java encrypt and decrypt using key pair?

3
votes

does anyone know how to encrypt and decrypt a string object using RSA public and private keys?

i have created private and public keys below using KeyPair generator but i now want to use the public key to encrypt data, and a private key to decrypt it.

public class Keys {

    private static KeyPairGenerator generator;

    private static KeyPair keyPair;

    private static PrivateKey mPrivateKey;

    private static PublicKey mPublicKey;

    private static SecureRandom secureRandom;

    private static final String SHA1PRNG = "SHA1PRNG";

    public static final String RSA = "RSA";

    private Keys() throws NoSuchAlgorithmException {
        generator = KeyPairGenerator.getInstance("RSA");
    }

    /**
     * Generate private and public key pairs
     * 
     * @throws NoSuchAlgorithmException
     */
    private static void generateKeyPair() throws NoSuchAlgorithmException {
        // create SecureRandom object used to generate key pairs

        secureRandom = SecureRandom.getInstance(SHA1PRNG);

        // initialise generator
        generator = KeyPairGenerator.getInstance(RSA);
        generator.initialize(1024, secureRandom);

        // generate keypair using generator
        keyPair = generator.generateKeyPair();

        // asssign private and public keys
        setPrivateKey(keyPair.getPrivate());
        setPublicKey(keyPair.getPublic());

    }

    /**
     * Get private key from key generated
     * @return
     * @throws NoSuchAlgorithmException
     */
    public static PrivateKey getPrivateKey() throws NoSuchAlgorithmException {

        if (mPrivateKey == null) {
            generateKeyPair();
        }
        return mPrivateKey;
    }

    private static void setPrivateKey(PrivateKey privateKey) {
        mPrivateKey = privateKey;
    }

    /**
     * Get public key from key pair generated
     * 
     * @return
     * @throws NoSuchAlgorithmException
     */
    public PublicKey getPublicKey() throws NoSuchAlgorithmException {
        if (mPublicKey == null) {
            generateKeyPair();
        }
        return mPublicKey;
    }

    private static void setPublicKey(PublicKey publicKey) {
        mPublicKey = publicKey;
    }

is this possible or does the encryption have to share and use the same key?

The main aim is this.

i will have two clients that can send and receive encrypted data to eachother.

For Client A to recieve encrypted data:

Client B requests for Client A's Public key. Client B encrypts string and sends it to Client A. Client A recieves this encrypted String and then uses its own private key to decrypt it.

Vice versa if Client B wishes to recieve encrypted data.

1
javaencryptioncryptographykey-pair
Is there anything wrong with your key generation code? If not, then it can probably be removed from the question.Duncan Jones

1 Answers

5
votes

RSA encryption can only be used to encrypt data that is smaller than the modulus of the key. I.e. a 2048-bit RSA public key can only encrypt 256 bytes of data. Some of this data is needed for padding bytes, so typically one is left with even less space to play with.

Commonly this is solved with a hybrid encryption scheme. That is, the data itself is encryption with a temporary symmetric session key, then the session key is encrypted with the recipient's public key. Both the encrypted data and the encrypted session key are sent to the recipient.

You may wish to consider something like OpenPGP, which implements this behaviour (and more). BouncyCastle offesr an OpenPGP implementation for Java.