cancel
Showing results for 
Search instead for 
Did you mean: 

Utility - Encryption VBO 'Bad Length' error message

TonyHann
Level 4
Hi,

I am having an issue with the Utility Encryption VBO, and was wondering if anyone has any ideas or suggestions?

I have the inputs to the VBO set up as per the below:-

29712.png
I am receiving the below error when I try to encrypt my text string.

29713.png
I believe that this is to do with the length of the text string I am trying to encrypt (approx. 300 characters) as if I enter the below, this works fine:-

29714.png
From trial and error, it seems to me that the VBO will successfully encrypt  and text provided up to 214 characters, when trying a 215 character string, the below error was generated, and any string over 215 characters returned the 'Bad Length' error

29715.png
Unfortunately, splitting my text into smaller segments isn't an option, as I am attempting to use the encryption object to create a JSON Web Signature and need to encode my header and payload together.

Is this an error with the object, or is there a limit to how long a text string I should be able to encode?

I get the same issue irrespective of if I use my own Key (which is what I need to do), or leaving the key blank to allow the object to generate one for me - both fail at the same text length.

Any ideas or suggestions would be welcome :)

Many thanks
Tony

------------------------------
Tony Hann
------------------------------
5 REPLIES 5

ewilson
Staff
Staff
Hi @TonyHann,

Which version of the Utility - Encryption VBO are you using? The last time I checked it only supported AES, TDES, and Rjindael as input for the algorithm.

Cheers,​

------------------------------
Eric Wilson
Director, Integrations and Enablement
Blue Prism Digital Exchange
------------------------------


Hi Eric,

Many thanks for taking the time to reply,

I'm using the current version from the DX, its showing as version 1.0.0 - but appears to have been updated about a fortnight ago,

29679.png
It mentions supporting RSA in the description, and has been updated with a relevant code stage :-
It seems to work absolutely fine, providing the text you are trying to encrypt is less than 214 characters.

29680.png

Many thanks
Tony

------------------------------
Tony Hann
------------------------------

@TonyHann,

Seems you are correct, and I am behind. :( I'll have to talk to the developer though as the version information should have been incremented with the addition of support for RSA.

With that said, the RSA algorithm is limited to how much data it can successfully encrypt, and that length is tied to the length of the key too. It looks like you are supplying your own key, correct? If you provide a key of say 256 bytes (2048 bits), you should be able to encrypt up to 245 bytes of data. With a key of 128 bytes (1024 bits), you could encrypt about 117 bytes of data.

You can calculate the maximum size of the data that can be encrypted, based on the size of the key, using the following formula:

((KEY_SIZE_IN_BITS - 384) / 8) + 37

Cheers,

------------------------------
Eric Wilson
Director, Integrations and Enablement
Blue Prism Digital Exchange
------------------------------

Thank you Eric,

I am using a 256 byte Key, and as the text I am trying to encode is already Base64 encoded, then I believe I should be able to encode up to 245 characters based on the above?

If so, then I have clearly got something wrong as the header and payload together I was trying to encode exceeded this size, however, I'm still not sure why the VBO seems to only be allowing about 214 characters of Base64 encoded text, rather than 245?

Many thanks
Tony


------------------------------
Tony Hann
------------------------------

@TonyHann,

After looking at the code, the actual call to the underlying RSACryptoServiceProvider.Encrypt() method is using OAEP padding as opposed to PKCS#1 v1.5. The formula I provided above is based on using PKCS#1 v1.5. For OAEP padding, the formula would be:

(KEY_SIZE_IN_BITS / 8) - 42  ​​​

So in your case that would give you (2048 / 8) - 42 = 214 bytes.

Cheers,

------------------------------
Eric Wilson
Director, Integrations and Enablement
Blue Prism Digital Exchange
------------------------------