Elysia Tools

Navigation

Security

RSA Encrypt / Decrypt

Encrypt text with an RSA public key or decrypt ciphertext with the matching private key, using OAEP padding (SHA-1 or SHA-256). Handles long messages by chunking. Keys and data stay local. PKCS#1 v1.5 is intentionally not offered (Node disables it for decryption due to Bleichenbacher attacks).

Details

What this tool helps you do

A practical RSA OAEP encryption/decryption tool.

Mode: encrypt (public key → ciphertext) or decrypt (private key → plaintext).
Padding: OAEP (Optimal Asymmetric Encryption Padding) with SHA-1 or SHA-256 hash. OAEP is the modern, semantically-secure scheme recommended for new RSA encryption. PKCS#1 v1.5 is intentionally omitted — it is vulnerable to Bleichenbacher padding-oracle attacks and Node.js refuses to decrypt with it.
Chunking: RSA can only encrypt a small block at once (key bytes − 2×hash size − 2). Messages longer than that are split into blocks, each encrypted separately, and the ciphertexts concatenated. Decryption splits on the modulus boundary and reverses it.
Encoding: ciphertext is hex or base64.

Why OAEP max block = k − 2hLen − 2: OAEP adds a hash-length seed and label hash plus 2 delimiter bytes, so the usable payload per block shrinks accordingly.

Use cases: end-to-end message encryption demos, encrypting a small payload to someone's public key, learning RSA in practice. Everything runs locally.

Execution

Run this tool

Fill in the form, run the tool, and review the result in one place.

Prepared example runs

Click an example to fill the form automatically. File inputs still need an upload.

1 examples

Encrypt a short message with an RSA public key (OAEP-SHA256)

Produces hex ciphertext chunked into one 2048-bit block.

<div>Renders the ciphertext in a mono box with block metadata.</div>

Inputs

Set the required fields, then run the tool.

8 options

ContentPaste or type the main input values.5

Public key (PEM)textareaOptionalPrivate key (PEM)textareaOptionalPrivate key passphrase (if encrypted)textOptionalMessage (plaintext)textareaOptionalCiphertext (hex or base64)textareaOptional

SettingsAdjust formats, ranges, numbers, and modes.3

ModeselectOptionalOAEP hashselectOptionalCiphertext encodingselectOptional

Result

Ready for a run

Run the tool to preview files, text, structured data, or streamed output here.

Prepared example runs

Click an example to fill the form automatically. File inputs still need an upload.

1 examples

Encrypt a short message with an RSA public key (OAEP-SHA256)

Produces hex ciphertext chunked into one 2048-bit block.

<div>Renders the ciphertext in a mono box with block metadata.</div>

Inputs

Set the required fields, then run the tool.

8 options

ContentPaste or type the main input values.5

Public key (PEM)textareaOptionalPrivate key (PEM)textareaOptionalPrivate key passphrase (if encrypted)textOptionalMessage (plaintext)textareaOptionalCiphertext (hex or base64)textareaOptional

SettingsAdjust formats, ranges, numbers, and modes.3

ModeselectOptionalOAEP hashselectOptionalCiphertext encodingselectOptional

Result

Ready for a run

Run the tool to preview files, text, structured data, or streamed output here.

Samples

Examples that match this tool

Tool usage guide

Learn when to use this tool, what it supports, and how real users apply it.

Key facts

Category: Security
Input types: select, textarea, text
Output type: html
Sample coverage: 4
API ready: Yes

Overview

Securely encrypt plaintext using an RSA public key or decrypt ciphertext using a matching private key directly in your browser. This tool utilizes secure OAEP padding with SHA-1 or SHA-256 and automatically handles longer messages by chunking them into block-sized payloads, keeping all cryptographic operations entirely local.

When to use

When you need to encrypt a sensitive configuration value or API key using a recipient's RSA public key before sharing it.

When you need to decrypt a ciphertext payload locally using your passphrase-protected or unencrypted RSA private key.

When testing asymmetric encryption workflows or verifying RSA key pairs using secure OAEP padding configurations.

How it works

1Select the operation mode (encrypt with public key or decrypt with private key) and paste your PEM-formatted RSA key.
2Choose the OAEP hash algorithm (SHA-256 or SHA-1) and the preferred ciphertext encoding format (Hex or Base64).
3Input your plaintext message or ciphertext; the tool automatically chunks data exceeding the RSA block limit and processes it locally.

Use cases

Encrypting database credentials with a production public key before committing them to a repository.
Decrypting automated alert payloads sent by external systems that encrypt data using your public key.
Verifying that a generated RSA public/private key pair functions correctly with OAEP padding.

