OpenSSL "rsautl" - PKCS#1 v1.5 Padding Size

Q

Whet is the PKCS#1 v1.5 padding size with OpenSSL "rsautl -encrypt" command? I want to know the largest size of data that I can encrypt with my RSA key.

✍: FYIcenter.com

A

The minimum padding size of PKCS#1 v1.5 padding schema is 11 bytes which contains at least 8 bytes of random string.

So if you are using the "-pkcs" padding option, which is also the default padding option, with the "rsautl -encrypt" command, the input data size is limited to RSA key size minus 11 bytes. The table below lists maximum input data sizes for different RSA key size:

RSA key size   Encryption data size

  32 bits      Not supported
  64 bits      Not supported
 128 bits        5 bytes
 256 bits       21 bytes
 512 bits       53 bytes
1024 bits      117 bytes
2048 bits      245 bytes
4096 bits      501 bytes
...

You can verify this limitation the test below:

C:\Users\fyicenter>dir 11*.txt
   117 117-byte.txt
   118 118-byte.txt

C:\Users\fyicenter>\local\openssl\openssl.exe

OpenSSL> pkey -pubin -in my_rsa_pub.key -text -noout
Public-Key: (1024 bit)
...

OpenSSL> rsautl -encrypt -pubin -inkey my_rsa_pub.key -in 118-byte.txt 
   -out cipher.txt -pkcs
RSA operation error
4480:error:0406D06E:rsa routines:RSA_padding_add_PKCS1_type_2:data too large for
 key size:.\crypto\rsa\rsa_pk1.c:153:
error in rsautl

OpenSSL> rsautl -encrypt -pubin -inkey my_rsa_pub.key -in 117-byte.txt 
   -out cipher.txt -pkcs

OpenSSL> rsautl -decrypt -inkey my_rsa.key -in cipher.txt -raw -hexdump
0000 - 00 02 ae 23 28 64 94 e9-7c dd 00 31 32 33 34 35   ...#(d..|..12345
0010 - 36 37 38 39 30 61 62 63-64 65 66 31 32 33 34 35   67890abcdef12345
0020 - 36 37 38 39 30 61 62 63-64 65 66 31 32 33 34 35   67890abcdef12345
0030 - 36 37 38 39 30 61 62 63-64 65 66 31 32 33 34 35   67890abcdef12345
0040 - 36 37 38 39 30 61 62 63-64 65 66 31 32 33 34 35   67890abcdef12345
0050 - 36 37 38 39 30 61 62 63-64 65 66 31 32 33 34 35   67890abcdef12345
0060 - 36 37 38 39 30 61 62 63-64 65 66 31 32 33 34 35   67890abcdef12345
0070 - 36 37 38 39 30 61 62 63-64 65 66 31 32 33 34 35   67890abcdef12345

⇒ OpenSSL "rsautl -encrypt -raw" - No Padding

⇐ OpenSSL "rsautl -pkcs" - PKCS#1 v1.5 Padding Option

⇑ OpenSSL "rsautl" Command for RSA Keys

⇑⇑ OpenSSL Tutorials

2017-04-28, 3535👍, 0💬

OpenSSL "rsautl -oaep" - OAEP Padding Option
How to use OAEP padding with OpenSSL "rsautl" command? I was told to encrypt a password using an RSA public key with OAEP padding. OpenSSL "rsautl" uses PKCS#1 v1.5 padding as the default padding schema. So if you want to use OAEP padding, you have to using the "-oaep" option as shown below: C:\User... 2017-04-15, 13463👍, 0💬

OpenSSL "rsautl" - Encrypt Large File with RSA Key
How to encrypt a large file with an RSA public key using OpenSSL "rsautl" command? If you are trying to use an RSA public key to encrypt a file larger than the key size directly, you will get the "data too large for key size" error. One option to resolve the problem is to use the RSA-AES hybrid encr... 2017-06-07, 11624👍, 0💬

OpenSSL "rsautl -pkcs" - PKCS#1 v1.5 Padding Option
How to use RSA PKCS#1 v1.5 padding with OpenSSL "rsautl" command? I was told to encrypt a password using an RSA public key with PKCS#1 padding. OpenSSL "rsautl" uses PKCS#1 v1.5 padding as the default padding schema. But you can explicitly specify PKCS#1 v1.5 padding by using the "-pkcs" option as s... 2017-05-12, 10786👍, 0💬

OpenSSL "rsautl -encrypt -raw" - No Padding
Can I use OpenSSL "rsautl" command to encrypt data without any padding? Yes, you can encrypt data without any padding using the OpenSSL "rsautl -encrypt -raw" command. But you need to remember the following: No padding requires the input data to be the same size as the RSA key. No padding requires t... 2017-04-28, 8587👍, 0💬

OpenSSL "rsautl" Using PKCS#1 v1.5 Padding
What is the PKCS#1 v1.5 padding schema used in OpenSSL "rsautl" command? PKCS#1 v1.5 padding schema is a padding standard specified in RFC2313 "PKCS #1: RSA Encryption, Version 1.5" proposed by RSA Laboratories in 1998. PKCS#1 v1.5 padding schema is designed to pad input data to a full encryption bl... 2023-09-07, 7961👍, 1💬

OpenSSL "rsautl -encrypt -raw" - Data Too Large Error
Why am I getting the "data too large for key size" error with OpenSSL "rsautl -encrypt -raw" command? My input data is the same size as the RSA key and I am using no padding. In most case, you should be able to use the OpenSSL "rsautl -encrypt -raw" command to encrypt input data of the same size as ... 2017-04-22, 4948👍, 0💬

OpenSSL "rsautl" - Decrypt Large File with RSA Key
How to decrypt a large file with an RSA private key using OpenSSL "rsautl" command? I received a large encrypted file from my friend who used the RSA-AES hybrid encryption process with my public key. If your friend encrypted a large file with the RSA-AES hybrid encryption process with your public ke... 2017-05-20, 4490👍, 0💬

OpenSSL "rsautl" Using OAEP Padding
What is the OAEP padding schema used in OpenSSL "rsautl" command? OAEP (Optimal Asymmetric Encryption Padding), also called PKCS#1 2.0, is a padding standard specified in RFC3447 "PKCS #1: RSA Encryption, Version 1.5" proposed by RSA Laboratories in 1998. OAEP padding can be illustrated by the diagr... 2017-04-22, 4465👍, 0💬

OpenSSL "rsautl" - PKCS#1 v1.5 Padding Size
Whet is the PKCS#1 v1.5 padding size with OpenSSL "rsautl -encrypt" command? I want to know the largest size of data that I can encrypt with my RSA key. The minimum padding size of PKCS#1 v1.5 padding schema is 11 bytes which contains at least 8 bytes of random string. So if you are using the "-pkcs... 2017-04-28, 3536👍, 0💬

All rights in the contents of this web site are reserved by the individual author. fyicenter.com does not guarantee the truthfulness, accuracy, or reliability of any contents.