pk_encrypt/decrypt limited to <1024bit blocks
Werner Koch
wk at gnupg.org
Mon Sep 1 11:04:38 CEST 2008
On Mon, 1 Sep 2008 09:50, torsten.rupp at gmx.net said:
> is created. This works fine. If I change the value e. g. to 1024
> encryption or decryption does not work anymore. Is this a bug or a
> limitation?
That depends on your key size: You can't encrypt a 1024 bit value with a
1024 bit modulus if that value is karge than the modulus. Libgcrypt
does not enforce this because it expects that pkcs#1 encoding is done by
the caller or by passing the pkcs#1 flag. Without proper padding your
encryption is weak.
> I detected this problem when I encrypted/decrypted data blocks with
> 2048 bit (and a 1024bit key-pair). Sometimes it seems to work, but
You mean you try to encrypt a 2048 bit value with a 1024 bit key - that
is obviously not possible.
Salam-Shalom,
Werner
--
Linux-Kongress 2008 + Hamburg + October 7-10 + www.linux-kongress.org
Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz.
More information about the Gcrypt-devel
mailing list