Encrypt message with private key about cryptico HOT 10 OPEN

This seems a reasonable application. I'll look into this.

from cryptico.

Great! If I develop a method for this I'll be sure to issue a pull request.

from cryptico.

Hi guys! We need this same functionality. Were you able to come up with a solution?

from cryptico.

Not a super elegant solution, but a quick + dirty solution that I've employed thus far is to have a shared private/public key (different than the specific user's private/public keys) that all peers have access to. Any message that ONLY needs verification of origination is encrypted with the shared public key & signed with the individual peer's private key. Included in the encrypted object that is sent is the originating public key.

On the receiving peer's end the message is decrypted with the shared private key and the signature verified and compared against the included public key of the (now decrypted) object to prove origination.

This was the best workaround I've come up with without doing more significant work.

If you're also needing full message encryption, after proof of origination, the receiving peer can pass back their public key via the method above, at which point a fully encrypted (meaning not using a shared private/public key) message between peers can be sent.

from cryptico.

Thanks Stephen. Not ideal, but it's something. Any tips on what other library or mechanism you'd use for just signing with private keys?

from cryptico.

Edit: Actually, give this a look, it might work (I've not used it) -- https://code.google.com/p/jscryptolib/

Honestly, none that I have seen yet for the scenario above in a pure js way.

from cryptico.

Hi guys. We ended up using forge. They have a nice RSA interface that we can just use for signing digests, which is our use case.
https://github.com/digitalbazaar/forge#rsa

from cryptico.

The Forge RSA implementation only allows public key encryption and private key decryption unfortunately.

from cryptico.

It seems to me that the original use case could be solved by having the recipients encrypt and send a random string, and the originator could send back the decrypted value.

from cryptico.

@ericwooley made a good suggestion. I tried to take the pubkey generated from cryptico and use that in openssl_public_encrypt() in php, it errs with:
openssl_public_encrypt(): key parameter is not a valid public key

Is there a way to convert the pubkey generated by cryptico to be useable by openssl?

from cryptico.