RSA-OAEP Encrypt & Decrypt
Public-key encryption: encrypt with a public key, decrypt with a private key. This tool does both encrypt and decrypt on one page — pick a mode, paste your data, and click. Everything runs on your device, nothing is sent to a server.
Everything runs in your browser. Your data is never sent to our servers.
Example
Example Input
Session key
Example Output
TۤX…(Base64 ciphertext)
How to Use
- 1Choose Encrypt or Decrypt mode at the top.
- 2Fill the Input field and, if required, complete the fields in "More settings" (key/password).
- 3Click the button (or press Ctrl+Enter) to process.
- 4Copy the result with the Copy button.
About RSA-OAEP
RSA-OAEP is an asymmetric encryption scheme: anyone can encrypt a message with your public key, but only the private-key holder can decrypt it. OAEP is the modern, secure padding for RSA.
This tool takes PEM keys (SPKI public for encrypt, PKCS#8 private for decrypt) and outputs Base64 ciphertext. Create a key pair in the RSA Key Pair Generator tool if you do not have one yet.
RSA suits encrypting small data like session keys. For large data, encrypt the data with AES/ChaCha, then encrypt the AES key with RSA (a hybrid scheme).
FAQ
Are my data or keys sent to a server?
No. RSA-OAEP runs entirely in your browser using the Web Crypto API and client-side libraries. Your data, passwords, and keys never leave your device.