开发者

Asymmetric deterministic encryption (RSA) with Ruby

I was wondering if anyone knows of a way to deterministically encrypt a value in Ruby using an asymmetric encryption algorithm.

For most use-cases one only cares that when you encrypt 'A' you get 'A' back when you decrypt it, that is you do not care about the encrypted value it开发者_如何学Cself. You only care about the full roundtrip.

However, for an application that I'm developing I really need the output to be deterministic. That is, I need to encrypt something with RSA without a variable padding.

When I attempt to encrypt a value with OpenSSL::PKey::RSA::NO_PADDING an error is returned:

OpenSSL::PKey::RSAError Exception: data too small for key size

Anyone has an idea on how I can get a deterministic encrypted value using RSA?

Best regards,

DBA


You could perform the padding to the appropriate key length yourself with non-random data


This error comes from crypto/rsa/rsa_none.c

int RSA_padding_add_none(unsigned char *to, int tlen,
    const unsigned char *from, int flen)
    {
    if (flen > tlen)
            {
            RSAerr(RSA_F_RSA_PADDING_ADD_NONE,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
            return(0);
            }

    if (flen < tlen)
            {
            RSAerr(RSA_F_RSA_PADDING_ADD_NONE,RSA_R_DATA_TOO_SMALL_FOR_KEY_SIZE);
            return(0);
            }

    memcpy(to,from,(unsigned int)flen);
    return(1);
    }

Called from rypto/rsa/rsa_eay.c

static int RSA_eay_public_encrypt(int flen, const unsigned char *from,
         unsigned char *to, RSA *rsa, int padding)
...
               i=RSA_padding_add_none(buf,num,from,flen);

The flen is a message len; and the tlen is from: num=BN_num_bytes(rsa->n);

So, You need your data have the same byte length as your N parameter of RSA key

Also, as I know, your data must be smaller than N (if considered as single long-long-long binary number)

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