使用BouncyCastle的RSA密码输入太大 [英] input too large for RSA cipher with BouncyCastle
问题描述
我试图以给定的时间间隔将SFTP服务写入服务器,下载目录中的所有文件,然后解密以进行处理.
I'm trying to write a service to SFTP to a server on a given interval, download all files in a directory, and then decrypt them for processing.
解密方法在某一时刻起作用,此后我没有对其进行修改.我仍然使用与成功工作时相同的键.
The decrypt method was working at one point, and I have no modified it since. I am still using the same keys as when it did successfully work.
我正在为BouncyCastle使用PGPEncrypt,PGPDecrypt和PGPEncryptionKeys类,可在以下位置找到: https://github.com/sledwith/PGP-Decryption-With-C-Sharp
I am using the PGPEncrypt, PGPDecrypt, and PGPEncryptionKeys classes for BouncyCastle found here: https://github.com/sledwith/PGP-Decryption-With-C-Sharp
此外,我还修改了代码,如下所示:解密文件的异常使用BouncyCastle PGP
Additionally, I have modified the code as shown here: Exception on decrypting file using BouncyCastle PGP
如果您注意到了,我评论了如何修复我的代码和解密.
If you noticed, I commented on how that fixed my code and the decryption worked.
现在不是.
有人知道为什么会发生这种情况,或者我怎么去解决它?
Does anyone have some insight why this might have happened, or how I could go about fixing it?
推荐答案
我要猜测您正在使用1024位RSA公钥/私钥,并尝试使用它加密128字节的内容吗?如果我是对的,请使用更大的RSA密钥(RSA 4096将允许您加密多达500个字节).
I am going to make a guess that you are using a 1024 bit RSA public/private key and trying to encrypt 128 bytes of something with it? If I am right, use a larger RSA key (RSA 4096 will allow you to encrypt up to ~500 bytes).
我在链接的帖子中指出您说这是零星的.一些谷歌搜索表明,如果要加密的字节中有前导零,则它可能能够处理完整的128个字节.
I note in the linked post you say this is sporadic. Some googling indicates that if you have leading zeros in the to-be-encrypted bytes it may be able to handle a full 128 bytes.
此外-如果您只是用密钥对加密数据",则需要确定它不会超出这些限制(RSA 2048为240个字节左右,RSA 4096为500字节左右,说明了填充).优良作法和将来的证明是对所有数据实施对称密钥加密,而仅使用RSA密钥对密钥进行加密/解密.
Also - if you are just encrypting "data" with the keypair, you need to be certain it will not overrun these limitations (240 or so bytes for RSA 2048 and 500 or so for RSA 4096 accounting for padding). Good practice and future proofing would be to implement a symmetric key encryption of all your data and just use the RSA key to encrypt / decrypt your keys.
这篇关于使用BouncyCastle的RSA密码输入太大的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
