What are the differences between PublicKey/PrivateKey and RSAPublicKey/RSAPrivateKey?

Question

What are the major differences between RSAPublicKey and PublicKey in Java? Also I am asking the same question for the RSAPrivateKey and PrivateKey.

Answer 1

Instances of classes such as Cipher and Signature will generally accept any PublicKey or PrivateKey instance for their initialization methods during compilation. The type of key should however match the implemented algorithm. This is checked at runtime, resulting in a InvalidKeyException if the key and algorithm do not match.

This makes it possible to switch between algorithms more easily, even during runtime if so required. So most of the code can be implemented regardless of the algorithm used, at least until key type specific operations are required.

---

Note that RSAPublicKey extends PublicKey and that both are Java interfaces. In general you should yourself only use RSAPublicKey if you require the additional methods offered by the interface. This should not often be the case; for the cryptographic operations the PublicKey usually suffices.

Sometimes however you need more information such as the key size (modulus size in case of RSA) or encode the keys differently than the default encoding provides. In that case you need to use the higher level interfaces directly.

---

The KeyFactory and KeyPairGenerator factory classes simply output PublicKey or PrivateKey, the latter indirectly by outputting a generic KeyPair instance. If you need the additional methods you therefore need to cast the public key to an RSA public key:

RSAPublicKey rsaPublicKey = (RSAPublicKey) publicKey;

If you're however unsure what type of key you get you first need to validate that the type is correct using instanceof:

if (publicKey instanceof RSAPublicKey) {
    RSAPublicKey rsaPublicKey = (RSAPublicKey) publicKey;
}

or you should be willing to catch the ClassCastException that could follow.

---

Cryptographic providers, implemented according to the Java Cryptography Architecture, provide the actual implementation of these interfaces.

This explains another use of these interfaces: as long as the underlying cryptographic material such as the modulus and the exponent can be retrieved it it possible to create a key or key pair using one provider and use it within another provider. This would not be possible if the interface to retrieve the modulus and exponent was not standardized.

Hardware based providers (smart cards, HSM's) will generally throw an exception when you try to retrieve the private exponent or other private key material. This is because the key generally does not leave the hardware device; you can only perform the RSA operations on the device itself, using the designated provider.

It is not possible to use those keys in other Cipher implementations. Java therefore contains "delayed provider selection" to make sure that the right provider is chosen if it hasn't been explicitly specified during instantiation in - for instance - Cipher.getInstance(String algorithm). Instead the provider is selected during initialization.

---

RSAPrivateCrtKey is an interface that again extends RSAPrivateKey. This class contains access to the parameters required to perform faster calculations that make use of the Chinese Remainder Theorem (CRT). Generally you would not need to access those parameters either.

Answer 2

PublicKey/PrivateKey are keys for some algorithm using a keypair, without specifying what the algorithm is.

Their RSA-related counterparts are their specializations for RSA algorithm. For example, RSAPublicKey has getPublicExponent() method missing in PublicKey.

In practice, you could use this rule: if you are sure that you will only use RSA, then use RSAPublicKey/RSAPrivateKey; otherwise, use PublicKey/PrivateKey.