RSA (Rivest–Shamir–Adleman) is one of the first public-key cryptosystems and is widely used for secure data transmission. In such a cryptosystem, the encryption key is public and it is different from the decryption key which is kept secret (private). In RSA, this asymmetry is based on the practical difficulty of the factorization of the product of two large prime numbers, the "factoring problem". The acronym RSA is made of the initial letters of the surnames of Ron Rivest, Adi Shamir, and Leonard Adleman, who first publicly described the algorithm in 1978. Clifford Cocks, an English mathematician working for the British intelligence agency Government Communications Headquarters (GCHQ), had developed an equivalent system in 1973, but this was not declassified until 1997.

Public key cryptography uses a pair of keys for encryption. Distribute the public key to whoever needs it but safely secure the private key.

Public key cryptography can be used in two modes:

  • Encryption: Only the private key can decrypt the data encrypted with the public key.
  • Authentication: Data encrypted with the private key can only be decrypted with the public key thus proving who the data came from.

1 Generate KeyPair

A key Pair is a randomly generated public and private keys. Next you can see how to generate a Key Pair and to extract public and private keys in PEM format:

Copy
<script>
    var rsa = new Ax.crypt.RSA();
    // Initializes the key pair generator for a certain keysize using a default parameter 
    // set and the SecureRandom implementation of the highest-priority installed provider
    // as the source of randomness. (If none of the installed providers supply an
    // implementation of SecureRandom, a system-provided source of randomness is used.)
    // If no keysize specified, defaults to 2048
    var key_pair = rsa.generateKeyPair();
    var pub_pem  = rsa.toPublicKey(key_pair);
    var pri_pem  = rsa.toPrivateKey(key_pair);
    console.log(pub_pem);
    console.log(pri_pem);
</script>
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjHwT3NVJAMYdD2HnBANpZLsmldJXdZxe
t+qJ6upsj71aHiTBTDO5HrFUyMXy5S1DqHYVmSAOT05fTNWF6GHqA/zmN+AvcjhKmRLhJIwJ/lC/
5UPnNcUVHD3ygw1B2RhAAUTiqSqdXSdDzCmtE60T4pIvKPe4UfJLBJ+SYEANoxwCt3QBLLhLH39F
uXZ++03c+LU3VNB4y68SyhSW8fajKPpxirfjWpP6dGL+emwW9u/oQ0ARhlgPxU1K2FhyNjQkhpRH
dqUS1lOhDqvGYUp5dO3Q5JyPwVf/6tIF8SnEnKmeH63XH/jqYM+SX8ObCQ5ll/sbvHaz0F94rqu1
KCH2bwIDAQAB
-----END PUBLIC KEY-----

-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCMfBPc1UkAxh0PYecEA2lkuyaV
0ld1nF636onq6myPvVoeJMFMM7kesVTIxfLlLUOodhWZIA5PTl9M1YXoYeoD/OY34C9yOEqZEuEk
jAn+UL/lQ+c1xRUcPfKDDUHZGEABROKpKp1dJ0PMKa0TrRPiki8o97hR8ksEn5JgQA2jHAK3dAEs
uEsff0W5dn77Tdz4tTdU0HjLrxLKFJbx9qMo+nGKt+Nak/p0Yv56bBb27+hDQBGGWA/FTUrYWHI2
NCSGlEd2pRLWU6EOq8ZhSnl07dDknI/BV//q0gXxKcScqZ4frdcf+Opgz5Jfw5sJDmWX+xu8drPQ
X3iuq7UoIfZvAgMBAAECggEAMxnjI74Vmwl1gqXrIYOYL8L/6xmjJK3nqmDPIDt7l+GZyUM3aN+b
o/V/ULTogMKxTLL/cj691c09TzaQShJrzF2O5J5Qw+yD/iBm8yNZcz+uPdgwX1e8MRS7hT4qSKzQ
g2WqSTyuFzd0Kuyx/2lCxXTFYNKTIoPPE/Rziz1heIXo8fg8JH0ztCFBkeiAhZAxmS21oayDye1s
QTYrySDMH/16bzywIXngAK6Ij1weLIBZ+sIBJRJgNS8R6nTg4EQHwNblqhPOEHNtYl/SZxtTIsMa
HQ/qC6oTi39GFouDks2AXMmK/fnlFpV1ffaFKQjy9nEthodbgGteJxDgqBwjIQKBgQDgQ91Nh90k
u4L9wWBZLlqH6K/+DbBzQngqhAruiMZ2sQcJ/kQja8zNb+YKkcvX6o6PiZ/TYkx6+V+OjQyVGV1g
cARwLnbQtQOYmRZyWZxIWYRGGRzx3OXp/KATPAONmuT/n/MBCi/imW2k8DSRSXVhDXP8ifsnMAJy
n5cS76GjkQKBgQCgXTfQNj5iX5gBnjlosPfv/GMBw+3Cb5F0QaxZaexCaPa9WpzMw4MAXCnzYjaK
GvJxW8fTn21oaFL9XXJsP0+pgCCKIqeVK3dWpmN1yFMzPj7/KyMaBozrYKZyLZEQT9vuXA6Ovgeg
J+ro20dQHPr3Ks/uPhpoG0IudsixSYj5/wKBgQC6OEAECAQeY0HDGha6Ft5/qjyxNYbGPnRvwVMe
fR5nIlpY9vR3gST/laIsNqJQOOmF0N6Q9TfSiU3Knd7L09MQqBNXX42zggtpY/0amMRH42UNm/7H
6whSwj3dmuDMbcknZhavT1kxzPsZkYfk+F1qaHReR+jvwlLWASS+SZMrsQKBgF96AJ/zm8LgHVVh
Sdbd/lAg2SWU7HrmCBjKfP2jRenoKndkepSjFtzhAo0IfWZOUuhQ97E0a2RNMJPuzhBKxXgqc7Uq
mtICVgP9/puCkJ6iwckUesqk+cOuAItcO9EVauEIaBZuZ4XgHklTPKsjBfygvbmfugMfr5CQYj7D
hE0rAoGASAd7uFmC/EqRYgKnJFqhbjXXHrTDjVFZkZLPRw+3zagAD7NNB3dqdcTBYfjT+yPYp34o
8lG8WUkIIE2b5NQFG2+a1P9k10WJXyIlK9QOymfvEyAxz1rugDMaMubFKfRs8hj5LI+Hv7iWDl/p
wBvRnQbnBorp3bSfjqvnAbiiBRk=
-----END PRIVATE KEY-----

