[pycrypto] RSA output on long inputs can sometimes be gibberish

Philip Horger campadrenalin at gmail.com
Fri Jul 27 09:19:48 EDT 2012 

Fantastic! Thank you very much, this sounds like exactly what I was looking
for!

On Fri, Jul 27, 2012 at 3:15 AM, Sebastian Ramacher <
sebastian+lists at ramacher.at> wrote:

> Running the tests fails most of the time with:
>
> $ python -m ejtp.rsatest
> key1 >> key2
> Traceback (most recent call last):
>   File "/usr/lib/python2.7/runpy.py", line 162, in _run_module_as_main
>     "__main__", fname, loader, pkg_name)
>   File "/usr/lib/python2.7/runpy.py", line 72, in _run_code
>     exec code in run_globals
>   File "/tmp/EJTP-lib-python/ejtp/rsatest.py", line 33, in <module>
>     test_run(key1, key2)
>   File "/tmp/EJTP-lib-python/ejtp/rsatest.py", line 27, in test_run
>     ciphertext = encode(plaintext, key1, key2)
>   File "/tmp/EJTP-lib-python/ejtp/rsatest.py", line 19, in encode
>     return reciever.encrypt(sender.decrypt(msg))
>   File "ejtp/util/crypto/rsa.py", line 44, in encrypt
>     value[marker:marker+self.blocksize], "")[0])
>   File "/usr/lib/python2.7/dist-packages/Crypto/PublicKey/RSA.py", line
> 150, in
> encrypt
>     return pubkey.pubkey.encrypt(self, plaintext, K)
>   File "/usr/lib/python2.7/dist-packages/Crypto/PublicKey/pubkey.py", line
> 75,
> in encrypt
>     ciphertext=self._encrypt(plaintext, K)
>   File "/usr/lib/python2.7/dist-packages/Crypto/PublicKey/RSA.py", line
> 224, in
> _encrypt
>     return (self.key._encrypt(c),)
> ValueError: Plaintext too large
>
> The code in ejtp/util/crypto/rsa.py looks like you're not doing proper
> padding
> and using fixed sized blocks that don't depend on the key parameters. That
> won't
> work.
>
> You might want to have a look at PKCS#1 OAEP and pycrypto's
> Crypto.Cipher.PKCS1_OAEP module [1].
>
> Kind regards
>
> [1]
>
> https://www.dlitz.net/software/pycrypto/api/current/Crypto.Cipher.PKCS1_OAEP-module.html
> _______________________________________________
> pycrypto mailing list
> pycrypto at lists.dlitz.net
> http://lists.dlitz.net/cgi-bin/mailman/listinfo/pycrypto
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.dlitz.net/pipermail/pycrypto/attachments/20120727/d0dc0285/attachment.html>

More information about the pycrypto mailing list