PyCrypto: Encode chinese charaters with RSA asymmetric key

I am trying to use PyCrypto to encrypt/decrypt some strings, and I am having troubles with Chinese characters.

When I try to encrypt "ni-hao" (hello)...

pemFile = open("/home/borrajax/keys/myKey.pem", "r")
encryptor = RSA.importKey(pemFile, passphrase="f00")
return encryptor.encrypt("你好", 0)[0]

... I keep getting errors:

Module Crypto.PublicKey.pubkey:64 in encrypt         
>>  ciphertext=self._encrypt(plaintext, K)
Module Crypto.PublicKey.RSA:92 in _encrypt         
>>  return (self.key._encrypt(c),)
ValueError: Plaintext too large

I have tried many combinations,

encryptor.encrypt(u"你好"...
encryptor.encrypt(u"你好".encode("utf-8")...

without any luck.

I guess I could always try to use base64 before encoding, but I'd like to leave that as a "last resource"... I was hoping for a more "elegant" way of doing this.

Has anyone encountered the same problems? Any hint will be appreciated. Thank you in advance.

Answers


First, you should be encrypting only binary data, not Unicode text. That means str type (in Python 2.x) or bytes (in Python 3.x and most recent Python 2.x). You must encode text before encrypting it, and you must decode it after you decrypt.

Second, the byte string you are encrypting must be smaller than the RSA modulus (e.g. less than 256 bytes for RSA2048). If your data is longer, think of using an intermediate AES session key.

Third, if you use PyCrypto 2.5, there is no good reason for using the .encrypt/.decrypt methods of the RSA key object. It is better and more secure to use one of the PKCS#1 methods: OAEP or v1.5. With them, the plaintext must be even shorter.


Need Your Help

A “pure” scheme implementation (R5RS) of SHA256?

hash scheme sha256 r5rs

I can use SHA256 in Scheme using external libraries (Java, C or system dependent) or using a specific Scheme implementation (like Chicken e.g.), but I wonder if there is a "pure" scheme implementat...

.htaccess: Redirect user to specific page if he accesses directory

regex apache .htaccess mod-rewrite redirect

I'm currently working on ironing out some little problems with my website and prep it for SEO a little bit. I followed Google's SEO Optimization guide and found this quote:

About UNIX Resources Network

Original, collect and organize Developers related documents, information and materials, contains jQuery, Html, CSS, MySQL, .NET, ASP.NET, SQL, objective-c, iPhone, Ruby on Rails, C, SQL Server, Ruby, Arrays, Regex, ASP.NET MVC, WPF, XML, Ajax, DataBase, and so on.