Trying to understand Java RSA key size

Question

The key generator was initilized with a size of 1024, so why the printed sizes are 635 and 162?

import java.security.KeyPair;
import java.security.KeyPairGen         


        

Answer 1

First hint: 1024 bits = 128 bytes

Second hint: privateKey.getEncoded() returns an encoded representation (i.e. not raw).

Answer 2

RSA keys are made of Modulus and Exponent. The key size refers to the bits in modulus. So even without any encoding overhead, you will need more than 128 bytes to store 1024-bit keys.

getEncoded() returns ASN.1 DER encoded objects. The private key even contains CRT parameters so it's very large.

To get key size, do something like this,

System.out.println("Key size = " + publicKey.getModulus().bitLength());

Here are the relevant ASN.1 objects,

RSAPrivateKey ::= SEQUENCE {
    version           Version,
    modulus           INTEGER,  -- n
    publicExponent    INTEGER,  -- e
    privateExponent   INTEGER,  -- d
    prime1            INTEGER,  -- p
    prime2            INTEGER,  -- q
    exponent1         INTEGER,  -- d mod (p-1)
    exponent2         INTEGER,  -- d mod (q-1)
    coefficient       INTEGER,  -- (inverse of q) mod p
    otherPrimeInfos   OtherPrimeInfos OPTIONAL
}


RSAPublicKey ::= SEQUENCE {
    modulus           INTEGER,  -- n
    publicExponent    INTEGER   -- e
}