javascript - Questions about RSA padding algorithm -
so have javascript encrypted library using chrome extension encrypts text strings in rsa sends server, noticed uses pkcs#1 (type 2) padding pad data.
i wanted know if padding algorithmic considered secure enough rsa encrypting text , sending on unencrypted http connection.
here function performs padding:
// pkcs#1 (type 2, random) pad input string s n bytes, , return bigint function pkcs1pad2(s,n) { if(n < s.length + 11) { alert("message long rsa"); return null; } var ba = new array(); var = s.length - 1; while(i >= 0 && n > 0) {ba[--n] = s.charcodeat(i--);}; ba[--n] = 0; var rng = new securerandom(); var x = new array(); while(n > 2) { // random non-zero pad x[0] = 0; while(x[0] == 0) rng.nextbytes(x); ba[--n] = x[0]; } ba[--n] = 2; ba[--n] = 0; return new biginteger(ba); } how secure algorithm, , matter padding used in rsa long key large in size (4096 bit in case)?
is padding considered pkcs#1 1.5?
thanks.
yes, looks pkcs#1 padding. want hear it's 'security'? yes, secure. , still used in pki. can use oaep if doubt security. however, problem not on algorithm's side.
Comments
Post a Comment