENGTH);
    if (ret != 0) { printf("Error at wc_RsaPublicKeyDecode: %i.", ret); return; }
    ret = wc_RsaPublicEncrypt_ex((const byte *)in_buffer, IN_BUFFER_LENGTH, (byte*)encrypted_buffer, RSA_LENGTH, &key, &rng, WC_RSA_OAEP_PAD, WC_HASH_TYPE_SHA, WC_MGF1SHA1, NULL, 0);
    if (ret < 0) { printf("Error at wc_RsaPublicEncrypt_ex: %i.", ret); return; }
    encrypted_len = ret;
    wc_FreeRng(&rng);
    wc_FreeRsaKey(&key);

    // decrypt data.
    index = 0;
    ret = wc_InitRsaKey(&key, NULL);
    if (ret != 0) { printf("Error at wc_InitRsaKey: %i.", ret); return; }
    ret = wc_RsaPrivateKeyDecode((const byte*)private_key, &index, &key, PRIVATE_KEY_LENGTH);
    if (ret != 0) { printf("Error at wc_RsaPrivateKeyDecode: %i.", ret); return; }
    ret = wc_RsaPrivateDecrypt_ex((const byte *)encrypted_buffer, encrypted_len, (byte*)decrypted_buffer, RSA_LENGTH, &key, WC_RSA_OAEP_PAD, WC_HASH_TYPE_SHA, WC_MGF1SHA1, NULL, 0);
    if (ret < 0) { printf("Error at wc_RsaPrivateDecrypt_ex: %i.", ret); return; }
    decrypted_len = ret;
    wc_FreeRsaKey(&key);

    // compare data.
    if (decrypted_len != IN_BUFFER_LENGTH) { printf("Decrypted length should be %i but it is %i.", IN_BUFFER_LENGTH, decrypted_len); return; }
    for (int i = 0; i < IN_BUFFER_LENGTH; i++)
    {
        if (decrypted_buffer[i] != in_buffer[i]) { printf("Byte at index %i should be %i but it is %i.", i, 0xFF & in_buffer[i], 0xFF & decrypted_buffer[i]); return; }
    }

    // got here means no error.
    printf("All went O.K.");
}

// #############################################################################
//
//         KEYS
//
// #############################################################################

