Categories:
Android (13)
Apple Mac (27)
DH Keys (39)
DSA Keys (70)
EC Keys (968)
Firefox (30)
General (10)
Google Chrome (25)
Intermediate CA (152)
Java VM (29)
JDK Keytool (28)
Microsoft CertUtil (29)
Microsoft Edge (9)
Mozilla CertUtil (21)
OpenSSL (236)
Other (7)
Portecle (38)
Publishers (3288)
Revoked Certificates (16)
Root CA (85)
RSA Keys (2635)
Tools (46)
Tutorial (1)
What Is (22)
Windows (127)
Collections:
Other Resources:
OpenSSL rsautl "data too large for key size" Error
Why am I getting the "data too large for key size" error, when using OpenSSL "rsautl" command to encrypt a large file?
✍: FYIcenter.com
Because of the nature of the RSA algorithm,
a single encryption process can only encrypt input data
that is smaller than the modulus value of the RSA key.
In other words, the size (number of bytes) of the input data
should be smaller than the size (number bytes) of the modulus,
which is also the RSA key size.
If you try to use an RSA public key to encrypt a file larger than the key size, you will get the "data too large for key size" error. For example:
C:\Users\fyicenter>type clear.txt The quick brown fox jumped over the lazy dog. The quick brown fox jumped over the lazy dog. The quick brown fox jumped over the lazy dog. C:\Users\fyicenter>dir *.txt 138 clear.txt C:\Users\fyicenter>\local\openssl\openssl.exe OpenSSL> rsautl -encrypt -pubin -inkey my_rsa_pub.key -in clear.txt -out cipher.txt RSA operation error 18472:error:0406D06E:rsa routines:RSA_padding_add_PKCS1_type_2: data too large for key size:.\crypto\rsa\rsa_pk1.c:153: error in rsautl OpenSSL> OpenSSL> pkey -pubin -in my_rsa_pub.key -text -noout Public-Key: (1024 bit) ...
The test output tells us that:
Actually, OpenSSL could be improved to encrypt larger input files by dividing the input into multiple 128-byte blocks and perform encryption one block at a time.
⇒ OpenSSL "rsautl" - Encrypt Large File with RSA Key
⇐ OpenSSL "rsautl -decrypt" - Decryption with RSA Private Key
2021-05-04, 34987👍, 1💬
Popular Posts:
How to show all certificates in the server certificate chain using the OpenSSL "s_client -connect" c...
Certificate Summary: Subject: RapidSSL SHA256 CA - G3 Issuer: GeoTrust Global CA Expiration: 2022-05...
Certificate summary - Owner: user.hao123.com, service operation department, "BeiJing Baidu Netcom Sc...
Certificate summary - Owner: GeoTrust SSL CA, "GeoTrust, Inc.", US Issuer: GeoTrust Global CA, GeoTr...
What is getaCert.com Self-Signed Certificate Generator? getaCert.com Self-Signed Certificate Generat...