ArrayIndexOutOfBoundsException : too much data for RSA block

Question

I have some problem with my android application. I am trying to an app related with RSA encryption/decryption.this is my problem:

I can encrypt short sentences clear

Answer 1

In my use case, I need to encrypt some request data to server, from my app.

If I encrypt the AES key with RSA, that's kind of meaningless because the point of using RSA instead of AES, is to prevent reverse-engineering to get the AES key (versus RSA needs a private key stored in server for decryption). Since the AES key needs to be stored in the app locally, I cannot use the approach as suggested by erickson.

Instead, I split the long string into List<String> (Each length suggested by server provider); and encrypt each String.

After that, the List<String> is passed to server in a json array, and let server decrypt each and re-join them.

Of course, this approach needs your server's support, and can potentially has performance issue.

Answer 2

RSA can only encrypt messages that are several bytes shorter than the modulus of the key pair. The extra bytes are for padding, and the exact number depends on the padding scheme you are using.

RSA is for key transport, not data encryption. If you have a long message, encrypt it with AES, using a random key. Then encrypt the AES key with RSA, using the public key of the message recipient. You should be using the Cipher class's wrap() and unwrap() methods.

This is how PGP, S/MIME, TLS (roughly), and any other correctly designed RSA encryption schemes work.