Hello,

owner-openssl-users@openssl.org wrote on 06/25/2008 08:59:00 PM:

> I am trying to encrypt a file using rsautl, but its generating an error.


> What am I doing wrong??
>
> I create a private key -
>
> /usr/local/ssl/bin/openssl genrsa -out rsa-priv.pem 2048
> Generating RSA private key, 2048 bit long modulus
> .............................+++
> .................................................. ............+++
> e is 65537 (0x10001)
>
> I extract the public key -
>
> /usr/local/ssl/bin/openssl rsa -in rsa-priv.pem -pubout -out rsa-pub.pem


>
> writing RSA key
>
> I try to encrypt a file -
>
> /usr/local/ssl/bin/openssl rsautl -in foo -out foo.encrypted -inkey
> rsa-pub.pem -pubin -encrypt
> RSA operation error
> 6180:error:0406D06E:rsa routines:RSA_padding_add_PKCS1_type_2:data too
> large for key size:rsa_pk1.c:151:

With 2048 bit key (256 bytes) you may encrypt max 256-11 bytes of data
(11 bytes for PKCS1).
Because of this RSA encryption is not use for encryption whole files
but for encryption symmetric keys (for AES or DES) that encrypt files
with symmetric algorithm.

Best regards,
--
Marek Marcola

__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majordomo@openssl.org