Thanks, but that produces a different error :

I (00:05:44.055) Crypto: Acme standalone client example © 2026 by Danny Backx
I (00:05:44.056) Crypto: checkRfc7515_a21 Base64({"alg":"RS256"}) -> eyJhbGciOiJSUzI1NiJ9 is correct
I (00:05:44.061) Crypto: checkRfc7515_a21 Base64({"iss":"joe",
 "exp":1300819380,
 "http://example.com/is_root":true}) -> eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ is correct
I (00:05:44.087) Crypto: checkRfc7515_a21 importPrivateKey() -> 1073741825
I (00:05:44.088) wrappers: psa_driver_wrapper_sign_hash 340
E (00:05:44.844) psa_crypto: psa_sign_internal psa_driver_wrapper_sign_hash -> -149
E (00:05:44.845) Crypto: psa_sign_hash (key 1073741825) failed (invalid signature, -149 0x0095)
I (00:05:44.850) Crypto: checkRfc7515_a21 Signature(eyJhbGciOiJSUzI1NiJ9,eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ) -> (null)
E (00:05:44.865) Crypto: Signature 0, fail
E (00:05:44.869) Crypto: RFC 7515 A.2.1 : validation failed

On 5/20/26 20:40, Gilles Peskine wrote:
Hello,

The error seems to be a key policy check returning -133 (PSA_ERROR_NOT_PERMITTED). I notice your code specifies PSA_ALG_HKDF(PSA_ALG_SHA_256) as the algorithm in the key policy, and PSA_ALG_SHA_256 when calling psa_sign_hash(). The two need to match, and neither of these two is a signature algorithm. You presumably meant PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_SHA_256) in both cases. (In the attributes, the other plausible algorithm is PSA_ALG_RSA_PKCS1V15_SIGN(PSA_ALG_ANY_HASH), if you want the key to be usable with different hash algorithms.)

-- 
Best regards,

Gilles Peskine
TF-PSA-Crypto developer

On 20/05/2026 20:13, Danny Backx via mbed-tls wrote:

I got into trouble with migrating to the latest (v6.0) version of esp-idf, because it implies a migration to mbedtls 4.0.

I had a working application (library really) to obtain ACME certificates from letsencrypt.org. I tried porting, but ran into trouble. So please help.

To debug, I try to mimic the example in Appendix A.2 of RFC 7515. Where this should obviously succeed, the current output I get is :

I (12:57:46.067) main_task: Calling app_main()
I (12:57:46.088) Crypto: Acme standalone client example © 2026 by Danny Backx
I (12:57:46.089) Crypto: checkRfc7515_a21 Base64({"alg":"RS256"}) -> eyJhbGciOiJSUzI1NiJ9 is correct
I (12:57:46.094) Crypto: checkRfc7515_a21 Base64({"iss":"joe",
 "exp":1300819380,
 "http://example.com/is_root":true}) -> eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ is correct
I (12:57:46.121) Crypto: checkRfc7515_a21 importPrivateKey() -> 1073741825
E (12:57:46.122) psa_crypto: psa_get_and_lock_key_slot_with_policy psa_key_policy_permits -> -133
E (12:57:46.129) psa_crypto: psa_sign_internal psa_get_and_lock_key_slot_with_policy -> -133
E (12:57:46.137) Crypto: psa_sign_hash (key 1073741825) failed (not permitted, -133 0x0085)
I (12:57:46.145) Crypto: checkRfc7515_a21 Signature(eyJhbGciOiJSUzI1NiJ9,eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFtcGxlLmNvbS9pc19yb290Ijp0cnVlfQ) -> (null)
E (12:57:46.161) Crypto: Signature 0, fail
E (12:57:46.165) Crypto: RFC 7515 A.2.1 : validation failed

Some of the "psa_crypto" lines come from debug statements I added in the library.

The whole source for this is in one file at https://sourceforge.net/p/esp32-acme-client/code/HEAD/tree/trunk/examples/simple/main/Rfc7515A2.cpp . Obviously it's the hashing step which I had under control with a previous library which I don't call correctly (or I don't know how to import the right key).

What am I doing wrong ?

Thanks,

    Danny

--
Danny Backx - dannybackx@telenet.be


--
Danny Backx - dannybackx@telenet.be