I don't know of rsautl, but for RSA encryption in general the data being encrypted must be shorter than the key length (modulus length). For PKCS1 padding, the data length must be at least 11 bytes shorted than the key length. It's of course possible to encrypt consecutive blocks until all data has been encrypted, but since you're getting this error I'm guessing that rsautl can only handle a single block. So if you're using a 512-bit key your data can be at most 53 bytes, and if it's a 1024-bit key your data should be 117 bytes or less. Steven -- Steven Reddie <[EMAIL PROTECTED]> Senior Software Engineer Computer Associates Pty Ltd (Australia) > -----Original Message----- > From: Sergio Sagliocco [SMTP:[EMAIL PROTECTED]] > Sent: Thursday, February 08, 2001 10:11 PM > To: [EMAIL PROTECTED] > Cc: [EMAIL PROTECTED] > Subject: Encryption Problem > > I 'm trying to encrypt a file with rsautl so: > > openssl rsautl -in text -inkey cacert.pem -certin -encrypt -out enc > > but it displays the following error: > > 1840:error:0406D06E:rsa routines:RSA_padding_add_PKCS1_type_2:data too > large for key size:rsa_pk1.c:151: > > I've tried to change padding but it display the same error. > > What is the problem? > > Is there a limit for the size of the file to encrypt? > > Regards, > > Sergio > > > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > Development Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
