Solved

Java Security - RSA Key generation

Posted on 2004-08-21
5
357 Views
Last Modified: 2012-06-22
I have created the following class RSAM that generates a RSA public key and writes it to exportedRSAKey

Then another class ImportRSA reads exportedRSAKey and generates the key, however the key is not generated and "key" contains null values , could some body find what's wrong

I have done the same thing for the public key and its working fine. The purpose is well known - to do asymettric encryption

______________________________________________________________
import java.security.*;
import java.security.spec.*;
import java.io.*;

public class RSAM {
    public static void main(String args[]) {
        try {
            KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
            kpg.initialize(512, new SecureRandom(  ));
            KeyPair kp = kpg.generateKeyPair(  );
            Class spec = Class.forName(
                            "java.security.spec.RSAPrivateKeySpec");
            KeyFactory kf = KeyFactory.getInstance("RSA");
            RSAPrivateKeySpec ks = (RSAPrivateKeySpec)
                                  kf.getKeySpec(kp.getPrivate(  ), spec);
            FileOutputStream fos = new             FileOutputStream("exportedRSAKey");
            ObjectOutputStream oos = new ObjectOutputStream(fos);

            oos.writeObject(ks.getModulus());
            oos.writeObject(ks.getPrivateExponent(  ));        



        } catch (Exception e) {
            e.printStackTrace(  );
        }
    }
}

______________________________________________________________________

import java.security.*;
import java.security.spec.*;
import java.io.*;
import java.math.*;

public class ImportRSA {
    public static void main(String args[]) {
        try {
            FileInputStream fis = new FileInputStream("exportedRSAKey");
            ObjectInputStream ois = new ObjectInputStream(fis);
            RSAPrivateKeySpec ks = new RSAPrivateKeySpec(
                        (BigInteger) ois.readObject(  ),
                        (BigInteger) ois.readObject(  )                      
                        );
            KeyFactory kf = KeyFactory.getInstance("RSA");
            PrivateKey pk = kf.generatePrivate(ks);
            System.out.println("Got private key");
         System.out.println("private Key encoded :"+pk.getEncoded());

        } catch (Exception e) {
            e.printStackTrace(  );
        }
    }
}
0
Comment
Question by:anshuma
  • 3
  • 2
5 Comments
 
LVL 35

Expert Comment

by:girionis
ID: 11868413
I am not an expert on security/encryption but the null values of the encoding means that it can't find the primary encoding of the key. "Key encoding is the process of converting an encryption or decryption key into a specific encoding format for storing and transmitting."

(from: http://www.geocities.com/herong_yang/jdk/jca_encoding.html)

From what I can see you are actually using a key specification, not the key itself. SO you do not encode anything. In your second programme (ImportRSA) you get the specification of the key from the saved file (exportedRSAKey) but not the actual key and therefore not the encoding of the key. The encoding is always with regards to the key not to the key specification.



0
 

Author Comment

by:anshuma
ID: 11869928
Hi Girionis,

I have done the same things for the Public Key. If you edit the above two files and replace "private" by "public" then it actually works. I don't get a null value for the public key.

0
 
LVL 35

Accepted Solution

by:
girionis earned 200 total points
ID: 11870234
I do not know what exactly is going on, maybe because it is a public key it does not care if it exposes its encoding. Try the following and you will see it you can get the encoded key:

import java.security.*;
import java.security.spec.*;
import java.io.*;

public class RSAM {
    public static void main(String args[]) {
        try {
            KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
            kpg.initialize(512, new SecureRandom(  ));
            KeyPair kp = kpg.generateKeyPair();
            //Class spec = Class.forName("java.security.spec.RSAPrivateKeySpec");
            //KeyFactory kf = KeyFactory.getInstance("RSA");
            //RSAPrivateKeySpec ks = (RSAPrivateKeySpec) kf.getKeySpec(kp.getPrivate(), spec);
                  PrivateKey pk = kp.getPrivate();
                  /*
            FileOutputStream fos = new FileOutputStream("exportedRSAKey");
            ObjectOutputStream oos = new ObjectOutputStream(fos);

            oos.writeObject(ks.getModulus());
            oos.writeObject(ks.getPrivateExponent());
                  */
            System.out.println("Got private key");
                  System.out.println("private Key format :"+pk.getFormat());
                  System.out.println("private Key encoded :"+pk.getEncoded());

        } catch (Exception e) {
            e.printStackTrace(  );
        }
    }
}
0
 

Author Comment

by:anshuma
ID: 11870455
It works but doesn't solve my purpose. Here's what I am doing I have created 3 java files

One generates a key pair and writes the public and private key in byte formats to two different files


exportedRSAKey         - stores primary key
exportedRSAPublicKey - stores public key

Then I use the other two files to read them and generate the keys and use them to encrypt and decrypt.

By using your program , I still need to write the key bytes in two files and generate the keys at some other location
0
 
LVL 35

Expert Comment

by:girionis
ID: 11870893
Hmm.. Sorry I am not sure what's going on, I have only limited experience with security and encryption. Maybe someone else can help you.
0

Featured Post

Active Directory Webinar

We all know we need to protect and secure our privileges, but where to start? Join Experts Exchange and ManageEngine on Tuesday, April 11, 2017 10:00 AM PDT to learn how to track and secure privileged users in Active Directory.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
servlet example issue 6 46
spring jars download 1 36
ejb on wildfly 5 30
Java syntax, or is it Selenium 6 30
After being asked a question last year, I went into one of my moods where I did some research and code just for the fun and learning of it all.  Subsequently, from this journey, I put together this article on "Range Searching Using Visual Basic.NET …
Are you developing a Java application and want to create Excel Spreadsheets? You have come to the right place, this article will describe how you can create Excel Spreadsheets from a Java Application. For the purposes of this article, I will be u…
Viewers learn how to read error messages and identify possible mistakes that could cause hours of frustration. Coding is as much about debugging your code as it is about writing it. Define Error Message: Line Numbers: Type of Error: Break Down…
Viewers will learn about if statements in Java and their use The if statement: The condition required to create an if statement: Variations of if statements: An example using if statements:

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question