问题
I'm getting the error "Error: error:0406C06E:rsa routines:RSA_padding_add_PKCS1_type_1:data too large for key size"
when I do:
var crypto = require('crypto');
var fs = require('fs');
var first_keys = {
public_key: fs.readFileSync('tests/public.key'),
private_key: fs.readFileSync('tests/private.key')
}
var first_result = crypto.privateEncrypt({
key: first_keys.private_key
}, new Buffer("Hello World!"));
var second_result = crypto.privateEncrypt({
key: first_keys.private_key
}, first_result);
var second_plaintext = crypto.publicDecrypt({
key: first_keys.public_key
}, second_result);
var first_plaintext = crypto.publicDecrypt({
key: first_keys.public_key
}, second_plaintext);
if(first_plaintext == new Buffer("Hello World!"))
console.log("Hello World!");
I know it is weird, but I'm creating a process that requires this to work for n iterations (private encrypting for n keys and public decrypting for n keys). I'm using a single key for testing purposes.
回答1:
RSA works by doing modular exponentiation. This means that anything that is encrypted will usually have as many bits as the modulus (which is the product of the two primes).
RSA needs a padding scheme to be secure. The default is RSA_PKCS1_OAEP_PADDING
in node.js. This padding scheme adds 42 bytes to the plaintext before encryption, but now the new plaintext (first_result
) is larger than the modulus and it will not be able to encrypt it in a recoverable manner.
You have two options:
- Use hybrid encryption or
- Disable padding for later iterations.
Let's try disabling padding:
var first_result = crypto.privateEncrypt({
key: first_keys.private_key
}, new Buffer("Hello World!"));
var second_result = crypto.privateEncrypt({
key: first_keys.private_key,
padding: constants.RSA_NO_PADDING
}, first_result);
var second_plaintext = crypto.publicDecrypt({
key: first_keys.public_key,
padding: constants.RSA_NO_PADDING
}, second_result);
var first_plaintext = crypto.publicDecrypt({
key: first_keys.public_key
}, second_plaintext);
来源:https://stackoverflow.com/questions/34124795/getting-error-data-too-large-for-key-size-with-crypto-node-js