Hello,
4096 bytes is a lot larger than a typical public key. 4096 *bits* is
common for an RSA key. Are you sure you're using the correct units?
By default the library doesn't support the creation of MPI that are
larger than 1024 bytes. This is a configuration option
(MBEDTLS_MPI_MAX_SIZE), although it's uncommon to change it (a larger
value is hardly ever necessary, and a smaller value won't save memory
except in RSA which needs at least 512 bytes for 4096-bit keys). However
mbedtls_mpi_write_file itself doesn't have any size limit.
Best regards,
--
Gilles Peskine
Mbed TLS developer
On 27/08/2020 13:27, youssouf sokhona via mbed-tls wrote:
>
> Hello everyone, I think you are fine during this crisis.
>
>
>
> I am working now with mbedtls modulee, and I wanted to print a
> function « mbedtls_mpi_write_file » to print the value of an MPI. This
> function works with common values.
>
>
>
> However, when I want to print an MPI which is very long (about 4096
> bytes, a public key), it doesn’t work. Someone knows how to solve this
> problem ?
>
>
>
> Thanks a lot
>
>
>
> Best regards, YS
>
>
>
>
Hello everyone, I think you are fine during this crisis.
I am working now with mbedtls modulee, and I wanted to print a function « mbedtls_mpi_write_file » to print the value of an MPI. This function works with common values.
However, when I want to print an MPI which is very long (about 4096 bytes, a public key), it doesn’t work. Someone knows how to solve this problem ?
Thanks a lot
Best regards, YS
Hi Youssouf,
I think you're looking for mbedtls_mpi_write_file() - just pass NULL as the file argument to write to stdout. You can use the radix argument to print out hex or decimal.
Regards,
Manuel.
________________________________
From: mbed-tls <mbed-tls-bounces(a)lists.trustedfirmware.org> on behalf of youssouf sokhona via mbed-tls <mbed-tls(a)lists.trustedfirmware.org>
Sent: 25 August 2020 15:40
To: mbed-tls(a)lists.trustedfirmware.org <mbed-tls(a)lists.trustedfirmware.org>
Subject: [mbed-tls] Set an MPI and print it
Hi everyone, I think you all are fine.
I am a beginner on mbedtls, and I wanted to set a dhm context. So, at first, I just want to set the value of the prime P, and the generator G. So to that I wrote the function below : [cid:image001.png@01D67AF5.D43FDE60]
To check if it is correctly set, I wanted to print it to see. However, it is not the case. Do you know how to set and print the value ?
Thanks, and have a good day
Best regards, YS
Hi everyone, I think you all are fine.
I am a beginner on mbedtls, and I wanted to set a dhm context. So, at first, I just want to set the value of the prime P, and the generator G. So to that I wrote the function below : [cid:image001.png@01D67AF5.D43FDE60]
To check if it is correctly set, I wanted to print it to see. However, it is not the case. Do you know how to set and print the value ?
Thanks, and have a good day
Best regards, YS
Hello everybody, I hope you are going well
I am creating a diffie Hellman key exchange program, so I am using functions like « mbedtls_dhm_init() » or « mbedtls_ctr_drbg_init() « for example. However, even if I defined the CTR_DRBG & the DHM_C module in the config.h file, and the header in my C file, I Always have error like that :
[cid:image002.png@01D6770C.20370D40]
Can someone help me to find out where does it come from ? Because I don’t know at all.
Thanks, and have a good day
Hi all,
I am placing into review a patch (
https://github.com/ARMmbed/mbedtls/pull/3579) which replaces some
invalid size printf format specifiers, mostly for size_t. This patch
utilises %zu and %hhu, both of which were only introduced in C99, which
I know caused some issues with compiler compatibility at the time. The
problem with printf and size_t as most will know, is that its a
different size in 32 bit and 64 bit, which is what %z was introduced to
safely fix.
My question is to whether there is anyone on the list that is using a
compiler that might not handle these specifiers, for whom this patch
would presumably be something of an issue. I am admittedly hoping this
is not the case, given the age of the spec, but thought it best to ask.
Thanks in advance,
Paul.
Hi Murat
What you request may be possible with invasive changes but it is not a design goal for the PSA Cryptography API implementation in Mbed TLS to be completely replaced with an alternative implementation, while allowing re-use of the Mbed TLS build system and tests.
The focus instead is to develop and implement a PSA Cryptoprocessor Driver Interface, which will allow drivers for custom secure environments to be plugged into the core PSA Cryptography API implementation in Mbed TLS. An early version of the specification of that interface can be found here:
https://github.com/ARMmbed/mbedtls/blob/development/docs/proposed/psa-drive…
That specification and its implementation is under active development. Let us know if you would like to get involved.
Regards
Dan.
From: mbed-tls <mbed-tls-bounces(a)lists.trustedfirmware.org> On Behalf Of Murat Cakmak via mbed-tls
Sent: 14 August 2020 13:34
To: mbed-tls(a)lists.trustedfirmware.org
Subject: [mbed-tls] Custom PSA API Implementation for mbedTLS tests
Hi all,
We have implemented the PSA Functional API for a custom secure environment which passes PSA Arch tests.
Now we would like to run mbedtls tests (make check) on the PSA API if possible.
When we run "make check", it includes and compiles library/psa_crypto.c file for mbedTLS's PSA API Implementation.
Herein, we would like to compile our own psa_crypto.c implementation, does mbedtls build system allow us to include custom PSA API Implementation to run tests?
Thank you.
Murat
