Solved

Java Security - RSA Key generation

Posted on 2004-08-21
5
346 Views
Last Modified: 2012-06-22
I have created the following class RSAM that generates a RSA public key and writes it to exportedRSAKey

Then another class ImportRSA reads exportedRSAKey and generates the key, however the key is not generated and "key" contains null values , could some body find what's wrong

I have done the same thing for the public key and its working fine. The purpose is well known - to do asymettric encryption

______________________________________________________________
import java.security.*;
import java.security.spec.*;
import java.io.*;

public class RSAM {
    public static void main(String args[]) {
        try {
            KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
            kpg.initialize(512, new SecureRandom(  ));
            KeyPair kp = kpg.generateKeyPair(  );
            Class spec = Class.forName(
                            "java.security.spec.RSAPrivateKeySpec");
            KeyFactory kf = KeyFactory.getInstance("RSA");
            RSAPrivateKeySpec ks = (RSAPrivateKeySpec)
                                  kf.getKeySpec(kp.getPrivate(  ), spec);
            FileOutputStream fos = new             FileOutputStream("exportedRSAKey");
            ObjectOutputStream oos = new ObjectOutputStream(fos);

            oos.writeObject(ks.getModulus());
            oos.writeObject(ks.getPrivateExponent(  ));        



        } catch (Exception e) {
            e.printStackTrace(  );
        }
    }
}

______________________________________________________________________

import java.security.*;
import java.security.spec.*;
import java.io.*;
import java.math.*;

public class ImportRSA {
    public static void main(String args[]) {
        try {
            FileInputStream fis = new FileInputStream("exportedRSAKey");
            ObjectInputStream ois = new ObjectInputStream(fis);
            RSAPrivateKeySpec ks = new RSAPrivateKeySpec(
                        (BigInteger) ois.readObject(  ),
                        (BigInteger) ois.readObject(  )                      
                        );
            KeyFactory kf = KeyFactory.getInstance("RSA");
            PrivateKey pk = kf.generatePrivate(ks);
            System.out.println("Got private key");
         System.out.println("private Key encoded :"+pk.getEncoded());

        } catch (Exception e) {
            e.printStackTrace(  );
        }
    }
}
0
Comment
Question by:anshuma
  • 3
  • 2
5 Comments
 
LVL 35

Expert Comment

by:girionis
ID: 11868413
I am not an expert on security/encryption but the null values of the encoding means that it can't find the primary encoding of the key. "Key encoding is the process of converting an encryption or decryption key into a specific encoding format for storing and transmitting."

(from: http://www.geocities.com/herong_yang/jdk/jca_encoding.html)

From what I can see you are actually using a key specification, not the key itself. SO you do not encode anything. In your second programme (ImportRSA) you get the specification of the key from the saved file (exportedRSAKey) but not the actual key and therefore not the encoding of the key. The encoding is always with regards to the key not to the key specification.



0
 

Author Comment

by:anshuma
ID: 11869928
Hi Girionis,

I have done the same things for the Public Key. If you edit the above two files and replace "private" by "public" then it actually works. I don't get a null value for the public key.

0
 
LVL 35

Accepted Solution

by:
girionis earned 200 total points
ID: 11870234
I do not know what exactly is going on, maybe because it is a public key it does not care if it exposes its encoding. Try the following and you will see it you can get the encoded key:

import java.security.*;
import java.security.spec.*;
import java.io.*;

public class RSAM {
    public static void main(String args[]) {
        try {
            KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
            kpg.initialize(512, new SecureRandom(  ));
            KeyPair kp = kpg.generateKeyPair();
            //Class spec = Class.forName("java.security.spec.RSAPrivateKeySpec");
            //KeyFactory kf = KeyFactory.getInstance("RSA");
            //RSAPrivateKeySpec ks = (RSAPrivateKeySpec) kf.getKeySpec(kp.getPrivate(), spec);
                  PrivateKey pk = kp.getPrivate();
                  /*
            FileOutputStream fos = new FileOutputStream("exportedRSAKey");
            ObjectOutputStream oos = new ObjectOutputStream(fos);

            oos.writeObject(ks.getModulus());
            oos.writeObject(ks.getPrivateExponent());
                  */
            System.out.println("Got private key");
                  System.out.println("private Key format :"+pk.getFormat());
                  System.out.println("private Key encoded :"+pk.getEncoded());

        } catch (Exception e) {
            e.printStackTrace(  );
        }
    }
}
0
 

Author Comment

by:anshuma
ID: 11870455
It works but doesn't solve my purpose. Here's what I am doing I have created 3 java files

One generates a key pair and writes the public and private key in byte formats to two different files


exportedRSAKey         - stores primary key
exportedRSAPublicKey - stores public key

Then I use the other two files to read them and generate the keys and use them to encrypt and decrypt.

By using your program , I still need to write the key bytes in two files and generate the keys at some other location
0
 
LVL 35

Expert Comment

by:girionis
ID: 11870893
Hmm.. Sorry I am not sure what's going on, I have only limited experience with security and encryption. Maybe someone else can help you.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
JList custom Cell Renderer refresh 15 57
split string containing \r\n in Java 46 44
hibernate example issues from command prompt 10 41
jsp insert to database example 2 24
For beginner Java programmers or at least those new to the Eclipse IDE, the following tutorial will show some (four) ways in which you can import your Java projects to your Eclipse workbench. Introduction While learning Java can be done with…
Java had always been an easily readable and understandable language.  Some relatively recent changes in the language seem to be changing this pretty fast, and anyone that had not seen any Java code for the last 5 years will possibly have issues unde…
Viewers learn about the “while” loop and how to utilize it correctly in Java. Additionally, viewers begin exploring how to include conditional statements within a while loop and avoid an endless loop. Define While Loop: Basic Example: Explanatio…
Video by: Michael
Viewers learn about how to reduce the potential repetitiveness of coding in main by developing methods to perform specific tasks for their program. Additionally, objects are introduced for the purpose of learning how to call methods in Java. Define …

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question