Error Encrytping Symmetric key with RSA Public Key - Openssl

This is a discussion on Error Encrytping Symmetric key with RSA Public Key - Openssl ; Hi group, I have written a simple program to test my understanding of the OpenSSL APIs. And of course I have a problem with one of them. My problem is that when I use RSA_public_encrypt to encrypt my Symmetric key ...

+ Reply to Thread
Results 1 to 4 of 4

Thread: Error Encrytping Symmetric key with RSA Public Key

  1. Error Encrytping Symmetric key with RSA Public Key

    Hi group,

    I have written a simple program to test my understanding of the
    OpenSSL APIs.
    And of course I have a problem with one of them. My problem is that when
    I use
    RSA_public_encrypt to encrypt my Symmetric key is get the following error:

    > Testing RSA encryption of Symmertic key
    > 145 Encrypt In bytes: 128,
    > 149 Encript failed:
    > Code: 67555438
    > error:0406D06E
    > rsa routines:RSA_padding_add_PKCS1_type_2
    > data too large for key size


    The program first generates a Symmetric key, then uses it to encrypt and
    decrypt some simple text that the user inputs. Next it create an RSA Key and
    a public RSA key. then the same with these keys. The last thing tested is the
    encryption of the Symmetric Key using the RSA keys which fails. The error
    message does not make any sense to me since the Sym key is only 128 bytes.

    I would appreciate any help with my problem. All of the code is here:

    http://64.124.13.3/_OpenSSL_/Keys/

    Thanks for your time.

    --
    William Estrada
    MrUmunhum@popdial.com
    Mt-Umunhum-Wireless.net ( http://Mt-Umunhum-Wireless.net )
    Ymessenger: MrUmunhum


    __________________________________________________ ____________________
    OpenSSL Project http://www.openssl.org
    User Support Mailing List openssl-users@openssl.org
    Automated List Manager majordomo@openssl.org


  2. RE: Error Encrytping Symmetric key with RSA Public Key

    The answer is in: "data too large for key size"

    According to Secure Programming Cookbook, when using RSA PKCS #1 v1.5
    padding you can only encrypt messages up to 11 bytes smaller than the
    modulus size in bytes. If you are using RSA-1024, then that is
    (1024/8)-11=117 bytes.

    Bill

    -----Original Message-----
    From: owner-openssl-users@openssl.org
    [mailtowner-openssl-users@openssl.org] On Behalf Of William Estrada
    Sent: September 30, 2008 4:31 PM
    To: openssl-users@openssl.org
    Subject: Error Encrytping Symmetric key with RSA Public Key

    Hi group,

    I have written a simple program to test my understanding of the
    OpenSSL APIs.
    And of course I have a problem with one of them. My problem is that when

    I use
    RSA_public_encrypt to encrypt my Symmetric key is get the following
    error:

    > Testing RSA encryption of Symmertic key
    > 145 Encrypt In bytes: 128,
    > 149 Encript failed:
    > Code: 67555438
    > error:0406D06E
    > rsa routines:RSA_padding_add_PKCS1_type_2
    > data too large for key size


    The program first generates a Symmetric key, then uses it to encrypt
    and
    decrypt some simple text that the user inputs. Next it create an RSA Key
    and
    a public RSA key. then the same with these keys. The last thing tested
    is the
    encryption of the Symmetric Key using the RSA keys which fails. The
    error
    message does not make any sense to me since the Sym key is only 128
    bytes.

    I would appreciate any help with my problem. All of the code is here:

    http://64.124.13.3/_OpenSSL_/Keys/

    Thanks for your time.

    --
    William Estrada
    MrUmunhum@popdial.com
    Mt-Umunhum-Wireless.net ( http://Mt-Umunhum-Wireless.net )
    Ymessenger: MrUmunhum


    __________________________________________________ ____________________
    OpenSSL Project http://www.openssl.org
    User Support Mailing List openssl-users@openssl.org
    Automated List Manager majordomo@openssl.org
    __________________________________________________ ____________________
    OpenSSL Project http://www.openssl.org
    User Support Mailing List openssl-users@openssl.org
    Automated List Manager majordomo@openssl.org


  3. Re: Error Encrytping Symmetric key with RSA Public Key

    Bill,

    You are 100% right. I increased my buffer from 1024 to 1115 and it
    works fine
    now. I guess I should RTFM more?

    Thanks.



    Bill Colvin wrote:
    > The answer is in: "data too large for key size"
    >
    > According to Secure Programming Cookbook, when using RSA PKCS #1 v1.5
    > padding you can only encrypt messages up to 11 bytes smaller than the
    > modulus size in bytes. If you are using RSA-1024, then that is
    > (1024/8)-11=117 bytes.
    >
    > Bill
    >
    > -----Original Message-----
    > From: owner-openssl-users@openssl.org
    > [mailtowner-openssl-users@openssl.org] On Behalf Of William Estrada
    > Sent: September 30, 2008 4:31 PM
    > To: openssl-users@openssl.org
    > Subject: Error Encrytping Symmetric key with RSA Public Key
    >
    > Hi group,
    >
    > I have written a simple program to test my understanding of the
    > OpenSSL APIs.
    > And of course I have a problem with one of them. My problem is that when
    >
    > I use
    > RSA_public_encrypt to encrypt my Symmetric key is get the following
    > error:
    >
    >
    >> Testing RSA encryption of Symmertic key
    >> 145 Encrypt In bytes: 128,
    >> 149 Encript failed:
    >> Code: 67555438
    >> error:0406D06E
    >> rsa routines:RSA_padding_add_PKCS1_type_2
    >> data too large for key size
    >>

    >
    > The program first generates a Symmetric key, then uses it to encrypt
    > and
    > decrypt some simple text that the user inputs. Next it create an RSA Key
    > and
    > a public RSA key. then the same with these keys. The last thing tested
    > is the
    > encryption of the Symmetric Key using the RSA keys which fails. The
    > error
    > message does not make any sense to me since the Sym key is only 128
    > bytes.
    >
    > I would appreciate any help with my problem. All of the code is here:
    >
    > http://64.124.13.3/_OpenSSL_/Keys/
    >
    > Thanks for your time.
    >
    >



    --
    William Estrada
    MrUmunhum@popdial.com
    Mt-Umunhum-Wireless.net ( http://Mt-Umunhum-Wireless.net )
    Ymessenger: MrUmunhum


    __________________________________________________ ____________________
    OpenSSL Project http://www.openssl.org
    User Support Mailing List openssl-users@openssl.org
    Automated List Manager majordomo@openssl.org


  4. Re: Error Encrytping Symmetric key with RSA Public Key

    Quote Originally Posted by unix View Post
    The answer is in: "data too large for key size"

    According to Secure Programming Cookbook, when using RSA PKCS #1 v1.5
    padding you can only encrypt messages up to 11 bytes smaller than the
    modulus size in bytes. If you are using RSA-1024, then that is
    (1024/8)-11=117 bytes.

    Bill
    This doesn't make a whole lot of sense to me. Which probably means I'm totally not understanding it.

    As I understand you, you are saying every time I encrypt something using OpenSSL I have to create a new key that is at least 11 bytes larger than what I'm trying to encrypt thus making the whole point of having a public key um... pointless.

    That can't be right so what am I not understanding? The "common sense" way it should work is I create a key then I use that key to encrypt stuff regardless of the size of the stuff or the key. One should not depend on the other.

    What I hear you saying is that if I send an encrypted 100MB file first I have to have a 100MB + 11 bytes key? That every time a I encrypt something I pretty much have to make a tailor made key to make sure the data isn't too big for the key. But that's insane, and not in a good way, so that can't be what you're saying. Right?

    Oh, specifically I'm trying to use the following functionality to encrypt a file (I'm using OpenSSL because I know all my clients will have that):
    openssl rsautl -encrypt -pubin -inkey ~/.ssh/id_rsa.pub.pem -in input.txt -out output.enc

    And getting this error message:
    RSA operation error
    6176:error:0406D06E:rsa routines:RSA_padding_add_PKCS1_type_2:data too large for key size:/SourceCache/OpenSSL098/OpenSSL098-32/src/crypto/rsa/rsa_pk1.c:151:

    Thank you in advance for your help.

+ Reply to Thread