The RSA (Rivest–Shamir–Adleman) is an asymmetric cryptography algorithm based on a pair of keys: Public and Private. The public key could be shared by everyone, it is used for encrypting the data. The private key should be kept private as the name said. It is used for decrypting the data.
The acronym RSA comes from the surnames of Ron Rivest, Adi Shamir, and Leonard Adleman, who publicly described the algorithm in 1977.
In this article, we are going to present how to generate, save and use RSA keys in Java.
2. RSA Key Pair
Let's start with generating RSA keys, using pure Java.
This code will generate a pair of RSA keys with size 1024 bits in two steps:
- first, we must create a
KeyPairGeneratorinstance by calling the method
RSAalgorithm as a parameter,
- next, we need to initialize the
KeyPairGeneratorby calling the
To get public and private key from
KeyPair we need to use the following code:
In that output we have:
X.509- means that this certificate contains information about the identity to which a certificate is issued and the identity that issued it,
PKCS#8- this is the standard for storing private key information.
3. Save Private Key and Public Key in files
Actually, generated certificates are just arrays of bytes, so we could use any method available in Java to convert byte array to a file.
In the following example we used
FileOutputStream to write bytes into an output file:
We could use an application such as
KeyStore Explorer to confirm that certificates have been generated and saved in files correctly.
4. Encrypt and decrypt strings
Let's use our certificates to encrypt and decrypt a simple string.
In order to encrypt a string using a public key, we need to create an instance of the
To create a Cipher object, we must use the
getInstance(...) method, and pass the name of the requested transformation to it.
In the next step, we invoke the
doFinal(...) method to encrypt our string. This method takes byte array so we need to convert our string to bytes.
doFinal(...) returns bytes array, so in order to present the result we could use
Base64 responsible for converting bytes into a string.
Let's check if our encrypted string is correct. We will do it by decrypting it using the
String with a new
Cipher instance but in this case dedicated for the private certificate:
To decrypt we also use the
The output confirms that certificates are generated correctly.
5. Encrypt and decrypt files
Encrypting and decrypting files using our private/public RSA keys are similar to encrypting/decrypting strings but in this case, the first step will be reading bytes from a file.
When we have byte array we could do steps like in the previous point:
In this short tutorial, we presented how to start working on RSA keys in Java. How to create them and use them for encryption and decryption of the data.
As usual, the source code is available on our GitHub.