unsigned char private_key[PRIVATE_KEY_LENGTH] = {
    0x30, 0x82, 0x04, 0xa2, 0x02, 0x01, 0x00, 0x02,
    0x82, 0x01, 0x01, 0x00, 0xc8, 0x40, 0x6f, 0xc7,
    0xd0, 0xc9, 0xfb, 0xd2, 0x5c, 0xf3, 0xc5, 0xbc,
    0x77, 0x0e, 0x68, 0x5a, 0x87, 0x4a, 0xb9, 0x57,
    0x08, 0xd4, 0x6b, 0x3e, 0x9a, 0x89, 0x8a, 0x9f,
    0xdd, 0xad, 0x16, 0xa8, 0xa3, 0x82, 0x42, 0x22,
    0x5b, 0x69, 0x77, 0x28, 0xba, 0x15, 0x2b, 0xb3,
    0xf3, 0x24, 0xea, 0xe4, 0x86, 0x34, 0x73, 0xc1,
    0xe5, 0x2b, 0x0b, 0xdb, 0xcd, 0x54, 0x35, 0x55,
    0xda, 0xf1, 0xfd, 0x61, 0x3f, 0x1e, 0xe7, 0x1e,
    0xf1, 0xc0, 0x38, 0xcb, 0xfc, 0x0d, 0x9d, 0x65,
    0xba, 0x50, 0x1f, 0xb7, 0x8d, 0xb3, 0x59, 0x8c,
    0x48, 0xf2, 0x34, 0xf1, 0x46, 0x86, 0xab, 0xf2,
    0xc0, 0xdd, 0x1c, 0x6d, 0xbe, 0xf9, 0x8f, 0x79,
    0xa8, 0x6f, 0x02, 0x25, 0x07, 0xba, 0xc0, 0x91,
    0x27, 0x46, 0xfb, 0xc8, 0xe8, 0x78, 0xc0, 0xb4,
    0x91, 0xb6, 0xd6, 0x5d, 0xbe, 0x74, 0x00, 0x60,
    0x73, 0xe9, 0x0e, 0x10, 0x60, 0x48, 0x82, 0xbf,
    0x50, 0x58, 0xc4, 0x6f, 0xf0, 0x4e, 0xcf, 0x92,
    0x43, 0x36, 0x75, 0xe5, 0x79, 0xb9, 0x78, 0x81,
    0xbc, 0xb6, 0xf5, 0x74, 0xfe, 0x0f, 0x3f, 0xd4,
    0x88, 0xfb, 0xe6, 0x4f, 0xd8, 0x8a, 0x60, 0xc9,
    0x25, 0xed, 0xa1, 0xef, 0x4a, 0x57, 0x81, 0xb1,
    0xce, 0xaf, 0x3d, 0xcf, 0x2a, 0x44, 0x51, 0x76,
    0x16, 0x54, 0x3d, 0x4b, 0x77, 0x09, 0x39, 0x6c,
    0x85, 0xc5, 0x0c, 0x59, 0x49, 0x12, 0xba, 0x3f,
    0x98, 0x1f, 0x29, 0x16, 0xc6, 0xed, 0x08, 0x09,
    0xa9, 0xdc, 0xe4, 0x92, 0x70, 0x71, 0x57, 0x1c,
    0xcb, 0xf2, 0xfa, 0x03, 0x84, 0xf0, 0xd8, 0x27,
    0xbc, 0xa5, 0x0a, 0x95, 0x21, 0xbc, 0x87, 0x61,
    0x9a, 0xfd, 0x78, 0xab, 0xe3, 0x2f, 0xef, 0x16,
    0x86, 0x5b, 0xe7, 0x8e, 0x48, 0xef, 0x3c, 0xa1,
    0x6e, 0xd6, 0xe7, 0xda, 0x4c, 0x69, 0x5c, 0x4f,
    0x7a, 0x20, 0x58, 0x1d, 0x02, 0x03, 0x01, 0x00,
    0x01, 0x02, 0x82, 0x01, 0x00, 0x78, 0xd8, 0xda,
    0x1c, 0x5d, 0xd5, 0xe7, 0x10, 0x96, 0x63, 0xce,
    0x8a, 0xe3, 0xd6, 0x60, 0x07, 0x71, 0xea, 0x18,
    0x5b, 0x7b, 0xca, 0xa5, 0x45, 0xcc, 0x81, 0x00,
    0x95, 0x65, 0x73, 0xd5, 0x5e, 0xc3, 0xfe, 0x11,
    0xe7, 0x25, 0xff, 0x49, 0x97, 0xdc, 0x64, 0x76,
    0x51, 0x4c, 0x84, 0x94, 0xf4, 0x80, 0x41, 0x1b,
    0x32, 0x82, 0x18, 0x2e, 0x39, 0xe1, 0x79, 0xd6,
    0x0e, 0x0f, 0xe9, 0x45, 0x9d, 0xf0, 0x37, 0xb8,
    0x06, 0xa6, 0xa1, 0xf8, 0x24, 0xb1, 0xe1, 0x8d,
    0x81, 0x1c, 0xa4, 0xc9, 0xdf, 0x3d, 0xb6, 0x64,
    0x6e, 0x12, 0x7f, 0x88, 0x8f, 0xaa, 0x9e, 0x0f,
    0x1a, 0x9a, 0x65, 0x55, 0x88, 0xad, 0x5d, 0x71,
    0xc6, 0x5b, 0x6d, 0x52, 0x80, 0x02, 0x60, 0x23,
    0x61, 0xf5, 0xb0, 0x12, 0xb6, 0xb6, 0x04, 0x59,
