All Packages Class Hierarchy This Package Previous Next Index
Class is.logi.crypto.keys.RSAKey
java.lang.Object
|
+----is.logi.crypto.Crypto
|
+----is.logi.crypto.keys.K
|
+----is.logi.crypto.keys.RSAKey
- public class RSAKey
- extends K
- implements CipherKey, SignatureKey
The RSA algorithm is probably the best known and most widely used
public key algorithm. Breaking one RSA key is believed to be as
difficult as factoring the large integer that comprises the key, and
there is no known way to do this in a reasonable time. Therefore RSA
should be about as secure as anything if you keep your keys long. 1024
bits should be more than enough in most cases, but the clinically
paranoid may want to use up to 4096 bit keys.
Each RSA key is a pair (r,n) of integers and matches another key (s,n).
If P is a block of plain data represented as an integer smaller than n,
then it can be encrypted with the transformation:
E = (P^r) mod n
which has the inverse transformation:
P = (E^s) mod n
The key owner will keep one key secret and publish the other as widely
as possible. This allows anyone who gets hold of the public key to
encrypt data which can only be decrypted with the corresponding private
key.
Data that is encrypted with a private key can similarly only be
decrypted with the corresponding public key. This is useful for digital
signatures.
When P is created from an array of bytes, it will correspond to as many
bytes of plain data as the bytes needed to store n, less one.
Each chunk of ciphertext encrypted with RSAKey has as many bytes as the
key modulo. However, the plaintext it encodes has one less byte.
The CDS for the RSAKey class is RSAKey(r,n,pub)
for a public key,
RSAKey(r,n,pri)
for a private key or RSAKey(r,n,p)
for a private key where we know one factor of n
. In all cases
r
, n
and p
are hexadecimal numbers.
- Author:
- Logi Ragnarsson
(logir@hi.is)
- See Also:
- Signature, fromString
-
RSAKey(BigInteger, BigInteger, boolean)
- Create a new RSA key
(r,n)
.
-
cipherBlockSize()
- Returns the size of the blocks that can be decrypted in one call
to decrypt().
-
createKeys(BigInteger, BigInteger, BigInteger)
- Create a KeyPair object holding objects for the public RSA key
(r,n)
and the private RSA key (s,n).
-
createKeys(int)
- Create a pair of public/private keys.
-
decrypt(byte[], int, byte[], int)
- Decrypt one block of data.
-
encrypt(byte[], int, byte[], int)
- Encrypt one block of data.
-
equals(Object)
- Return true iff the two keys are equivalent.
-
getAlgorithm()
- The name of the algorithm is "RSA".
-
getSize()
- Return the size of the key modulo in bits.
-
isPrivate()
- Return true iff this is a private key.
-
matches(Key)
- Check if a key mathces this.
-
parseCDS(String)
- If "RSAKey( key )" is a valid CDS for a RSAKey, then
RSAKey.parseCDS(key) will return the described RSAKey object.
-
plainBlockSize()
- Returns the size of the blocks that can be encrypted in one call
to encrypt().
-
sign(Fingerprint)
- Create a signature for a Fingerprint.
-
signatureSize()
- Returns the length of the signature in bytes.
-
signBlockSize()
- Returns the maximum size in bytes of the fingerprint
that can be signed.
-
toString()
- Return a CDS for this key.
-
verify(Signature, Fingerprint)
- Verify a Signature on a Fingerprint.
RSAKey
public RSAKey(BigInteger r,
BigInteger n,
boolean pri)
- Create a new RSA key
(r,n)
.
It is a private key if pri
is true.
parseCDS
public static RSAKey parseCDS(String key) throws InvalidCDSException
- If "RSAKey( key )" is a valid CDS for a RSAKey, then
RSAKey.parseCDS(key) will return the described RSAKey object.
A valid CDS can be created by calling the RSAKey.toString() method.
- Throws: InvalidCDSException
- if the CDS is malformed.
- See Also:
- fromString
createKeys
public static KeyPair createKeys(int bitLength)
- Create a pair of public/private keys. The key modulo will be
bitLength
or bitLength-1
bits.
createKeys
public static KeyPair createKeys(BigInteger r,
BigInteger s,
BigInteger n) throws KeyException
- Create a KeyPair object holding objects for the public RSA key
(r,n)
and the private RSA key (s,n).
- Throws: KeyException
- if (r,n) and (s,n) does not describe a valid
pair of RSA keys.
getSize
public int getSize()
- Return the size of the key modulo in bits.
- Overrides:
- getSize in class K
getAlgorithm
public String getAlgorithm()
- The name of the algorithm is "RSA".
- Overrides:
- getAlgorithm in class K
isPrivate
public boolean isPrivate()
- Return true iff this is a private key.
- Overrides:
- isPrivate in class K
toString
public String toString()
- Return a CDS for this key.
- Overrides:
- toString in class Object
- See Also:
- fromString
equals
public boolean equals(Object o)
- Return true iff the two keys are equivalent.
- Overrides:
- equals in class Object
matches
public final boolean matches(Key key)
- Check if a key mathces this. This is true if this and key are a matched
pair of public/private keys.
- Overrides:
- matches in class K
plainBlockSize
public int plainBlockSize()
- Returns the size of the blocks that can be encrypted in one call
to encrypt(). For RSA keys this depends on the size of the key.
cipherBlockSize
public int cipherBlockSize()
- Returns the size of the blocks that can be decrypted in one call
to decrypt(). For RSA keys this depends on the size of the key.
encrypt
public void encrypt(byte source[],
int i,
byte dest[],
int j)
- Encrypt one block of data. The plaintext is taken from
source
starting at offset i
and
ciphertext is written to dest
, starting at
offset j
.
The amount of data read and written will match the values returned
by plainBlockSize()
and cipherBlockSize()
.
decrypt
public void decrypt(byte source[],
int i,
byte dest[],
int j)
- Decrypt one block of data. The ciphertext is taken from
source
starting at offset i
and
plaintext is written to dest
, starting at
offset j
.
The amount of data read and written will match the values returned
by cipherBlockSize()
and plainBlockSize()
.
signBlockSize
public int signBlockSize()
- Returns the maximum size in bytes of the fingerprint
that can be signed.
signatureSize
public int signatureSize()
- Returns the length of the signature in bytes.
sign
public Signature sign(Fingerprint fp) throws KeyException
- Create a signature for a Fingerprint.
- Throws: KeyException
- if the key modulus is shorter than the signature.
verify
public boolean verify(Signature s,
Fingerprint fp)
- Verify a Signature on a Fingerprint.
The methor returns true iff s
is a signature for
fp
created with other key in the pair.
All Packages Class Hierarchy This Package Previous Next Index