0

I have encrypted a String using AES. I have given a key for AES to do so. Now , i am trying to encrypt that given key with RSA(Till here everything went well), Now i need to encrypt this encrypted key with RSA once again. I am getting an error "Data must not be longer than 117 bytes". 

public String encrypt(String DATA,String key_string) throws Exception {
    String separator = "//msit//";
    byte[] data = key_string.getBytes();
    MessageDigest sha = MessageDigest.getInstance("SHA-1");
    data = sha.digest(data);
    data = Arrays.copyOf(data, 16); // use only first 128 bit
    SecretKey key = new SecretKeySpec(data, "AES");
    String final_matter = DATA + separator;
    System.out.println(final_matter);
    ecipher = Cipher.getInstance("AES");
    ecipher.init(Cipher.ENCRYPT_MODE, key);
    byte[] utf8 = final_matter.getBytes("UTF8");
    byte[] enc = ecipher.doFinal(utf8);
    return new sun.misc.BASE64Encoder().encode(enc);
    }

PUBLIC KEY INFRA STRUCTURE

RecklessSergio
  • 806
  • 3
  • 10
  • 34
  • Are you trying to require multiple persons to be present to decrypt the key? – Maarten Bodewes Nov 22 '12 at 12:16
  • No, I am actually implementing PKI, In this i need to encrypt the key(AES KEY to encrypt the DATA) with private key of sender and and then the resultant with public key of receiver. Here the problem is encrypting with public key gives the error "Data must not be longer than 117 bytes" – RecklessSergio Nov 22 '12 at 12:21
  • "encrypt the key with private key of sender" Why would you want to do that? A private key is for decryption and signing, never for encryption. See http://crypto.stackexchange.com/questions/4041/how-do-i-encrypt-with-the-private-key – CodesInChaos Nov 22 '12 at 14:01
  • Why do you post the AES code part when the RSA part is raising the error? – Robert Nov 22 '12 at 14:01
  • But i have read that in Public key infrastructure, key part should be encrypted with private key. @CodesInChaos – RecklessSergio Nov 22 '12 at 14:31
  • 3
    Then you read nonsense. You never encrypt with a RSA private key. You encrypt the session key with the receivers public key. And optionally you sign the message with your own private key. – CodesInChaos Nov 22 '12 at 14:34
  • Does the image explain PKI properly? OR I am getting it wrong? I am confused – RecklessSergio Nov 22 '12 at 16:02
  • The image is incorrect where it says "key is encrypted with private key". – President James K. Polk Nov 22 '12 at 16:52
  • can you please help me out with better one other than wikipedia. @GregS – RecklessSergio Nov 22 '12 at 17:01
  • 1
    @MaheshVemuri: In my opinion the topic too large to cover in a single answer, and probably not on-topic for stackoverflow. Maybe on [crypto stackexchange](http://crypto.stackexchange.com/), but not here. – President James K. Polk Nov 22 '12 at 17:04
  • I agree with @GregS. This question has morphed into "What is a PKI?" and, as such, I've voted to close. – Duncan Jones Nov 24 '12 at 07:20

1 Answers1

1

The largest amount of data an RSA key can encrypt is equal to its modulus length. So a 1024-bit RSA key can only encrypt 128 bytes. You're probably using PKCS #1 padding, which further reduces the possible size to 117 bytes.

Your AES key should be much smaller than the maximum. The largest possible AES key size is 256 bits, which is 32 bytes.

Please inspect your code and ensure you are only attempting to encrypt the key data and nothing else.

Based on your comment above, it seems you are encrypting too much data. Try the following:

  • Sign the AES key with the sender's private key, but keep the result separate.

  • Encrypt the AES key with the recipient's public key.

  • Send both parts to the recipient.

The result of signing with a private key is a piece of data equal in size to the modulus of the key. So you cannot then encrypt that with a public key of the same length. Your scheme is broken and should be altered to work as I suggest above.

I would strongly suggest you look for an existing PKI system to use in place of anything home-grown. Maybe EJBCA?

Duncan Jones
  • 67,400
  • 29
  • 193
  • 254
  • Interesting that you retracted your comments and answer acceptance. Have you encountered a further issue? – Duncan Jones Nov 22 '12 at 12:10
  • Yes, I tried AES key with the length 16 bytes. Even then its not working – RecklessSergio Nov 22 '12 at 12:17
  • 1
    @MaheshVemuri: obviously your code isn't doing what you claim it is. If you post it maybe we can find the bug, if you don't then what can you expect? – President James K. Polk Nov 22 '12 at 13:45
  • 1
    As a side-note: One should not use PKCS#1v1.5 padding for encryption. It's very broken. Use OAEP instead. – CodesInChaos Nov 22 '12 at 14:05
  • @CodesInChaos Completely agree. Why people continue to invent their own schemes is beyond me. Excluding educational purposes, of course. – Duncan Jones Nov 22 '12 at 14:06
  • I dislike most existing schemes, so I totally understand trying to replace them. – CodesInChaos Nov 22 '12 at 14:19
  • But i have read that in Public key infrastructure, key part should be encrypted with private key. – RecklessSergio Nov 22 '12 at 14:31
  • A public key infrastructure has no symmetric keys. So what you are building is a hybrid system of sorts. I'm afraid I don't know the rules of the system you are building. Note that "encrypting with private key" should be referred to as "signing with the private key". A signature is not a sensitive piece of information, so it needn't be protected. – Duncan Jones Nov 22 '12 at 14:48
  • 2
    @DuncanJones even that depends, e.g. RSA PKCS1.5 creates the same signature over and over if you feed it the same data. So if you sign "yes" twice, you can easily distinguish it from signatures over "yes" and "no". This can be an issue if you do not encrypt the signature, and you do want to obtain confidentiality of the data. – Maarten Bodewes Nov 24 '12 at 00:14