    0x57, 0x1f, 0x30, 0x95, 0xc1, 0x50, 0xf4, 0x34,
    0x5e, 0x00, 0xd5, 0x3e, 0x54, 0x76, 0x5e, 0xd4,
    0x26, 0xf8, 0xa7, 0x93, 0xf8, 0xe9, 0x67, 0xcc,
    0xf9, 0x04, 0x8e, 0xcb, 0x3f, 0x5e, 0xde, 0x89,
    0xc5, 0x9b, 0x80, 0x88, 0xfc, 0xef, 0xc1, 0x30,
    0xc4, 0x69, 0xb4, 0xde, 0xfc, 0x2c, 0x29, 0x18,
    0x89, 0x8e, 0xca, 0x93, 0xfd, 0x4a, 0x2c, 0x2e,
    0x75, 0x7f, 0x61, 0xd6, 0xcb, 0xd0, 0x8a, 0xfe,
    0x79, 0xf6, 0x47, 0x47, 0x9a, 0x6d, 0xb7, 0x27,
    0xf0, 0x75, 0x9e, 0x26, 0xd3, 0xd0, 0x3e, 0x54,
    0x3c, 0x19, 0x94, 0xa7, 0x9a, 0x79, 0xb8, 0x8e,
    0x6f, 0xa6, 0x2a, 0xba, 0x84, 0x89, 0x04, 0xc3,
    0x92, 0x16, 0xd1, 0x21, 0x5b, 0x0b, 0x59, 0x00,
    0xe7, 0x98, 0x63, 0x21, 0x85, 0x36, 0x88, 0x9b,
    0x7d, 0x8f, 0x9b, 0x41, 0x20, 0x52, 0x79, 0x2d,
    0x33, 0xb6, 0x85, 0xd1, 0xf4, 0x2e, 0x86, 0x88,
    0x60, 0xa7, 0xda, 0xa1, 0x2b, 0x2f, 0x82, 0xe1,
    0x3e, 0xba, 0x49, 0x31, 0xc9, 0x02, 0x81, 0x81,
    0x00, 0xe3, 0x51, 0xb6, 0x11, 0xb7, 0x61, 0x34,
    0x60, 0x73, 0xe1, 0xa0, 0x92, 0x25, 0x96, 0x36,
    0x79, 0x89, 0xbc, 0x22, 0x28, 0xcb, 0xcd, 0x2f,
    0x51, 0x15, 0xa4, 0x44, 0xb8, 0x2f, 0xf4, 0xea,
    0x07, 0x5f, 0xf0, 0x54, 0x7e, 0x72, 0x5f, 0xe9,
    0xe1, 0xec, 0xa2, 0xc9, 0x34, 0x12, 0x30, 0xa7,
    0xe1, 0xd0, 0x63, 0xbe, 0x64, 0xcc, 0x97, 0x98,
    0xdc, 0xff, 0xbe, 0xd7, 0x24, 0xab, 0x7c, 0x27,
    0x3d, 0x4f, 0x76, 0x46, 0x10, 0xb2, 0x29, 0xc5,
    0x6e, 0xbe, 0x27, 0x40, 0xf0, 0xfe, 0x33, 0xbe,
    0x84, 0x98, 0xe0, 0x5a, 0x6c, 0x17, 0xbf, 0xa1,
    0x1d, 0x07, 0x52, 0xb0, 0x28, 0x3c, 0xa6, 0x51,
    0x39, 0xc3, 0xb7, 0xb5, 0x6b, 0xcf, 0x8a, 0xa1,
    0x99, 0x94, 0x4d, 0xe1, 0x76, 0x17, 0x09, 0x18,
    0xe8, 0x5e, 0x5f, 0xfa, 0x76, 0x18, 0x70, 0x77,
    0x6c, 0x04, 0x9c, 0x80, 0x48, 0x37, 0x7c, 0xfa,
    0x17, 0x02, 0x81, 0x81, 0x00, 0xe1, 0x84, 0x75,
    0xd3, 0xbe, 0x3b, 0xe6, 0x11, 0x71, 0xe2, 0x56,
    0xd4, 0x31, 0xb8, 0x04, 0x66, 0xc2, 0x29, 0xa2,
    0x14, 0x16, 0x81, 0xa2, 0xd7, 0x47, 0x20, 0x9a,
    0xd6, 0x2a, 0x98, 0x8e, 0x01, 0x61, 0x12, 0x41,
    0xb6, 0xd7, 0x34, 0x7a, 0xc8, 0x07, 0x34, 0xe4,
    0x2f, 0x4c, 0xb9, 0xe3, 0x72, 0xa8, 0x16, 0xed,
    0x36, 0xfb, 0x18, 0xd7, 0x87, 0xa2, 0xff, 0x6a,
    0xfe, 0xde, 0x37, 0x5d, 0x1a, 0x45, 0xb1, 0x16,
    0x0a, 0x2c, 0x35, 0xab, 0x6e, 0xc1, 0x12, 0xac,
    0x7d, 0xe3, 0x7a, 0xd9, 0xc1, 0xda, 0xaa, 0x36,
    0xdc, 0xc8, 0x03, 0x30, 0x39, 0x59, 0xe6, 0x85,
    0x4e, 0x6b, 0xd2, 0x2d, 0xbf, 0xb8, 0xb4, 0x45,
    0xb1, 0x6b, 0xf4, 0xcf, 0x41, 0x4d, 0xab, 0x5c,
    0x29, 0x81, 0x4b, 0x87, 0x57, 0xf1, 0x0a, 0x6e,
    0x2d, 0x40, 0x80, 0x31, 0xc3, 0x1b, 0xdc, 0xc0,
