I have seems working way how to verify the signature with mbedtls on ESP32. Now I need to verify the same signature with NodeJS but I had no success with it.
mbedtls example:
#include "mbedtls/base64.h"
#include "mbedtls/pk.h"
#include <string.h>
unsigned char hard_base_signature[6000] =
"Y59Z0Jg1WCKKMpKuGYW5nLsyDgPU3eoMwtLd74lejj6bWr2lPh5MKzcfXE18s6L7YG7yB18WNW"
"/meh2KAegHEDZKqy2OHf0n7bKz17OSIcoSgI9N4Eu116naVtqO5vwYJ3JGqE625JkuQza4sLZh"
"ccosbd+mNLUEBN7sr+BtlY1rU0hed56GbP6iJ+8x5XEW4HBUQ1ATQQGNu5QtqgBA+"
"jv8TktXlOVJ8XXKkOUUmVu1NU1TX+hXgNqZC6drtg5+"
"UtaMS77eF5qctMXyNKTqJ9UGTi1S0pg3TJoVCI7A8M6GLuEsvZ0gNyDDhjY73mR2KtXknEEA4E"
"TfGS1xG0SE7g==";
unsigned char public_key_content[6000] =
"-----BEGIN PUBLIC KEY-----\n"
"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0YbMPv02Danre1OGkkkR\n"
"F093SREmgsZG/o+3oDYIGm8aLESt94GGdJzd97R+usprFtnKRDoo0eICAVY1NiIi\n"
"m9840J9+q6MOlQJlvxQy1A3+K1Vg/XsEwRTNOR3yweC6KdVeD5ITKn4nNNBdhUdu\n"
"fR80DOK7i4RjNVwYAzGYiwrkcMgBVu8BVKl/P0712Gi/58yAat9qfOvn8Q6rsy3T\n"
"8YGS24KCN6xQPBt+bNXnMDBwxlzky7N2rfiv3Zid0R32PivBNCsNQmK+SP0zyJ2h\n"
"TmI6VQ4GSBObfgK4dnaDfGlHfR1RNapzpd/PfdYw4XSjDF98IQJqyd83MjTXQK+a\n"
"UwIDAQAB\n"
"-----END PUBLIC KEY-----\n\0";
void app_main() {
int ret = 0;
/*
* Read the RSA public key
*/
mbedtls_pk_context pk_public;
mbedtls_pk_init(&pk_public);
if ((ret = mbedtls_pk_parse_public_key(&pk_public, public_key_content,
strlen((char *)public_key_content) +
1) != 0)) {
printf("failed: %d\n", ret);
return;
}
unsigned char correct_message[] = "This is a test..";
unsigned char incorrect_message[] = "This is a test!!";
static unsigned char hard_signature[6000];
size_t hard_signature_len = 0;
mbedtls_base64_decode(hard_signature, 6000, &hard_signature_len,
hard_base_signature,
strlen((char *)hard_base_signature));
printf("Verify result 1: %d\n",
mbedtls_pk_verify(&pk_public, MBEDTLS_MD_MD5, correct_message,
strlen((char *)correct_message), hard_signature,
hard_signature_len)); // <- Verify result 1: 0
printf("Verify result 2: %d\n",
mbedtls_pk_verify(&pk_public, MBEDTLS_MD_MD5, incorrect_message,
strlen((char *)incorrect_message), hard_signature,
hard_signature_len)); // <- Verify result 2: -17280
}
NodeJS example:
import crypto from "crypto";
import { TextEncoder } from "util";
const publicKeyContent =
"-----BEGIN PUBLIC KEY-----\n" +
"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0YbMPv02Danre1OGkkkR\n" +
"F093SREmgsZG/o+3oDYIGm8aLESt94GGdJzd97R+usprFtnKRDoo0eICAVY1NiIi\n" +
"m9840J9+q6MOlQJlvxQy1A3+K1Vg/XsEwRTNOR3yweC6KdVeD5ITKn4nNNBdhUdu\n" +
"fR80DOK7i4RjNVwYAzGYiwrkcMgBVu8BVKl/P0712Gi/58yAat9qfOvn8Q6rsy3T\n" +
"8YGS24KCN6xQPBt+bNXnMDBwxlzky7N2rfiv3Zid0R32PivBNCsNQmK+SP0zyJ2h\n" +
"TmI6VQ4GSBObfgK4dnaDfGlHfR1RNapzpd/PfdYw4XSjDF98IQJqyd83MjTXQK+a\n" +
"UwIDAQAB\n" +
"-----END PUBLIC KEY-----\n";
const signature =
"Y59Z0Jg1WCKKMpKuGYW5nLsyDgPU3eoMwtLd74lejj6bWr2lPh5MKzcfXE18s6L7YG7yB18WNW" +
"/meh2KAegHEDZKqy2OHf0n7bKz17OSIcoSgI9N4Eu116naVtqO5vwYJ3JGqE625JkuQza4sLZh" +
"ccosbd+mNLUEBN7sr+BtlY1rU0hed56GbP6iJ+8x5XEW4HBUQ1ATQQGNu5QtqgBA+" +
"jv8TktXlOVJ8XXKkOUUmVu1NU1TX+hXgNqZC6drtg5+" +
"UtaMS77eF5qctMXyNKTqJ9UGTi1S0pg3TJoVCI7A8M6GLuEsvZ0gNyDDhjY73mR2KtXknEEA4E" +
"TfGS1xG0SE7g==";
const publicKey = crypto.createPublicKey({
key: publicKeyContent,
type: "spki",
format: "pem",
});
console.log(
"Verify result 1:",
crypto.verify(
"RSA-MD5",
new TextEncoder().encode("This is a test.."),
publicKey,
Buffer.from(signature, "base64")
)
); // <- Verify result 1: false
console.log(
"Verify result 2:",
crypto.verify(
"MD5",
new TextEncoder().encode("This is a test.."),
publicKey,
Buffer.from(signature, "base64")
)
); // <- Verify result 2: false
I think the issue with md5 digest - I miss it somewhere. Unfortunately, I'm very new in crypto things. Could you help me and point on my mistake. Thanks!
