You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@santuario.apache.org by "Liße, Jan (ext. Dienstleister)" <Ja...@KVB.de> on 2005/09/06 19:18:06 UTC

Problem with rsa decryption

Hi,

i'm facing the following problem with xml-sec 1.2.1.
I use a symmetric session-key (128Bit, AES) to encrypt some xml-data.
The session-key itself is encrypted by a public RSA-key and attached inside
a keyinfo element.
Encryption and decryption work fine  when i choose either 512Bit RSA keysize
or >=2048Bit.
But when i use 1024Bit i get the following error during decryption:
java.lang.ArrayIndexOutOfBoundsException: too much data for RSA block
	at
org.bouncycastle.jce.provider.JCERSACipher.engineDoFinal(JCERSACipher.java:2
83)

Here is the code i use for decryption:
             Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");    
             cipher.init(Cipher.UNWRAP_MODE, privateKey);
             secKey = (SecretKey) cipher.unwrap(encSymKey, "AES",
Cipher.SECRET_KEY);

I traced the content of cipher.getBlockSize() using 512, 1024 and 2048 Bits
rsa keysize:
512Bits     -->64Byte blocksize
1024Bits   -->64Byte  
2048Bits   -->256Byte

The blocksize of the second entry seems to be bad.  Why isn't it set to
128Byte?
Is this a bouncycastle or xml-sec issue? Or do i miss something important?

thanks for your comments,
jan