    0x78, 0x3a, 0x1b, 0x83, 0xeb, 0x02, 0x81, 0x80,
    0x78, 0x37, 0x87, 0x65, 0x39, 0x28, 0xf4, 0x0d,
    0x2a, 0x5b, 0xa1, 0x92, 0x88, 0xc4, 0x37, 0x0c,
    0xf1, 0x95, 0x88, 0x2f, 0x31, 0x10, 0xd3, 0x3c,
    0x3b, 0x88, 0xc3, 0x3a, 0xf1, 0x49, 0xc1, 0xd6,
    0xa2, 0x9b, 0x33, 0xe4, 0x27, 0x52, 0xa8, 0x1a,
    0xee, 0x0d, 0x6d, 0x00, 0xd7, 0xb9, 0xd9, 0x9f,
    0x27, 0x99, 0x08, 0x60, 0xc0, 0x7e, 0x4f, 0xbe,
    0x58, 0x96, 0x31, 0xab, 0x57, 0xf1, 0x71, 0xc3,
    0x0f, 0xda, 0x09, 0xd5, 0xdc, 0x93, 0x10, 0xb1,
    0xaf, 0x68, 0x8d, 0x04, 0xa6, 0x3a, 0xf1, 0x3f,
    0xa8, 0xa5, 0xc5, 0xcc, 0x32, 0x87, 0x0a, 0x8a,
    0x92, 0x8b, 0xdd, 0x53, 0x7a, 0x37, 0xae, 0xef,
    0x30, 0x9d, 0x60, 0x19, 0xa3, 0x09, 0xba, 0xca,
    0xc0, 0xce, 0xab, 0x34, 0xcb, 0x9b, 0xe9, 0x0b,
    0x42, 0x95, 0xd9, 0x9c, 0x48, 0xf2, 0x79, 0x85,
    0xab, 0xae, 0xa4, 0x7d, 0x0c, 0xb3, 0x50, 0x83,
    0x02, 0x81, 0x80, 0x35, 0xc9, 0x91, 0x0c, 0xca,
    0xaf, 0xa0, 0xa5, 0x02, 0x83, 0x98, 0x70, 0x0d,
    0xd7, 0xb4, 0xfd, 0x09, 0x4c, 0x42, 0xc3, 0x05,
    0xc7, 0x2f, 0x9e, 0xa6, 0xf1, 0x48, 0xdc, 0xd1,
    0xd6, 0x06, 0xf0, 0x9f, 0x45, 0x6a, 0x75, 0x00,
    0x89, 0x1c, 0xcb, 0xbe, 0xa4, 0x47, 0xd4, 0x5c,
    0x39, 0x6d, 0xdd, 0x37, 0xe8, 0x17, 0xf5, 0xe8,
    0x17, 0xb9, 0xb8, 0x39, 0x11, 0x30, 0x64, 0xcf,
    0x7d, 0x66, 0xf0, 0x50, 0x34, 0xf7, 0x6b, 0xbf,
    0xb5, 0xa1, 0x48, 0xce, 0x35, 0xf4, 0xfc, 0x25,
    0x98, 0x74, 0x7d, 0x7e, 0xf8, 0xe0, 0x12, 0xf2,
    0x85, 0x88, 0x27, 0xf5, 0xa0, 0x3c, 0xa5, 0x42,
    0xa4, 0x23, 0x93, 0x39, 0xab, 0x8d, 0x7f, 0xce,
    0x9e, 0xda, 0x1b, 0xda, 0x39, 0x87, 0xc6, 0xc2,
    0x76, 0xd0, 0x36, 0x12, 0x60, 0x89, 0x7c, 0xb3,
    0x88, 0x9f, 0xd5, 0xc8, 0x3c, 0x73, 0x8f, 0x79,
    0x54, 0x7c, 0xb7, 0x02, 0x81, 0x80, 0x20, 0x31,
    0x41, 0x4c, 0xa4, 0xc9, 0x99, 0xd1, 0x0c, 0x83,
    0x2b, 0x94, 0x30, 0x1c, 0x25, 0x92, 0x84, 0x2c,
    0x16, 0x0e, 0xcf, 0x2b, 0x3b, 0x7b, 0x92, 0x2b,
    0x5d, 0xae, 0x46, 0x82, 0xf1, 0x7f, 0xc1, 0x42,
    0x1b, 0x96, 0x12, 0x01, 0x1d, 0x62, 0x29, 0xe5,
    0x8d, 0x4c, 0xa8, 0xf4, 0x47, 0x02, 0x9a, 0x92,
    0x65, 0x27, 0xbd, 0x49, 0x12, 0xd2, 0xc6, 0xcc,
    0xc7, 0x2b, 0x18, 0x02, 0x90, 0x4a, 0xd6, 0x65,
    0x6f, 0x2a, 0x3c, 0x40, 0x68, 0xf5, 0x36, 0x70,
    0xd4, 0x52, 0x82, 0xae, 0xa8, 0xa2, 0x38, 0xc0,
    0x00, 0x13, 0x5f, 0x15, 0x45, 0x1a, 0x95, 0x17,
    0xc1, 0x62, 0x9e, 0xc8, 0xe3, 0xe2, 0xc4, 0xf7,
    0xbf, 0xaa, 0xef, 0xfb, 0x15, 0xde, 0xa8, 0xa9,
    0x64, 0x3e, 0x0e, 0x5a, 0xa0, 0x12, 0x7d, 0x0d,
    0x5b, 0xb1, 0xef, 0xf3, 0xaf, 0xed, 0x8f, 0x5b,
    0xd8, 0xb3, 0xbc, 0xa1, 0x35, 0xd1
};

