-
-
Notifications
You must be signed in to change notification settings - Fork 2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
JSEncrypt#encrypt creates sporadically invalid ciphertexts #158
Comments
Hello! |
As workaround the too short ciphertext can be padded manually to the length of the modulus with 0x00-values. Of course, it would be better if the bug would be fixed. Here the bug seems to be the problem as well. |
@user163 does it work for you? |
Yes, the fix works, even in your case. I have tested it successfully with your code using several examples. I just posted a comment and an update on SO. |
3.3.2 not work too |
Version
jsencrypt 2.3.1 and 3.0.0-rc.1
Issue:
JSEncrypt#encrypt
sometimes generates a ciphertext with a length that is smaller than the modulus, i.e. the ciphertext is not padded with leading0x00
values to the length of the modulus.According to RFC 8017, Section-7.2.2, Step 1, a ciphertext with a smaller length than the modulus is invalid.
JSEncrypt#decrypt
seems to take this into account, because it decrypts also too short ciphertextscorrectly.
Problems arise when the decryption is performed in other languages, e.g. Python. Here
the decryption is aborted with an error message Ciphertext with incorrect length, see this SO-issue jsencryptjs-encrypt-but-python-cannot-decrypt.
How should it be?
Creation of a ciphertext according to RFC 8017, i.e. a ciphertext with a smaller length than the
modulus is padded with
0x00
values to the length of the modulus.How can the issue be reproduced?
Run the code below. In the example code, a key with a modulus of 128 bytes is used. The code generates ciphertexts in a loop, aborts as soon as a too short ciphertext is generated and displays it:
The text was updated successfully, but these errors were encountered: