RSA is a widely used encryption algorithm in computer security. It is a public-key encryption algorithm, meaning it uses two keys: one to encrypt data and the other to decrypt it. SHA256, on the other hand, is a hash function used for generating message digests or fingerprints of data.

In this blog, we will discuss how to implement RSA SHA256 encryption and decryption in Java. Let’s get started!

Step 1: Generating the Keys

To implement RSA encryption, we first need to generate a public and private key pair. We can use the KeyPairGenerator class to generate a key pair.

KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
SecureRandom random = SecureRandom.getInstance("SHA1PRNG");
keyPairGenerator.initialize(2048, random);
KeyPair keyPair = keyPairGenerator.generateKeyPair();

Here, we are creating a KeyPairGenerator instance with the RSA algorithm and initializing it with a key size of 2048 bits and the SHA1PRNG algorithm for random number generation. We then generate a key pair using the generateKeyPair() method.

Step 2: Generating the Signature

Once we have the keys, we can use the Signature class to generate the signature of the data to be encrypted. Here, we will use the SHA256withRSA algorithm.

Signature signature = Signature.getInstance("SHA256withRSA");
signature.initSign(keyPair.getPrivate());
signature.update(data.getBytes());
byte[] digitalSignature = signature.sign();

Here, we are creating a Signature instance with the SHA256withRSA algorithm, initializing it with the private key from the key pair, and updating it with the data to be encrypted. We then generate the digital signature using the sign() method.

Step 3: Encrypting the Data

To encrypt the data, we need to use the Cipher class. Here, we will use the RSA/ECB/OAEPWithSHA-256AndMGF1Padding algorithm.

Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPWithSHA-256AndMGF1Padding");
cipher.init(Cipher.ENCRYPT_MODE, keyPair.getPublic());
byte[] encryptedData = cipher.doFinal(data.getBytes());

Here, we are creating a Cipher instance with the RSA/ECB/OAEPWithSHA-256AndMGF1Padding algorithm, initializing it with the public key from the key pair, and encrypting the data using the doFinal() method.

Step 4: Decrypting the Data

To decrypt the data, we need to use the same Cipher instance we used for encryption.

cipher.init(Cipher.DECRYPT_MODE, keyPair.getPrivate());
byte[] decryptedData = cipher.doFinal(encryptedData);

Here, we are initializing the Cipher instance with the private key from the key pair and decrypting the data using the doFinal() method.

Step 5: Verifying the Signature

Finally, we can verify the digital signature using the Signature class.

signature.initVerify(keyPair.getPublic());
signature.update(data.getBytes());
boolean verified = signature.verify(digitalSignature);

Here, we are initializing the Signature instance with the public key from the key pair, updating it with the data to be encrypted, and verifying the digital signature using the verify() method.

That’s it! We have successfully implemented RSA SHA256 encryption and decryption in Java.

Here’s the complete code:

import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import javax.crypto.Cipher;

public class RSAEncryption {

    public static void main(String[] args) throws Exception {
        String plainText = "clear text password";
        
        // Generate public and private keys using RSA algorithm
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
        keyPairGenerator.initialize(2048);
        KeyPair keyPair = keyPairGenerator.generateKeyPair();
        PublicKey publicKey = keyPair.getPublic();
        PrivateKey privateKey = keyPair.getPrivate();

        // Create a signature object and initialize it with the private key
        Signature signature = Signature.getInstance("SHA256withRSA");
        signature.initSign(privateKey);
        signature.update(plainText.getBytes());

        // Generate signature using the private key
        byte[] signatureBytes = signature.sign();
        System.out.println("Digital signature for the given text: " + new String(signatureBytes));

        // Encrypt plain text using public key
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        cipher.init(Cipher.ENCRYPT_MODE, publicKey);
        byte[] encryptedBytes = cipher.doFinal(plainText.getBytes());
        System.out.println("Encrypted text: " + new String(encryptedBytes));

        // Decrypt cipher text using private key
        cipher.init(Cipher.DECRYPT_MODE, privateKey);
        byte[] decryptedBytes = cipher.doFinal(encryptedBytes);
        System.out.println("Decrypted text: " + new String(decryptedBytes));

        // Verify signature using public key
        signature.initVerify(publicKey);
        signature.update(plainText.getBytes());
        boolean isVerified = signature.verify(signatureBytes);
        System.out.println("Signature verification status: " + isVerified);
    }
}

This code generates public and private keys using the RSA algorithm, creates a digital signature using SHA256withRSA, encrypts and decrypts plain text using the public and private keys respectively, and verifies the signature using the public key.