Skip to content

Fix for RSA Usage with Short Key #3

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Fix for RSA Usage with Short Key #3

wants to merge 1 commit into from

Conversation

@qcorporation
Copy link

@qcorporation qcorporation commented Jan 10, 2020

Issue Link

Rivest-Shamir-Adleman (RSA) is an asymmetric public-key scheme, and for it to be effective in resisting attacks a factor is to set the key size to a suitable length protecting against brute-force attacks or integer factorization. NIST as of January 2015 published a paper for Key Management outlining a recommended minimum size of 2048 bits, but this is also dependent up on the longevity of the information that is being protected.

RSA Key Pair Generation

KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
kpg.initialize(2048); // or higher
KeyPair kp = kpg.generateKeyPair();

// get the private and public keys
Key pub = kp.getPublic();
Key pvt = kp.getPrivate();

// save to file
String outFile = </path/to/file>;
out = new FileOutputStream(outFile + ".key");
out.write(pvt.getEncoded());
out.close();

out = new FileOutputStream(outFile + ".pub");
out.write(pvt.getEncoded());
out.close();

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@qcorporation