2 Encrypt

To encrypt a message using a public key in PEM format.

Copy
<script>
    var rsa = new Ax.crypt.RSA();
    rsa.loadPublicKey(`
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjHwT3NVJAMYdD2HnBANpZLsmldJXdZxe
t+qJ6upsj71aHiTBTDO5HrFUyMXy5S1DqHYVmSAOT05fTNWF6GHqA/zmN+AvcjhKmRLhJIwJ/lC/
5UPnNcUVHD3ygw1B2RhAAUTiqSqdXSdDzCmtE60T4pIvKPe4UfJLBJ+SYEANoxwCt3QBLLhLH39F
uXZ++03c+LU3VNB4y68SyhSW8fajKPpxirfjWpP6dGL+emwW9u/oQ0ARhlgPxU1K2FhyNjQkhpRH
dqUS1lOhDqvGYUp5dO3Q5JyPwVf/6tIF8SnEnKmeH63XH/jqYM+SX8ObCQ5ll/sbvHaz0F94rqu1
KCH2bwIDAQAB
-----END PUBLIC KEY-----    
`);
    var secret = "This is a secret message";
    // encrypt a string or byte[]
    // string is converted to byte[] using utf-8 encoding
    var msg_encrypted = rsa.encrypt(secret);
    console.log(rsg_encrypted);
    console.log("----");
    console.log(rsa.toBase64(msg_encrypted));
</script>
This is a secret message
----
H3dzOOKrouWSu4kadHxIfxkX4bjE32QdWkejJdmFB51KtR1WzXfZE3DwdyGjrWalGme7f8iJtRs9
U7Tzryxckg4SFxtBymbL3g2ohGmFWiBLZh3sI3mcUxYU2nodSPoL0mIdw9ncx6RUq62JMZON2kz1
D5XnU+LjgS3QUpkOwj1JY3UB4bGFzqCEceD9KP68WgX1HdODY8wFj702zrCjn6SVKdEmVMJ9oqS6
FEOgYt7lX2QQ0qLcF+7hKRHR/5/E7uw6grBaTHSxppM9SaMNHuvysr1h1Ea36rmc/zyeF/ls2GTb
eoy0fkBfl/V/5zmXG65qlHhe8OByJQ7SLcUx/A==

3 Decrypt

To decrypt a crypted message.

