Hi,
i'm facing the following problem with xml-sec 1.2.1.
I use a symmetric session-key (128Bit, AES) to encrypt some xml-data.
The session-key itself is encrypted by a public RSA-key and attached inside
a keyinfo element.
Encryption and decryption work fine when i choose either 512Bit RSA keysize
or >=2048Bit.
But when i use 1024Bit i get the following error during decryption:
java.lang.ArrayIndexOutOfBoundsException: too much data for RSA block
at
org.bouncycastle.jce.provider.JCERSACipher.engineDoFinal(JCERSACipher.java:2
83)
Here is the code i use for decryption:
Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
cipher.init(Cipher.UNWRAP_MODE, privateKey);
secKey = (SecretKey) cipher.unwrap(encSymKey, "AES",
Cipher.SECRET_KEY);
I traced the content of cipher.getBlockSize() using 512, 1024 and 2048 Bits
rsa keysize:
512Bits -->64Byte blocksize
1024Bits -->64Byte
2048Bits -->256Byte
The blocksize of the second entry seems to be bad. Why isn't it set to
128Byte?
Is this a bouncycastle or xml-sec issue? Or do i miss something important?
thanks for your comments,
jan
