Why random key pair is generated on instantiation?

[denis-evteev]

I come up with another issue, which I cannot really explain.

Is there any specific reason why each time an instance of RsaCrypt is created, it generates a new random key pair? It takes time and hardware computing power to do that, but why waste these precious resources if this random key pair is not needed at all?

I think that it’ll make more sense to move this task to a separate method, which could be called when and if required.

[AKushWarrior]

Sure. Do you want to create a PR to fix this? You're clearly familiar with the code...

[denis-evteev]

Yup. Will do. But apparently this is going to be a breaking change.

[AKushWarrior]

Don't worry, plenty of those going around. it'll be folded into steel_crypt 2.0, probably.

[denis-evteev]

I’ve managed to fix the issue without introducing any breaking changes, but I’d recommend deprecating the private/public key getters in the upcoming 1.x version and removing them completely in 2.0.

I’d also recommend making all the RsaCrypt’s methods static, because they all rely only on the incoming parameters to do their job.

Also, I think that you could rename the would-be static encrypt and decrypt methods into encryptWithKey and decryptWithKey and instantiate the RsaCrypt object based on a specific keypair like so:

///Pair of asymmetric keys.
final AsymmetricKeyPair keyPair;

///Instance Constructor.
RsaCrypt([AsymmetricKeyPair keyPair]) : keyPair = keyPair ?? generateKeyPair();

This approach does justify generating a random keypair when no keypair is provided to the constructor, because the instance’s (i.e. non-static) encrypt and decrypt methods should use the instance’s keyPair property to execute.

[AKushWarrior]

Done in 2.0.

The latter points are moot because I'm deprecating RSA functionality. It's too much work for me to maintain it.