RSAEncrypt long strings

I am trying to encrypt strings with RSAEncrypt and Decrypt by using the example at http://documentation.xojo.com/index.php/Crypto.RSADecrypt

It works well with the 14 characters sample message, so I modified it to accept longer strings to encrypt/decrypt as follow :

[code] dim kMessage as string = "this is a test this is a test this is a test this is a test this is a test this is a test this is a test this is a test "

If Crypto.RSAGenerateKeyPair( 1024, privateKey, publicKey ) Then
// 1024-bit private and public keys were generated
End If

If Crypto.RSAGenerateKeyPair( 1024, privateKey, publicKey ) Then
// 1024-bit private and public keys were generated

Dim msg As New MemoryBlock(len(kMessage))
msg.StringValue(0, len(kMessage)) = kMessage

// Encrypt msg using the publicKey
Dim encryptedData As MemoryBlock = Crypto.RSAEncrypt( msg, publicKey )

If encryptedData <> Nil Then
  MsgBox("Successfully encrypted.")
  
  // Now decrypt
  Dim decryptedData As MemoryBlock = Crypto.RSADecrypt( encryptedData, privateKey )
  Msgbox("DecryptedData=" + decryptedData.StringValue(0, len(kMessage)))
End If

End If[/code]

I replaced the fixed length of the memoryblock by len(kMessage) .
When I run it with the message "this is a test … as it shows, I get a Crypto exception “RSA/OAET - MGF1(SHA-1): message length of 120 exceeds the maximum of 86 for this public key”.

What would be the best approach ?

  • Is there a way to set the maximum for a public key ?
  • Should I divide my message in 86 character clusters to encrypt and decrypt ?
  • Is there another, better method ?

You will need to encrypt in multiple clusters, however the maximum length is defined by the bit size of the key. Unfortunately, I haven’t been able to figure out the math which dictates the maximum length. A solution I’ve used in the past is to keep adding characters to the string until I get the exception. Then I known the maximum and know how many chunks I’ll need to create.

I’d be very happy to know a formula to determine the maximum length based on the key size.

OAEP use a hash function with output length as h bits; this implies a size limit of floor(n/8)-2*ceil(h/8)-2: still for a 1024-bit RSA key, with SHA-256 as hash function (h = 256), this means binary messages up to 60 bytes. I’m not sure if it applies to OAET as well. Will play around for a bit and test. It should work the same substituting 256 for 1 in the case of SHA-1.

[quote=77997:@Thom McGrath]You will need to encrypt in multiple clusters, however the maximum length is defined by the bit size of the key. Unfortunately, I haven’t been able to figure out the math which dictates the maximum length. A solution I’ve used in the past is to keep adding characters to the string until I get the exception. Then I known the maximum and know how many chunks I’ll need to create.

I’d be very happy to know a formula to determine the maximum length based on the key size.[/quote]

I am going to divide the string into 85 bytes chunks, then, with a one byte header for the cluster length, as the last one may range in size from 1 to 85.

It looks like the header size is 42 (go figure):

1024 ÷ 8 = 128 - 42 = 86 2048 ÷ 8 = 256 - 42 = 214 4096 ÷ 8 = 512 - 42 = 470

Isn’t that always, ultimately, the answer?

it just made me chuckle. I wonder if the crypto++ people went out of their way to make that be.

Makes you wonder if you can find “Oh no not again” or “So long and thanks for all the fish” in the source code :stuck_out_tongue:

I faced the same problem. Hmm… 86 bytes max

Keep in mind that RSA encryption is generally very slow. If you have a lot of data, consider using something like blowfish to encrypt the data and then use RSA to encrypt the blowfish key.

Given the hassle to put an app that uses encryption in the MAS, I have simply abandoned the project since :stuck_out_tongue: