Databases
StackOverflow2013
Postsdbo
POget firefox to decrypt using private portion of client certificate
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POget firefox to decrypt using private portion of client certificate
    text
    copied!<p>I am interested in having something that I encrypt using a public key on a LAMPhp server, decrypted using the appropriate private key on the web client (firefox at least, best if it is standard javascript) </p> <p>Note that what I want to do is -not- merely to have an encrypted connection using SSL/https. Or even to use browser-based client certificates as a login/access control method. I know how to do both of those things. What I want to do is more like emailing with gpg keys. I want to be able to create a short message that I will encrypt with a users public key that -only they- can decrypt using their private key. What I am looking for is not the privacy achieved automatically by ssl, but the ability to allow only particular users to decrypt messages. I know I can easily do this with gpg or perhaps SMIME, and perhaps that is the best way, but I would prefer a web-based alternative.</p> <p>Firefox etc have a certificate stores, and I know that the private keys held there are unlikely to be exportable into javascript for obvious security reasons, but I would assume there is some way to -use- the certificates from javascript calls to decrypt something..</p> <p>The reason I would like to do this, is that I need a secure method to give a randomly generated password to a particluar administrator. I am trying to implement full database translucency and public key cryptography seems like an important part of that effort. But this is one use-case that I am having trouble addressing without this kind of ability.</p> <p>So on the php side I would use the openssl encryption calls like so...</p> <pre><code>&lt;?php $browsers_public_key = get_it_from_the_browser_via_apache_maybe(); openssl_public_encrypt($data,$encrypted_ends_up_here,$browsers_public_key); echo "&lt;html&gt;&lt;head&gt; &lt;script type='javascript'&gt; function decrypt_textarea(){ ?? } &lt;/script&gt; &lt;/head&gt; &lt;body&gt;&lt;textarea id='decrypt_me'&gt; $encrypted_ends_up_here &lt;/textarea&gt; &lt;div id='where_the_plaintext_goes'&gt; &lt;/div&gt; &lt;/body&gt; &lt;/html&gt;"; ?&gt; </code></pre> <p>Note that I have found via stackedoverflow many fine javascript encrypton libraries... but I actually want to use keys imported into Firefox as per MyOpenId.com or CaCert.org</p> <p>Does anyone know if this is possible? </p> <p>Thanks, -FT</p>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload