Error Encrytping Symmetric key with RSA Public Key  Openssl
This is a discussion on Error Encrytping Symmetric key with RSA Public Key  Openssl ; Hi group,
I have written a simple program to test my understanding of the
OpenSSL APIs.
And of course I have a problem with one of them. My problem is that when
I use
RSA_public_encrypt to encrypt my Symmetric key ...

Error Encrytping Symmetric key with RSA Public Key
Hi group,
I have written a simple program to test my understanding of the
OpenSSL APIs.
And of course I have a problem with one of them. My problem is that when
I use
RSA_public_encrypt to encrypt my Symmetric key is get the following error:
> Testing RSA encryption of Symmertic key
> 145 Encrypt In bytes: 128,
> 149 Encript failed:
> Code: 67555438
> error:0406D06E
> rsa routines:RSA_padding_add_PKCS1_type_2
> data too large for key size
The program first generates a Symmetric key, then uses it to encrypt and
decrypt some simple text that the user inputs. Next it create an RSA Key and
a public RSA key. then the same with these keys. The last thing tested is the
encryption of the Symmetric Key using the RSA keys which fails. The error
message does not make any sense to me since the Sym key is only 128 bytes.
I would appreciate any help with my problem. All of the code is here:
http://64.124.13.3/_OpenSSL_/Keys/
Thanks for your time.

William Estrada
MrUmunhum@popdial.com
MtUmunhumWireless.net ( http://MtUmunhumWireless.net )
Ymessenger: MrUmunhum
__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
User Support Mailing List opensslusers@openssl.org
Automated List Manager majordomo@openssl.org

RE: Error Encrytping Symmetric key with RSA Public Key
The answer is in: "data too large for key size"
According to Secure Programming Cookbook, when using RSA PKCS #1 v1.5
padding you can only encrypt messages up to 11 bytes smaller than the
modulus size in bytes. If you are using RSA1024, then that is
(1024/8)11=117 bytes.
Bill
Original Message
From: owneropensslusers@openssl.org
[mailtowneropensslusers@openssl.org] On Behalf Of William Estrada
Sent: September 30, 2008 4:31 PM
To: opensslusers@openssl.org
Subject: Error Encrytping Symmetric key with RSA Public Key
Hi group,
I have written a simple program to test my understanding of the
OpenSSL APIs.
And of course I have a problem with one of them. My problem is that when
I use
RSA_public_encrypt to encrypt my Symmetric key is get the following
error:
> Testing RSA encryption of Symmertic key
> 145 Encrypt In bytes: 128,
> 149 Encript failed:
> Code: 67555438
> error:0406D06E
> rsa routines:RSA_padding_add_PKCS1_type_2
> data too large for key size
The program first generates a Symmetric key, then uses it to encrypt
and
decrypt some simple text that the user inputs. Next it create an RSA Key
and
a public RSA key. then the same with these keys. The last thing tested
is the
encryption of the Symmetric Key using the RSA keys which fails. The
error
message does not make any sense to me since the Sym key is only 128
bytes.
I would appreciate any help with my problem. All of the code is here:
http://64.124.13.3/_OpenSSL_/Keys/
Thanks for your time.

William Estrada
MrUmunhum@popdial.com
MtUmunhumWireless.net ( http://MtUmunhumWireless.net )
Ymessenger: MrUmunhum
__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
User Support Mailing List opensslusers@openssl.org
Automated List Manager majordomo@openssl.org
__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
User Support Mailing List opensslusers@openssl.org
Automated List Manager majordomo@openssl.org

Re: Error Encrytping Symmetric key with RSA Public Key
Bill,
You are 100% right. I increased my buffer from 1024 to 1115 and it
works fine
now. I guess I should RTFM more?
Thanks.
Bill Colvin wrote:
> The answer is in: "data too large for key size"
>
> According to Secure Programming Cookbook, when using RSA PKCS #1 v1.5
> padding you can only encrypt messages up to 11 bytes smaller than the
> modulus size in bytes. If you are using RSA1024, then that is
> (1024/8)11=117 bytes.
>
> Bill
>
> Original Message
> From: owneropensslusers@openssl.org
> [mailtowneropensslusers@openssl.org] On Behalf Of William Estrada
> Sent: September 30, 2008 4:31 PM
> To: opensslusers@openssl.org
> Subject: Error Encrytping Symmetric key with RSA Public Key
>
> Hi group,
>
> I have written a simple program to test my understanding of the
> OpenSSL APIs.
> And of course I have a problem with one of them. My problem is that when
>
> I use
> RSA_public_encrypt to encrypt my Symmetric key is get the following
> error:
>
>
>> Testing RSA encryption of Symmertic key
>> 145 Encrypt In bytes: 128,
>> 149 Encript failed:
>> Code: 67555438
>> error:0406D06E
>> rsa routines:RSA_padding_add_PKCS1_type_2
>> data too large for key size
>>
>
> The program first generates a Symmetric key, then uses it to encrypt
> and
> decrypt some simple text that the user inputs. Next it create an RSA Key
> and
> a public RSA key. then the same with these keys. The last thing tested
> is the
> encryption of the Symmetric Key using the RSA keys which fails. The
> error
> message does not make any sense to me since the Sym key is only 128
> bytes.
>
> I would appreciate any help with my problem. All of the code is here:
>
> http://64.124.13.3/_OpenSSL_/Keys/
>
> Thanks for your time.
>
>

William Estrada
MrUmunhum@popdial.com
MtUmunhumWireless.net ( http://MtUmunhumWireless.net )
Ymessenger: MrUmunhum
__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
User Support Mailing List opensslusers@openssl.org
Automated List Manager majordomo@openssl.org

Re: Error Encrytping Symmetric key with RSA Public Key
Originally Posted by
unix The answer is in: "data too large for key size"
According to Secure Programming Cookbook, when using RSA PKCS #1 v1.5
padding you can only encrypt messages up to 11 bytes smaller than the
modulus size in bytes. If you are using RSA1024, then that is
(1024/8)11=117 bytes.
Bill
This doesn't make a whole lot of sense to me. Which probably means I'm totally not understanding it.
As I understand you, you are saying every time I encrypt something using OpenSSL I have to create a new key that is at least 11 bytes larger than what I'm trying to encrypt thus making the whole point of having a public key um... pointless.
That can't be right so what am I not understanding? The "common sense" way it should work is I create a key then I use that key to encrypt stuff regardless of the size of the stuff or the key. One should not depend on the other.
What I hear you saying is that if I send an encrypted 100MB file first I have to have a 100MB + 11 bytes key? That every time a I encrypt something I pretty much have to make a tailor made key to make sure the data isn't too big for the key. But that's insane, and not in a good way, so that can't be what you're saying. Right?
Oh, specifically I'm trying to use the following functionality to encrypt a file (I'm using OpenSSL because I know all my clients will have that):
openssl rsautl encrypt pubin inkey ~/.ssh/id_rsa.pub.pem in input.txt out output.enc
And getting this error message:
RSA operation error
6176:error:0406D06E:rsa routines:RSA_padding_add_PKCS1_type_2:data too large for key size:/SourceCache/OpenSSL098/OpenSSL09832/src/crypto/rsa/rsa_pk1.c:151:
Thank you in advance for your help.