pycrypto rsa decrypt does not work on long message (longer than half of modulus size)

Bug #898466 reported by James Cao on 2011-12-01
This bug affects 3 people
Affects Status Importance Assigned to Milestone

Bug Description

When using RSA-1024 private key, the following code can not decrypt correctly for messages longer than 64 bytes.
But if we change the string data to be shorter than 64 bytes, the code works well.
BTW, the openssl private key decryption can work for any message less than 1024 bits.

from Crypto.PublicKey import RSA

def main():
  key = RSA.importKey(open('svckey.priv').read())
  publickey = key.publickey()
  #data = "\0\0abcdeabcdeabcdeabcdeabcdeabcdeabcdeabcdeabcdeabcdeabcdeabcdeabcdeabcdeabcdeabcdeabcdeabcdeabcdeabcdeabcdeabcdeabcdeabcdeabcdea"
  data = "abcdefghijklmnopqrstuvwxyzabcdefghijklmnopqrstuvwxyzabcdefghijklm"

  enc_data = publickey.encrypt(data,16) # test decryption
  dec_data = key.decrypt(enc_data)


James Cao (jamesfengcao) wrote :

BTW, the pycrypto encrypt works well, for any message less than 1024 bits, I can decrypt it with openssl without any problem.
So the issue locates in pycrypto decryption implementation.

Dwayne Litzenberger (dlitz) wrote :

There was a bug in RSA.importKey in PyCrypto 2.3, which was fixed in PyCrypto 2.4.

fabrom (fabrom-jability) wrote :

Also found in 2.5

Zviki Cohen (zvikico) wrote :

Just wanted to confirm that this bug still exists in 2.4 as well as the latest 2.6. I tested it on my local system, OS X 10.8.2 running Python 2.7.2.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers