Python Crypto, RSA Public/Private key, with large file


I now know that RSA Public/Private key can only encrypt very short input at once, but can anyone provide a way to encrypt any type of file(.txt, .phf, .exe, etc) with only the public/private key? I do not want to have additional AES key.

Here is my code, I am not getting the original content back after my encryption and decryption with the pair of public & private key. I do not care about how safe is my encryption or decryption, I just want the simple encrypt decrypt working on any input that it might take, no matter how long or large it is.

from Crypto.PublicKey import RSA
from Crypto import Random

random_generator =
key = RSA.generate(1024, random_generator)
public_key = key.publickey()

f = open('C:\Users\Administrator\Desktop\jack.txt','r').read()

print 'original content: '+ f

enc_data = public_key.encrypt(f, 32)
print 'encrypted data: '
print enc_data

dec_data = key.decrypt(enc_data)
print 'decrypted data: '+ dec_data

Here is the output:

original content: Python Cryptography Toolkit

A collection of cryptographic modules implementing various algorithms and protocols.


Secret-key (AES, DES, ARC4) and public-key encryption (RSA PKCS#1) algorithms
Hashing algorithms (MD5, SHA, HMAC)
Cryptographic protocols (Chaffing, all-or-nothing transform, key derivation functions). This package does not contain any network protocols.
Public-key encryption and signature algorithms (RSA, DSA)
Public-key signature algorithms (RSA PKCS#1)
Various useful modules and functions (long-to-string conversion, random number generation, number theoretic functions)
encrypted data: 
('\x08\xe3\x9d\x03\x1e\xe9(\xe2\xc7\xc6e\x0b5\x02\xc0\xd8G\x1f\xf5\xb8\x9cMC\x93Z\x982\xa5\x97\xec\xab4\x18\xc2\xc8\xd9\xd3\x99aX\xd96b\x19\x96\xdc\x1d|F\xe0\xa9\xa9\xea\x03\x10>0g\x83\xdb\xeb\xdb\x13\x91\xc6\xd8\xf6\x95\xedE@A\x0bc\xae\xbe\xbe\xf0\xde\xcc\xcexk\x10\xb3\x86\xd3\xdd\xd0\xca@T2\x9a\x8a6ut\xb1\xaf\x07\x1f\xa2M\r\xf0D\xa2`h\xc3\x89\x18\x0e\xd4\xca\xee\xf5\xfc\x01\xed\x95}X\x1f\x13 1',)
decrypted data: ���J�rPX �����ju�a,�xm�'�]��ٟ�?y;�)��tĹ�,�D4^�ba�8����9q
+�i��l �q]Kd�Y���u��S�B���Ϲ�^�A3
�6�dl� qU

Best Solution

RSA can only encrypt a limited amout of input. How much that is depends on the key size of RSA (1024-bit in your case) and the used padding. Everything bigger than that (128 byte when no padding is used and less if padding is used) and you cannot recover it anymore.

The solution is to use hybrid encryption.

  1. Generate a random byte string 16, 24 or 32 bytes to be used as the AES key,
  2. Encrypt the actual data with AES using the previously generated key and
  3. Encrypt the AES key with RSA.

AES encryption:

from Crypto.Cipher import AES
from Crypto import Random

aeskey =
iv =
cipher =, AES.MODE_CFB, iv)
msg = iv + cipher.encrypt(b'Attack at dawn')

RSA encryption (use a proper padding like OAEP, because textbook RSA is horribly broken):

from Crypto.Cipher import PKCS1_OAEP
from Crypto.PublicKey import RSA

message = aeskey
random_generator =
rsakey = RSA.generate(1024, random_generator)
cipher =
ciphertext = cipher.encrypt(message)

And only send msg and ciphertext. The decryption is similar, but backwards, because you first have to recover the AES key from the RSA ciphertext. Don't forget to slice off the IV when decryption with AES.