Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Java Security - RSA Key generation

Posted on 2004-08-21
5
Medium Priority
?
380 Views
Last Modified: 2012-06-22
I have created the following class RSAM that generates a RSA public key and writes it to exportedRSAKey

Then another class ImportRSA reads exportedRSAKey and generates the key, however the key is not generated and "key" contains null values , could some body find what's wrong

I have done the same thing for the public key and its working fine. The purpose is well known - to do asymettric encryption

______________________________________________________________
import java.security.*;
import java.security.spec.*;
import java.io.*;

public class RSAM {
    public static void main(String args[]) {
        try {
            KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
            kpg.initialize(512, new SecureRandom(  ));
            KeyPair kp = kpg.generateKeyPair(  );
            Class spec = Class.forName(
                            "java.security.spec.RSAPrivateKeySpec");
            KeyFactory kf = KeyFactory.getInstance("RSA");
            RSAPrivateKeySpec ks = (RSAPrivateKeySpec)
                                  kf.getKeySpec(kp.getPrivate(  ), spec);
            FileOutputStream fos = new             FileOutputStream("exportedRSAKey");
            ObjectOutputStream oos = new ObjectOutputStream(fos);

            oos.writeObject(ks.getModulus());
            oos.writeObject(ks.getPrivateExponent(  ));        



        } catch (Exception e) {
            e.printStackTrace(  );
        }
    }
}

______________________________________________________________________

import java.security.*;
import java.security.spec.*;
import java.io.*;
import java.math.*;

public class ImportRSA {
    public static void main(String args[]) {
        try {
            FileInputStream fis = new FileInputStream("exportedRSAKey");
            ObjectInputStream ois = new ObjectInputStream(fis);
            RSAPrivateKeySpec ks = new RSAPrivateKeySpec(
                        (BigInteger) ois.readObject(  ),
                        (BigInteger) ois.readObject(  )                      
                        );
            KeyFactory kf = KeyFactory.getInstance("RSA");
            PrivateKey pk = kf.generatePrivate(ks);
            System.out.println("Got private key");
         System.out.println("private Key encoded :"+pk.getEncoded());

        } catch (Exception e) {
            e.printStackTrace(  );
        }
    }
}
0
Comment
Question by:anshuma
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 35

Expert Comment

by:girionis
ID: 11868413
I am not an expert on security/encryption but the null values of the encoding means that it can't find the primary encoding of the key. "Key encoding is the process of converting an encryption or decryption key into a specific encoding format for storing and transmitting."

(from: http://www.geocities.com/herong_yang/jdk/jca_encoding.html)

From what I can see you are actually using a key specification, not the key itself. SO you do not encode anything. In your second programme (ImportRSA) you get the specification of the key from the saved file (exportedRSAKey) but not the actual key and therefore not the encoding of the key. The encoding is always with regards to the key not to the key specification.



0
 

Author Comment

by:anshuma
ID: 11869928
Hi Girionis,

I have done the same things for the Public Key. If you edit the above two files and replace "private" by "public" then it actually works. I don't get a null value for the public key.

0
 
LVL 35

Accepted Solution

by:
girionis earned 600 total points
ID: 11870234
I do not know what exactly is going on, maybe because it is a public key it does not care if it exposes its encoding. Try the following and you will see it you can get the encoded key:

import java.security.*;
import java.security.spec.*;
import java.io.*;

public class RSAM {
    public static void main(String args[]) {
        try {
            KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
            kpg.initialize(512, new SecureRandom(  ));
            KeyPair kp = kpg.generateKeyPair();
            //Class spec = Class.forName("java.security.spec.RSAPrivateKeySpec");
            //KeyFactory kf = KeyFactory.getInstance("RSA");
            //RSAPrivateKeySpec ks = (RSAPrivateKeySpec) kf.getKeySpec(kp.getPrivate(), spec);
                  PrivateKey pk = kp.getPrivate();
                  /*
            FileOutputStream fos = new FileOutputStream("exportedRSAKey");
            ObjectOutputStream oos = new ObjectOutputStream(fos);

            oos.writeObject(ks.getModulus());
            oos.writeObject(ks.getPrivateExponent());
                  */
            System.out.println("Got private key");
                  System.out.println("private Key format :"+pk.getFormat());
                  System.out.println("private Key encoded :"+pk.getEncoded());

        } catch (Exception e) {
            e.printStackTrace(  );
        }
    }
}
0
 

Author Comment

by:anshuma
ID: 11870455
It works but doesn't solve my purpose. Here's what I am doing I have created 3 java files

One generates a key pair and writes the public and private key in byte formats to two different files


exportedRSAKey         - stores primary key
exportedRSAPublicKey - stores public key

Then I use the other two files to read them and generate the keys and use them to encrypt and decrypt.

By using your program , I still need to write the key bytes in two files and generate the keys at some other location
0
 
LVL 35

Expert Comment

by:girionis
ID: 11870893
Hmm.. Sorry I am not sure what's going on, I have only limited experience with security and encryption. Maybe someone else can help you.
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction This article is the last of three articles that explain why and how the Experts Exchange QA Team does test automation for our web site. This article covers our test design approach and then goes through a simple test case example, how …
In this post we will learn different types of Android Layout and some basics of an Android App.
Viewers will learn about arithmetic and Boolean expressions in Java and the logical operators used to create Boolean expressions. We will cover the symbols used for arithmetic expressions and define each logical operator and how to use them in Boole…
Viewers will learn how to properly install Eclipse with the necessary JDK, and will take a look at an introductory Java program. Download Eclipse installation zip file: Extract files from zip file: Download and install JDK 8: Open Eclipse and …
Suggested Courses

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question