unsigned char public_key[PUBLIC_KEY_LENGTH] = {
    0x30, 0x82, 0x01, 0x22, 0x30, 0x0d, 0x06, 0x09,
    0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01,
    0x01, 0x05, 0x00, 0x03, 0x82, 0x01, 0x0f, 0x00,
    0x30, 0x82, 0x01, 0x0a, 0x02, 0x82, 0x01, 0x01,
    0x00, 0xc8, 0x40, 0x6f, 0xc7, 0xd0, 0xc9, 0xfb,
    0xd2, 0x5c, 0xf3, 0xc5, 0xbc, 0x77, 0x0e, 0x68,
    0x5a, 0x87, 0x4a, 0xb9, 0x57, 0x08, 0xd4, 0x6b,
    0x3e, 0x9a, 0x89, 0x8a, 0x9f, 0xdd, 0xad, 0x16,
    0xa8, 0xa3, 0x82, 0x42, 0x22, 0x5b, 0x69, 0x77,
    0x28, 0xba, 0x15, 0x2b, 0xb3, 0xf3, 0x24, 0xea,
    0xe4, 0x86, 0x34, 0x73, 0xc1, 0xe5, 0x2b, 0x0b,
    0xdb, 0xcd, 0x54, 0x35, 0x55, 0xda, 0xf1, 0xfd,
    0x61, 0x3f, 0x1e, 0xe7, 0x1e, 0xf1, 0xc0, 0x38,
    0xcb, 0xfc, 0x0d, 0x9d, 0x65, 0xba, 0x50, 0x1f,
    0xb7, 0x8d, 0xb3, 0x59, 0x8c, 0x48, 0xf2, 0x34,
    0xf1, 0x46, 0x86, 0xab, 0xf2, 0xc0, 0xdd, 0x1c,
    0x6d, 0xbe, 0xf9, 0x8f, 0x79, 0xa8, 0x6f, 0x02,
    0x25, 0x07, 0xba, 0xc0, 0x91, 0x27, 0x46, 0xfb,
    0xc8, 0xe8, 0x78, 0xc0, 0xb4, 0x91, 0xb6, 0xd6,
    0x5d, 0xbe, 0x74, 0x00, 0x60, 0x73, 0xe9, 0x0e,
    0x10, 0x60, 0x48, 0x82, 0xbf, 0x50, 0x58, 0xc4,
    0x6f, 0xf0, 0x4e, 0xcf, 0x92, 0x43, 0x36, 0x75,
    0xe5, 0x79, 0xb9, 0x78, 0x81, 0xbc, 0xb6, 0xf5,
    0x74, 0xfe, 0x0f, 0x3f, 0xd4, 0x88, 0xfb, 0xe6,
    0x4f, 0xd8, 0x8a, 0x60, 0xc9, 0x25, 0xed, 0xa1,
    0xef, 0x4a, 0x57, 0x81, 0xb1, 0xce, 0xaf, 0x3d,
    0xcf, 0x2a, 0x44, 0x51, 0x76, 0x16, 0x54, 0x3d,
    0x4b, 0x77, 0x09, 0x39, 0x6c, 0x85, 0xc5, 0x0c,
    0x59, 0x49, 0x12, 0xba, 0x3f, 0x98, 0x1f, 0x29,
    0x16, 0xc6, 0xed, 0x08, 0x09, 0xa9, 0xdc, 0xe4,
    0x92, 0x70, 0x71, 0x57, 0x1c, 0xcb, 0xf2, 0xfa,
    0x03, 0x84, 0xf0, 0xd8, 0x27, 0xbc, 0xa5, 0x0a,
    0x95, 0x21, 0xbc, 0x87, 0x61, 0x9a, 0xfd, 0x78,
    0xab, 0xe3, 0x2f, 0xef, 0x16, 0x86, 0x5b, 0xe7,
    0x8e, 0x48, 0xef, 0x3c, 0xa1, 0x6e, 0xd6, 0xe7,
    0xda, 0x4c, 0x69, 0x5c, 0x4f, 0x7a, 0x20, 0x58,
    0x1d, 0x02, 0x03, 0x01, 0x00, 0x01
};