Examples

1. Encrypting a Secret Token with a Public Key

DevOps Engineer

Background

A DevOps engineer needs to send a database password to a remote server administrator securely.

Problem

The password must be encrypted using the administrator's public key so only they can read it.

How to use

Set the mode to 'Encrypt with public key', paste the administrator's PEM public key, enter the password in the message field, select OAEP SHA-256, and choose Base64 encoding.

Outcome

The tool generates a Base64-encoded ciphertext block that can be safely shared over insecure channels.

2. Decrypting a Configuration Payload

Backend Developer

Background

A developer receives an encrypted API credential block from a client system.

Problem

The credential block is encrypted with the developer's public key, and they need to retrieve the plaintext using their private key.

How to use

Set the mode to 'Decrypt with private key', paste the PEM private key (and passphrase if encrypted), paste the Hex-encoded ciphertext, and select the matching OAEP SHA-256 hash.

Outcome

FAQ

Why is PKCS#1 v1.5 padding not supported?

PKCS#1 v1.5 is vulnerable to Bleichenbacher padding-oracle attacks and is disabled for decryption in modern runtimes like Node.js.

How does the tool handle messages that exceed the RSA block size limit?

It automatically splits the message into smaller chunks, encrypts or decrypts each block separately, and concatenates the results.

Are my private keys or messages uploaded to a server?

No. All encryption and decryption operations are performed locally in your browser, ensuring your keys and data never leave your device.

What is the maximum payload size for a single RSA block?

The maximum size is determined by the key size in bytes minus two times the hash length minus two (k - 2hLen - 2).

Can I decrypt a private key that is protected by a passphrase?

Yes, you can provide the passphrase in the designated input field to decrypt passphrase-protected PEM private keys.

Images, Audio & Video487

Image, audio, and video processing, conversion, and optimization tools

Math, Date & Finance416

Calculators, numerics, date logic, statistics, and finance tools

Design & Color274

Color, layout, graphics, visual styling, and design helper tools

Conversion & Encoding158

Format, file, archive, unit, and encoding conversion tools

Text & Writing150

Writing, cleanup, formatting, extraction, and text analysis tools

Data & Tables144

Structured data cleanup, analysis, transformation, and table workflows

Audio Encoding and Format Conversion Tools

Image Format Conversion and Animated Export Tools

JSON Interchange and Format Translation Tools

Color Space Conversion Tools for Web and Print

Text Case, Encoding, and Normalization Conversion Tools

The tool decrypts the ciphertext and displays the original API credential plaintext.

Media

Copyright-Free MP3 Audio Samples

Collection of royalty-free audio samples for testing and development purposes including nature sounds, meditation music, and ambient audio

Python

Web Image Processing Python Samples

Web Python image processing examples using PIL/Pillow including reading, saving, resizing, and format conversion

Java

Android Image Processing Java Samples

Android Java image processing examples including reading/saving images, scaling, and format conversion

Kotlin

Android Image Processing Kotlin Samples

Android Kotlin image processing examples including reading/saving images, scaling, and format conversion

Cryptography

Hash Algorithm Comparator

Hash the same input with MD5, SHA-1, SHA-256, SHA-512, BLAKE2b, and BLAKE3 at the same time and compare them side by side: output length, hex/Base64 digest, security status (broken / modern), and a relative speed benchmark. Great for teaching, choosing a hashing algorithm, or sanity-checking checksums.

Security

Excel Field-Level Decryptor

Decrypt specific fields in Excel files using various decryption methods to restore encrypted information

Security

Excel Field-Level Encryptor

Encrypt specific fields in Excel files using various encryption methods to protect sensitive information

Security

CRC32 Checksum

Compute the CRC32 checksum (IEEE 802.3 polynomial) of any text or raw bytes. Output as hex, decimal or binary. Accepts plain text (UTF-8) or raw bytes via hex/base64 input.

RSA Encrypt / Decrypt

What this tool helps you do

Run this tool

Prepared example runs

Inputs

Result

Prepared example runs

Inputs

Result

Examples that match this tool

Continue with connected tools and hubs

Learn when to use this tool, what it supports, and how real users apply it.

Key facts

Overview

When to use

How it works

Use cases

Examples

1. Encrypting a Secret Token with a Public Key

2. Decrypting a Configuration Payload

FAQ

Copyright-Free MP3 Audio Samples

Web Image Processing Python Samples

Android Image Processing Java Samples

Android Image Processing Kotlin Samples

Hash Algorithm Comparator

Excel Field-Level Decryptor

Excel Field-Level Encryptor

CRC32 Checksum

Text Case, Encoding, and Normalization Conversion Tools

Text Tools

Text Analysis, Readability, and Content Inspection Tools

Text Redaction, Highlighting, and Presentation Formatting Tools