-
Notifications
You must be signed in to change notification settings - Fork 769
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Encrypt 320 bytes with 2048-bit key throws "Message is too long for PKCS#1 v1.5 padding." #108
Comments
Yes, due to the mathematics (and padding) behind RSA encryption, you can only encrypt very small values. In order to use RSA encryption with larger values, typically you generate a symmetric key for use with another algorithm, such as AES. Then you encrypt the data using the AES symmetric key (there is no limitation on size using a symmetric encryption algorithm) and then you RSA-encrypt just the symmetric key and transmit that. AES keys are 16-32 bytes in size so they can easily fit within the RSA-encryption limitations. Then the recipient decrypts the symmetric key using their private RSA key and then they decrypt the encrypted data using the decrypted symmetric key. RSA encryption is also much slower than AES encryption, so this yields better performance anyway. |
To be more preciese, rfc 2321 https://www.ietf.org/rfc/rfc2313.txt That is the reason, why pkcs#7 was invented.
Von: Dave Longley [mailto:notifications@github.com] Am I doing something wrong? |
Thank you. We should add a note about it on the docs. It's could be helpful. |
My code is as follow:
var pair = forge.pki.rsa.generateKeyPair(2048);
pair.publicKey.encrypt('<<<--- 320 bytes string --->>>');
The error:
Message is too long for PKCS#1 v1.5 padding.
(rsa.js, line: 1382)
Am I doing something wrong?
Why the limit is so much tied?
The text was updated successfully, but these errors were encountered: