Encrypt and decrypt messages locally using secure RSA-OAEP asymmetric cryptography.
RSA Public Key
RSA-OAEP (Optimal Asymmetric Encryption Padding) is a secure mode of RSA encryption. Unlike raw RSA, OAEP adds randomness to the encryption process, preventing various attacks on deterministic RSA encryption.
-----BEGIN PUBLIC KEY-----. This is the standard format generated by OpenSSL and most tools.-----BEGIN PRIVATE KEY-----. Convert PKCS#1 keys with: openssl pkcs8 -topk8 -nocrypt -in private.pem -out pkcs8.pemRSA-OAEP can only encrypt messages smaller than the key modulus. With SHA-256 and a 2048-bit key, the maximum plaintext is 190 bytes. For larger data, use hybrid encryption: encrypt data with AES-256-GCM and encrypt only the AES key with RSA.
Generate keys with our RSA Key Generator tool, which produces PKCS#1 keys. Convert to SPKI/PKCS8 format using OpenSSL:
openssl rsa -pubin -in pkcs1_public.pem -pubout -out spki_public.pemopenssl pkcs8 -topk8 -nocrypt -in pkcs1_private.pem -out pkcs8_private.pem