Problem solved. It was my fault. After generating another 1024Bit RSA key
pair
everything works fine.
-----Ursprüngliche Nachricht-----
Von: Liße, Jan (ext. Dienstleister)
Gesendet: Dienstag, 6. September 2005 19:18
An: 'security-dev@xml.apache.org'
Betreff: Problem with rsa decryption
Hi,
i'm facing the following problem with xml-sec 1.2.1.
I use a symmetric session-key (128Bit, AES) to encrypt some xml-data. The
session-key itself is encrypted by a public RSA-key and attached inside a
keyinfo element. Encryption and decryption work fine when i choose either
512Bit RSA keysize or >=2048Bit. But when i use 1024Bit i get the following
error during decryption:
java.lang.ArrayIndexOutOfBoundsException: too much data for RSA block
at
org.bouncycastle.jce.provider.JCERSACipher.engineDoFinal(JCERSACipher.java:2
83)
Here is the code i use for decryption:
Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
cipher.init(Cipher.UNWRAP_MODE, privateKey);
secKey = (SecretKey) cipher.unwrap(encSymKey, "AES",
Cipher.SECRET_KEY);
I traced the content of cipher.getBlockSize() using 512, 1024 and 2048 Bits
rsa keysize:
512Bits -->64Byte blocksize
1024Bits -->64Byte
2048Bits -->256Byte
The blocksize of the second entry seems to be bad. Why isn't it set to
128Byte? Is this a bouncycastle or xml-sec issue? Or do i miss something
important?
thanks for your comments,
jan
