I am using mbedtls module to verify the signature of firmware using RSA and its giving MBEDTLS_ERR_PK_INVALID_PUBKEY after parsing the public key. I am using OpenSSL for generating public and private keys the public key is generated using
openssl genpkey -algorithm RSA -out private_key.pem -pkeyopt rsa_keygen_bits:2048
and
openssl rsa -pubout -in private_key.pem -outform DER -out public_key.der
in der format and then converted to a .h file using
python -c "data=open('public_key.der','rb').read(); print('const unsigned char public_key_der[] = {'); print(', '.join(f'0x{b:02x}' for b in data), end=''); print('};'); print(f'const unsigned int public_key_der_len = {len(data)};');" > public_key.h
In the mbedtls_config.h file I have enabled the following things
#define MBEDTLS_PKCS1_V15
#define MBEDTLS_PK_C
#define MBEDTLS_PK_PARSE_C
#define MBEDTLS_RSA_C
#define MBEDTLS_BIGNUM_C
#define MBEDTLS_ASN1_PARSE_C
#define MBEDTLS_OID_C
Here is the main function I am using to parse the public key:
int main (void)
{
UART_Init(1);
// Verify the signature
mbedtls_pk_init(&pk);
mbedtls_pk_free(&pk);
char msg[50];
ret = mbedtls_pk_parse_public_key(&pk, public_key_der, public_key_der_len);
if (ret==0)
{
sprintf(msg,"Key is parsable ret value is %d \r\n",ret);
HAL_UART_Transmit(&huart1, (uint8_t*)msg, strlen(msg), HAL_MAX_DELAY);
}
else
{
sprintf(msg,"Key is not parsable ret value is %d \r\n",ret);
HAL_UART_Transmit(&huart1, (uint8_t*)msg, strlen(msg), HAL_MAX_DELAY);
}
}
I am not sure where I am going wrong this is my first time using mbedtls please help.
Thanks in advance.
