Using AES With RSA for File Encryption and Decryption in Java

AES can be used for encrypting the file and RSA for encrypting the AES key.

“The secret of education lies in respecting the pupil.”
― Ralph Waldo Emerson

1. Introduction

In the previous part of this article, we covered the use of RSA for file encryption and decryption in java. Using RSA directly for file encryption will not work since it can only be used with small buffer sizes. In our particular case, with an RSA key size of 2048 bits, we ran into a limitation of a maximum of 245 bytes for the data size.

The solution for this limitation is to use a symmetric algorithm such as AES for encryption while using RSA for encrypting the AES secret key itself. When using AES for encryption, the initialization vector (IV) also needs to be communicated to the receiver for being able to decrypt the message. The entire process of using AES for encryption is covered in detail in this article here.

In the current case, we will generate an AES key, use the AES key for encrypting the file, and use RSA for encrypting the AES key. The output file is generated by including the encrypted AES key at the beginning of the file, followed by the initialization vector (IV) and finally the file data encrypted by AES. This way, just the output file can be delivered to the receiver, instead of the three separate components.

[Note: Check out how to use AES for file encryption and decryption in python.]

2. Java Imports

These are the required java imports for the implementation

import java.nio.file.Files;
import java.nio.file.Paths;
import java.io.FileWriter;
import java.io.InputStream;
import java.io.OutputStream;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.util.Base64;
import java.util.Arrays;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import javax.crypto.spec.IvParameterSpec;

3. Generating the AES Key

First step is to generate the AES key which will be used for the encryption. We generate a key of size 128 bits.

KeyGenerator kgen = KeyGenerator.getInstance("AES");
kgen.init(128);
SecretKey skey = kgen.generateKey();

We also need the initialization vector of the same size as the key, which we generate as follows (along with the required IvParameterSpec):

byte[] iv = new byte[128/8];
srandom.nextBytes(iv);
IvParameterSpec ivspec = new IvParameterSpec(iv);

4. Loading the RSA Private Key

Load the RSA private key from file using the appropriate class.

byte[] bytes = Files.readAllBytes(Paths.get(pvtKeyFile));
PKCS8EncodedKeySpec ks = new PKCS8EncodedKeySpec(bytes);
KeyFactory kf = KeyFactory.getInstance("RSA");
PrivateKey pvt = kf.generatePrivate(ks);

5. Save the AES Key

As mentioned above, the first part of the output file contains the encrypted AES key. For encryption, we use the Cipher class with the RSA private key and save it as follows:

FileOutputStream out = new FileOutputStream(inputFile + ".enc");
Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
cipher.init(Cipher.ENCRYPT_MODE, pvt);
byte[] b = cipher.doFinal(skey.getEncoded());
out.write(b);

6. Write the Initialization Vector

The initialization vector is next written to the output file. This is required for decryption using the AES key.

out.write(iv);

7. Encrypting the File Contents using the AES Key

The final step is to encrypt the contents of the file using the AES and write it to the output file.

Cipher ci = Cipher.getInstance("AES/CBC/PKCS5Padding");
ci.init(Cipher.ENCRYPT_MODE, skey, ivspec);
try (FileInputStream in = new FileInputStream(inputFile)) {
    processFile(ci, in, out);
}

Close the output file and send it to the receiver.

out.close();

8. Decrypting the File using the RSA Public Key

Since the private key has been used for encryption, the public key can be used for decrypting the file contents. Remember that the file includes the AES key encrypted with the RSA private key at the beginning followed by the initialization vector, and the encrypted file data itself. So the decryption process has to handle all these steps in order to get at the file data.

9. Load the RSA Public Key from File

We use the following code to load the RSA public key from a file where it has been saved in binary format.

String pubKeyFile = ...;
byte[] bytes = Files.readAllBytes(Paths.get(pubKeyFile));
X509EncodedKeySpec ks = new X509EncodedKeySpec(bytes);
KeyFactory kf = KeyFactory.getInstance("RSA");
PublicKey pub = kf.generatePublic(ks);

10. Load the AES Secret Key

Open the encrypted file and load the AES secret key. The AES secret key can be obtained from this data by decrypting using the RSA public key.

FileInputStream in = new FileInputStream(inputFile);
Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
cipher.init(Cipher.DECRYPT_MODE, pub);
byte[] b = new byte[256];
in.read(b);
byte[] keyb = cipher.doFinal(b);
SecretKeySpec skey = new SecretKeySpec(keyb, "AES");

11. Read the Initialization Vector

Next in the file is the initialization vector. Load it as follows:

byte[] iv = new byte[128/8];
in.read(iv);
IvParameterSpec ivspec = new IvParameterSpec(iv);

12. Decrypt the File Contents

Now comes the actual decryption of the file contents using the AES secret key. The output is written into a file with the extension .ver for verification purposes.

Cipher ci = Cipher.getInstance("AES/CBC/PKCS5Padding");
ci.init(Cipher.DECRYPT_MODE, skey, ivspec);
try (FileOutputStream out = new FileOutputStream(inputFile+".ver")){
    processFile(ci, in, out);
}

The static method processFile() is defined as before.

static private void processFile(Cipher ci,InputStream in,OutputStream out)
    throws javax.crypto.IllegalBlockSizeException,
           javax.crypto.BadPaddingException,
           java.io.IOException
{
    byte[] ibuf = new byte[1024];
    int len;
    while ((len = in.read(ibuf)) != -1) {
        byte[] obuf = ci.update(ibuf, 0, len);
        if ( obuf != null ) out.write(obuf);
    }
    byte[] obuf = ci.doFinal();
    if ( obuf != null ) out.write(obuf);
}

At this point the whole file has been decrypted and saved. You can verify that it matches the original file contents.

Conclusion

File encryption and decryption using RSA is somewhat involved since RSA encryption has a very low limit on the data that can be encrypted. The previous part of the article covered the details. To encrypt larger quantities of data, we need to use a symmetric algorithm such as AES for encryption and RSA for encrypting the AES key itself.

And here is the source code relevant to this blog post.

One thought on “Using AES With RSA for File Encryption and Decryption in Java”

Leave a Reply

Your email address will not be published. Required fields are marked *