I'm trying to implement a solution for encryption between Java and JavaScript.
on the Java end I have the following static block:
public class Manager {
public static KeyPairGenerator keyPairGenerator;
public static KeyPair keyPair;
static{
try {
keyPairGenerator = KeyPairGenerator.getInstance("RSA");
keyPairGenerator.initialize(1024);
keyPair = keyPairGenerator.genKeyPair();
} catch (NoSuchAlgorithmException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
...
}
This basically generates a fresh KeyPair once my server is up and running...
then I give the public key in a JSON format:
<%
JSONObject json = new JSONObject();
json.put("publicKey", "-----BEGIN PUBLIC KEY-----" + Base64.encodeBase64URLSafeString(Manager.keyPair.getPublic().getEncoded()) + "-----END PUBLIC KEY-----");
%>
and I want to use that key (be it 1024 or 2048 bit) to encode information coming from client's forms... anyone knows how can I encode the information using an RSA 1024 bit, base64 encoded public key?
I tried jCryption and severel other libraries to no avail...
If you don't send your public key as a certificate, you are better off just sending the modulus and the public exponent separately (eg base 64 encoded in separate fields). The default encoding will result in a X509 SubjectPublicKeyInfo ASN.1 structure, which you would need to parse in your JavaScript libraries.
Note that you are protecting only against eavesdroppers; man-in-the-middle attacks are still viable as they can replace your public key with their own. RSA 1024 is of course outdated by now. Fortunately you still have TLS/SSL to protect you.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.