Logo

MonoCalc

/

RSA Key Pair Generator

Encode/Decode

Configuration

Standard
Leave blank for an unencrypted private key.

About This Tool

🔑 RSA Key Pair Generator – Browser-Based Asymmetric Key Tool

The RSA Key Pair Generator lets you create RSA public/private key pairs entirely in your browser using the Web Crypto API. No data is ever sent to a server — your private key is generated and stays on your device. It supports key sizes from 1024 to 4096 bits and exports keys in PEM, DER (Base64), and JWK formats, making it suitable for TLS, SSH, JWT signing, API authentication, and educational use.

What is RSA?

RSA (Rivest–Shamir–Adleman) is the most widely deployed asymmetric (public-key) cryptographic algorithm. It generates a mathematically linked key pair: a public key that anyone can use to encrypt data or verify signatures, and a private key that only the owner possesses to decrypt or sign. The security of RSA relies on the computational difficulty of factoring the product of two large prime numbers — a problem that remains infeasible for sufficiently large keys with current technology.

Key Size Guide

Choosing the right key size balances security strength against performance. Larger keys are stronger but slower to generate and use in cryptographic operations.

Key SizeSecurity LevelRecommended Use
1024 bits⚠️ DeprecatedDemo and testing only — do not use in production
2048 bits✅ StandardGeneral TLS, JWT signing, SSH keys (valid until ~2030)
3072 bits✅ StrongHigh-security applications, certificates with long lifespans
4096 bits🔒 MaximumRoot CAs, PGP master keys, long-term data protection

Output Formats Explained

PEM (Privacy Enhanced Mail)

PEM is the most widely supported format. It encodes the DER binary data as Base64 and wraps it with a human-readable ASCII header and footer such as -----BEGIN PUBLIC KEY-----. PEM files are used by OpenSSL, Nginx, Apache, Node.js, and most other TLS/SSL tooling. This tool supports both the modern PKCS#8 format (-----BEGIN PRIVATE KEY-----) and the legacy PKCS#1 format (-----BEGIN RSA PRIVATE KEY-----).

DER (Base64 Raw)

DER is the binary ASN.1 representation of the key structure. This tool displays DER bytes as a Base64 string for easy copying and use in environments that consume raw DER, such as Java keystores, Android Keystore, or .NET certificate APIs.

JWK (JSON Web Key)

JWK represents the key as a JSON object with fields like kty, n (modulus), and e (public exponent). JWK is used in OAuth 2.0 / OIDC JWKS endpoints, Web Crypto API operations, and modern JavaScript/TypeScript cryptographic libraries. The private JWK additionally includes d, p, q, dp, dq, and qi components.

Passphrase-Protected Private Keys

When you provide a passphrase, this tool derives an AES-256 encryption key from your passphrase using PBKDF2 (100,000 iterations, SHA-256) with a random 16-byte salt. The private key is then wrapped using AES-GCM and the output is displayed as an ENCRYPTED PRIVATE KEY PEM block. The salt and initialization vector are embedded in the key data so the key can be decrypted later with the same passphrase. Always use a strong, unique passphrase for any key you plan to store or share.

SHA-256 Public Key Fingerprint

The SHA-256 fingerprint is computed by hashing the raw DER bytes of the public key (SPKI format) with SHA-256 and displaying the result as colon-separated uppercase hexadecimal pairs — for example 3A:F2:...:9B. Fingerprints let you quickly verify that two representations of the same key (e.g., a JWK and a PEM) belong to the same key pair without comparing the full key text.

Security reminder
This tool runs entirely in your browser — no keys are transmitted to any server. It is designed for development, testing, and learning. For production systems, generate private keys using server-side tools (OpenSSL, AWS KMS, HashiCorp Vault) and store them in a proper secrets manager.

Common Use Cases

  • JWT RS256 / RS512 signing: Generate a key pair, use the private key to sign tokens and the public key to verify them.
  • TLS/SSL certificate generation: Create a CSR (Certificate Signing Request) with your private key and share the public key with a CA.
  • SSH authentication: Export the public key to your server's ~/.ssh/authorized_keys and keep the private key on your client machine.
  • API authentication: Use RSA key pairs for service-to-service authentication in OAuth 2.0 client credential flows with private_key_jwt.
  • Education and testing: Explore RSA key structure, test cryptographic libraries, or create throwaway keys for local development environments.

How the Web Crypto API is Used

This tool calls crypto.subtle.generateKey() with the RSA-OAEP algorithm descriptor specifying the modulus length, public exponent 65537, and the chosen hash algorithm. The resulting CryptoKeyPair is exported using crypto.subtle.exportKey() in spki format (public key) and pkcs8 format (private key). All operations are asynchronous and non-blocking, which is why key generation on larger sizes like 4096 bits may take a few seconds.

The public exponent is fixed at 65537 (0x10001) — a Fermat prime that provides strong security properties and fast public-key operations. It is the standard choice in virtually all real-world RSA implementations.

Frequently Asked Questions

Is the RSA Key Pair Generator free?

Yes, RSA Key Pair Generator is totally free :)

Can I use the RSA Key Pair Generator offline?

Yes, you can install the webapp as PWA.

Is it safe to use RSA Key Pair Generator?

Yes, any data related to RSA Key Pair Generator only stored in your browser (if storage required). You can simply clear browser cache to clear all the stored data. We do not store any data on server.

How does this RSA Key Pair Generator work?

This tool uses the browser-native Web Crypto API (window.crypto.subtle) to generate RSA key pairs entirely on your device. It calls SubtleCrypto.generateKey() with your chosen modulus length and exports the public key in SPKI format and the private key in PKCS#8 format. No key material ever leaves your browser.

What key size should I choose?

2048-bit keys are the current minimum recommended for production use. 3072-bit or 4096-bit keys provide a larger security margin and are recommended for certificates with long validity periods or high-security applications. 1024-bit keys are deprecated and should only be used for demos or testing.

What is the difference between PEM, DER, and JWK formats?

PEM (Privacy Enhanced Mail) is Base64-encoded DER wrapped with ASCII header/footer lines — it is the most human-readable and widely supported format for TLS, SSH, and JWT. DER (Distinguished Encoding Rules) is the raw binary ASN.1 format, here shown as a Base64 string, used by Java and Android. JWK (JSON Web Key) is a JSON representation of the key used in modern web APIs, OAuth 2.0 servers, and JWKS endpoints.

What is the difference between PKCS#8 and PKCS#1 PEM headers?

PKCS#8 uses the header `-----BEGIN PRIVATE KEY-----` and is the modern, algorithm-agnostic format recommended for new applications. PKCS#1 uses the older `-----BEGIN RSA PRIVATE KEY-----` header and is specific to RSA. Most modern tools accept both, but PKCS#8 is preferred.

Is it safe to generate keys with this tool?

All cryptographic operations run entirely in your browser using the Web Crypto API — no keys or key material are ever transmitted to any server. However, avoid entering real production private keys into any online tool. This tool is designed for learning, testing, and development purposes.

What is the SHA-256 fingerprint and how is it used?

The SHA-256 fingerprint is the hex-encoded SHA-256 digest of the public key's SPKI DER bytes. It uniquely identifies a key pair without revealing the private key and is used to verify that two parties hold the matching key, track key versions, or compare keys displayed in different formats.