使用公钥的RSA加密.基于密钥的数据大小 [英] RSA encryption using public key. Data size based on key
问题描述
我正在使用OpenSSL RSA API通过服务器的公钥加密数据.
I'm using the OpenSSL RSA API to encrypt data with a server's public key.
uint32_t rsasize = RSA_size(keypair); // -- RSA key size == 256
uint32_t dl = 255
uint8_t *d; // points to 255 bytes of data
unsigned char *encrypt = (unsigned char*)malloc(rsasize);
auto num = RSA_public_encrypt(dl, d, encrypt, keypair, RSA_NO_PADDING);
if ( num == -1 )
{
auto err = malloc(130);
ERR_load_crypto_strings();
ERR_error_string(ERR_get_error(), (char*)err);
printf("Error encrypting message: %s\n", err);
return nullptr;
}
我正在使用RSA_NO_PADDING
,因此RSA应该使用256字节的公钥轻松加密255字节.但我收到了这个:
I'm using RSA_NO_PADDING
so RSA should crypt 255 bytes with 256 byte public key easily. But I'm receiving this:
Error encrypting message: error:0406B07A:rsa routines:RSA_padding_add_none:data too small for key size
我将dl(data_lenght)更改为256(仅+1),我明白了:
I changed dl(data_lenght) to 256 (just +1) and I got this:
Error encrypting message: error:04068084:rsa routines:RSA_EAY_PUBLIC_ENCRYPT:data too large for modulus
我知道RSA可以使用256密钥编码255个字节.有什么问题吗?
I know that RSA can encode 255 bytes with 256-key. What's the problem?
推荐答案
您在错误的一端进行填充.如果您有255个字节的数据,并且想将其填充到256个字节,则应在高阶末尾添加一个零字节 .换句话说,您应该在d [0]之前插入0.
You are padding at the wrong end. If you have 255 bytes of data and you want to pad it out to 256 you should add a zero byte at the high-order end. In other words, you should insert a 0 just before d[0].
这篇关于使用公钥的RSA加密.基于密钥的数据大小的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!