Crypto RSA and memory block size?

Rich_H · September 22, 2014, 7:56pm

I am currently looking at the Crpyto RSA functionality in which I am looking at the Decrypted example in which I had a question about. In the example, the memoryblock was set to a size of 14. I noticed that if I changed it to 100, when I run it… it tends to hang without returning the msgbox.

is there a limitation on how big the memoryblock can be?

[code] Dim privateKey As String
Dim publicKey As String

If Crypto.RSAGenerateKeyPair( 1024, privateKey, publicKey ) Then
// 1024-bit private and public keys were generated

Const kMessage = "this is a test"

Dim msg As New MemoryBlock(100)
msg.StringValue(0, 100) = kMessage

// Encrypt msg using the publicKey
Dim encryptedData As MemoryBlock = Crypto.RSAEncrypt( msg, publicKey )

If encryptedData <> Nil Then
  MsgBox("Successfully encrypted.")
  
  // Now decrypt
  Dim decryptedData As MemoryBlock = Crypto.RSADecrypt( encryptedData, privateKey )
  Msgbox("DecryptedData=" + decryptedData.StringValue(0, 100))
End If

End If[/code]

Rich_H · September 22, 2014, 8:07pm

I had exceptions turned off and just turned it back on.

I get an exception on:

Dim encryptedData As MemoryBlock = Crypto.RSAEncrypt( msg, publicKey )

with a error message of:

RSA/OAEP-MGF1(SHA-1): message length of 100 exceeds the maximum of 86 for this public key

is it possible to increase the maximum of length of 86?

Kem_Tekinay · September 22, 2014, 8:09pm

Use a larger bit-size when generating the keys.

BTW, you don’t need to work in MemoryBlocks. Use strings and let the framework convert to and from MemoryBlock for you.

Rich_H · September 22, 2014, 8:42pm

Kem,

thank you for your input.

I was working off the doc’s example. I removed the memoryblock and changed it to a string and works like a charm.

Michel_Bujardet · September 22, 2014, 9:05pm

Works fine in English, but can be a pain when using languages that employ higher code points such as accented characters.
I experimented with that a couple months ago, and the string conversion may outgrow the maximum size accepted by the Crypto class. And since the byte length depends on how many accented characters are in there and that is variable, can be a challenge, and a source of errors that show up as bugs.

Tim_Hare · September 22, 2014, 9:10pm

Use LenB to check the size. I’d still prefer using string instead of memoryblock.

Michel_Bujardet · September 22, 2014, 9:16pm

That is much easier indeed. If I had know that I could have used strings before, I would have loved that. Maybe a good idea to suggest a modification of the LR to mention that possibility.

Rich_H · September 22, 2014, 9:17pm

Tim,

you make a good point. the data I am working with can vary in length. My objective is for location A to encrypt data before sending to location B to be decrypted and off to another process.

Kem_Tekinay · September 22, 2014, 10:19pm

Depending on how much data there is, you may have to split it up into blocks, encrypt each block, then decrypt and reassemble on the other side.

Is an SSL connection not an option here?

Rich_H · September 23, 2014, 12:21am

Hey Kem,

that is a really good idea about breaking it up into blocks.

The data I am working with is a relativity small XML file that will be transferred on an intranet network. So far in my testing, the largest file I could generate was able to be encrypt and decrypt without error.

Greg_O_Lone · September 23, 2014, 1:55am

Typically what you would do for a large file is to use something like BlowFish to encrypt the data because it is fast, and then encrypt the blowfish key with RSA. USE SOMETHING LIKE A 2048 bit key in blowfish and you’ve got the best of both worlds.