Copy
<script>
    var rsa = new Ax.crypt.RSA();
    rsa.loadPrivateKey(`
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCMfBPc1UkAxh0PYecEA2lkuyaV
0ld1nF636onq6myPvVoeJMFMM7kesVTIxfLlLUOodhWZIA5PTl9M1YXoYeoD/OY34C9yOEqZEuEk
jAn+UL/lQ+c1xRUcPfKDDUHZGEABROKpKp1dJ0PMKa0TrRPiki8o97hR8ksEn5JgQA2jHAK3dAEs
uEsff0W5dn77Tdz4tTdU0HjLrxLKFJbx9qMo+nGKt+Nak/p0Yv56bBb27+hDQBGGWA/FTUrYWHI2
NCSGlEd2pRLWU6EOq8ZhSnl07dDknI/BV//q0gXxKcScqZ4frdcf+Opgz5Jfw5sJDmWX+xu8drPQ
X3iuq7UoIfZvAgMBAAECggEAMxnjI74Vmwl1gqXrIYOYL8L/6xmjJK3nqmDPIDt7l+GZyUM3aN+b
o/V/ULTogMKxTLL/cj691c09TzaQShJrzF2O5J5Qw+yD/iBm8yNZcz+uPdgwX1e8MRS7hT4qSKzQ
g2WqSTyuFzd0Kuyx/2lCxXTFYNKTIoPPE/Rziz1heIXo8fg8JH0ztCFBkeiAhZAxmS21oayDye1s
QTYrySDMH/16bzywIXngAK6Ij1weLIBZ+sIBJRJgNS8R6nTg4EQHwNblqhPOEHNtYl/SZxtTIsMa
HQ/qC6oTi39GFouDks2AXMmK/fnlFpV1ffaFKQjy9nEthodbgGteJxDgqBwjIQKBgQDgQ91Nh90k
u4L9wWBZLlqH6K/+DbBzQngqhAruiMZ2sQcJ/kQja8zNb+YKkcvX6o6PiZ/TYkx6+V+OjQyVGV1g
cARwLnbQtQOYmRZyWZxIWYRGGRzx3OXp/KATPAONmuT/n/MBCi/imW2k8DSRSXVhDXP8ifsnMAJy
n5cS76GjkQKBgQCgXTfQNj5iX5gBnjlosPfv/GMBw+3Cb5F0QaxZaexCaPa9WpzMw4MAXCnzYjaK
GvJxW8fTn21oaFL9XXJsP0+pgCCKIqeVK3dWpmN1yFMzPj7/KyMaBozrYKZyLZEQT9vuXA6Ovgeg
J+ro20dQHPr3Ks/uPhpoG0IudsixSYj5/wKBgQC6OEAECAQeY0HDGha6Ft5/qjyxNYbGPnRvwVMe
fR5nIlpY9vR3gST/laIsNqJQOOmF0N6Q9TfSiU3Knd7L09MQqBNXX42zggtpY/0amMRH42UNm/7H
6whSwj3dmuDMbcknZhavT1kxzPsZkYfk+F1qaHReR+jvwlLWASS+SZMrsQKBgF96AJ/zm8LgHVVh
Sdbd/lAg2SWU7HrmCBjKfP2jRenoKndkepSjFtzhAo0IfWZOUuhQ97E0a2RNMJPuzhBKxXgqc7Uq
mtICVgP9/puCkJ6iwckUesqk+cOuAItcO9EVauEIaBZuZ4XgHklTPKsjBfygvbmfugMfr5CQYj7D
hE0rAoGASAd7uFmC/EqRYgKnJFqhbjXXHrTDjVFZkZLPRw+3zagAD7NNB3dqdcTBYfjT+yPYp34o
8lG8WUkIIE2b5NQFG2+a1P9k10WJXyIlK9QOymfvEyAxz1rugDMaMubFKfRs8hj5LI+Hv7iWDl/p
wBvRnQbnBorp3bSfjqvnAbiiBRk=
-----END PRIVATE KEY-----
`);


    // msg_encrypted is the encrypted message stored in base64
    var msg_encrypted = `H3dzOOKrouWSu4kadHxIfxkX4bjE32QdWkejJdmFB51KtR1WzXfZE3DwdyGjrWalGme7f8iJtRs9
U7Tzryxckg4SFxtBymbL3g2ohGmFWiBLZh3sI3mcUxYU2nodSPoL0mIdw9ncx6RUq62JMZON2kz1
D5XnU+LjgS3QUpkOwj1JY3UB4bGFzqCEceD9KP68WgX1HdODY8wFj702zrCjn6SVKdEmVMJ9oqS6
FEOgYt7lX2QQ0qLcF+7hKRHR/5/E7uw6grBaTHSxppM9SaMNHuvysr1h1Ea36rmc/zyeF/ls2GTb
eoy0fkBfl/V/5zmXG65qlHhe8OByJQ7SLcUx/A==`

    // msg_decrypted is a byte[] of message.
    var msg_decrypted = rsa.decrypt(msg_encrypted);
    // Convert to string before print using rsa toString method.
    console.log(rsa.toString(msg_decrypted));
    // Convert to string using String class    
    console.log(new Ax.text.String(msg_decrypted, "utf-8"));


</script>
This is a secret message