Jacob · 2016-06-02 16:33:45

Jacob
Moderator
Offline

Registered: 2014-08-21
Posts: 78

Re: RSA in OAEP mode

Hi LordCapybara,

Thanks for sending this in and posting example code. I'll be looking into it shortly. As a side note having #include <wolfssl/options.h> as the first include will pull in the options that wolfSSL was built with.

Regards,
Jacob

Jacob · 2016-06-06 11:06:46

Jacob
Moderator
Offline

Registered: 2014-08-21
Posts: 78

Re: RSA in OAEP mode

Hi LordCapybara,

We have a pull request on our github account to fix this bug. https://github.com/wolfSSL/wolfssl/pull/436 . After it passes testing and review, it will then be merged into our main code.
Thanks again for reporting the behavior.

Can you tell me some about how RSA OAEP is being used in your project?

Regards,
Jacob

kranthi0032 · 2016-06-30 21:27:19

kranthi0032
Member
Offline

Registered: 2016-02-02
Posts: 2

Re: RSA in OAEP mode

Hi,
I am getting the same error BAD_PADDING_E because ret is becoming non zero at line ret+=pkcsBlock[idx++] ^ 01. I am using RSA_OAEP padding with sha256 hasing function. Version of wolfssl is 3.9.6

Jacob · 2016-07-05 11:05:02

Jacob
Moderator
Offline

Registered: 2014-08-21
Posts: 78

Re: RSA in OAEP mode

Hello kranthi0032,

Responded to this issue using the support@wolfssl.com channel and will solve what is going on there.

Thank you,
Jacob

Welcome to the wolfSSL Forums!

RSA in OAEP mode

Posts: 5

1 Topic by LordCapybara 2016-06-01 21:02:04 (edited by LordCapybara 2016-06-01 21:06:44)

Topic: RSA in OAEP mode

2 Reply by Jacob 2016-06-02 16:33:45

Re: RSA in OAEP mode

3 Reply by Jacob 2016-06-06 11:06:46

Re: RSA in OAEP mode

4 Reply by kranthi0032 2016-06-30 21:27:19 (edited by kranthi0032 2016-06-30 21:29:01)

Re: RSA in OAEP mode

5 Reply by Jacob 2016-07-05 11:05:02

Re: RSA in OAEP mode

Posts: 5