Comments (10)
This seems a reasonable application. I'll look into this.
from cryptico.
Great! If I develop a method for this I'll be sure to issue a pull request.
from cryptico.
Hi guys! We need this same functionality. Were you able to come up with a solution?
from cryptico.
Not a super elegant solution, but a quick + dirty solution that I've employed thus far is to have a shared private/public key (different than the specific user's private/public keys) that all peers have access to. Any message that ONLY needs verification of origination is encrypted with the shared public key & signed with the individual peer's private key. Included in the encrypted object that is sent is the originating public key.
On the receiving peer's end the message is decrypted with the shared private key and the signature verified and compared against the included public key of the (now decrypted) object to prove origination.
This was the best workaround I've come up with without doing more significant work.
If you're also needing full message encryption, after proof of origination, the receiving peer can pass back their public key via the method above, at which point a fully encrypted (meaning not using a shared private/public key) message between peers can be sent.
from cryptico.
Thanks Stephen. Not ideal, but it's something. Any tips on what other library or mechanism you'd use for just signing with private keys?
from cryptico.
Edit: Actually, give this a look, it might work (I've not used it) -- https://code.google.com/p/jscryptolib/
Honestly, none that I have seen yet for the scenario above in a pure js way.
from cryptico.
Hi guys. We ended up using forge. They have a nice RSA interface that we can just use for signing digests, which is our use case.
https://github.com/digitalbazaar/forge#rsa
from cryptico.
The Forge RSA implementation only allows public key encryption and private key decryption unfortunately.
from cryptico.
It seems to me that the original use case could be solved by having the recipients encrypt and send a random string, and the originator could send back the decrypted value.
from cryptico.
@ericwooley made a good suggestion. I tried to take the pubkey generated from cryptico and use that in openssl_public_encrypt() in php, it errs with:
openssl_public_encrypt(): key parameter is not a valid public key
Is there a way to convert the pubkey generated by cryptico to be useable by openssl?
from cryptico.
Related Issues (20)
- How can I get the private key from the generated RSA key object? HOT 1
- Can cryptico use WebCrypto to accelerate the generation of RSA key pairs?
- RSA OAEP padding
- Cryptico for hybrid mobile apps
- is generateRSAKey() deterministic? HOT 4
- store javascript object rsa private key HOT 2
- cryptico for native ios application
- Add toJSON and fromJSON methods
- Uncaught TypeError: Cannot read property 'toString' of undefined HOT 3
- bnpFromNumber logical bug
- [feature suggestion] PEM support HOT 2
- Decrypt on Server Side HOT 1
- Getting error "Message too long for RSA (n=32, l=32)" HOT 1
- Can't encrypt text
- In jsbn, what is the correct function of variable DV?
- sign without encrypt?
- UTF-8 Support HOT 1
- Install cryptico HOT 1
- Can't encrypt text with Turkish characters? HOT 5
- a bug in library
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from cryptico.