I wanted to avoid the clients having keys, to avoid the hassle of
managing those keys. If
I could encrypt with my private key all I'd need would be to distribute my
public key to
all clients. I know it is less safe -- anybody with the public key would be
able to
decrypt it, so it doesn't provide more security than just signing -- but it's a
pure block
of characters instead of a signed file that the user tries to open and thinks
"ah I can
edit this".
Thanks!
> Your client need have a pair - his keys - and then he should give you his
> public key.
> If you encrypt the message with his key, he will read it using his private
> key.
>
> If you sign the message with your private key, he will verify the message
> using your public key.
>
> Users give to others only public keys, private keys are kept on their side.
>
> Of course you may prepare key pair for your client and give them to him, but
> to encrypt the message you need only his key.
>
> I have an impression you want to encrypt and sign using this same keypair,
> and then use this same keypair to read/verify the message. It is not really a
> good approach I think.
>
> --
> Pozdrawiam
> Paweł Górny
>
> Sent from my BlackBerry Passport
> Original Message
> From: Bruno Barberi Gnecco
> Sent: wtorek, 18 sierpnia 2015 23:50
> To: OpenPGP.js Mailing List
> Reply To: OpenPGP.js Mailing List
> Subject: Re: [openpgpjs] Decrypting with a public key
>
> Thanks for the fast response!
>
> But I don't want to send both the private and the public key to the client.
> It would
> easily defeat any security.
>
>> You should use
>>
>> signAndEncryptMessage
>>
>> http://openpgpjs.org/openpgpjs/doc/openpgp.js.html#line93
>>
>> If you want to encrypt - you need public key of the recipient, if you want
>> to decrypt -
>> your private key;
>> If you want to sign - your private key. If you want to verify signature -
>> public key of
>> the sender.
>>
>> W dniu 18.08.2015 o 23:09, Bruno Barberi Gnecco pisze:
>>> Hi,
>>>
>>> I posted this as an issue but it seems more appropriate to this list.
>>>
>>> Is it possible to encrypt with a private key and decrypt with a public key?
>>> I want to send
>>> data that is guaranteed to be from a sender and I'd rather not send it as
>>> clear text, so
>>> just signClearMessage() is not an option. decryptAndVerifyMessage()
>>> requires both the
>>> public and private keys, so also not an option.
>>>
>>> I can encrypt with a private key easily:
>>>
>>> var publicKey = openpgp.key.readArmored(fs.readFileSync('public.key',
>>> 'utf-8'));
>>> var privateKey = openpgp.key.readArmored(fs.readFileSync('private.key',
>>> 'utf-8')).keys[0];
>>> privateKey.decrypt(PASSPHRASE);
>>> openpgp.encryptMessage(privateKey, text).then(function(pgpMessage){ // yes,
>>> private });
>>>
>>> But trying to decrypt with a public key does not work. This returns Error:
>>> Private key is
>>> not decrypted.
>>>
>>> pgpMessage = openpgp.message.readArmored(pgpMessage);
>>> openpgp.decryptMessage(publicKey.keys[0], pgpMessage).then(function(plain) {
>>> ....
>>> });
>>>
>>> But publicKey.keys[0].decrypt(PASSPHRASE) throw Error: Nothing to decrypt
>>> in a public key.
>>>
>>> Any tips?
>>>
>>> _______________________________________________
>>>
>>> http://openpgpjs.org
>>> Subscribe/unsubscribe:http://list.openpgpjs.org
>>
>>
>> --
>> Paweł Górny
>> mailto:[email protected] http://pawelgorny.com
>> * only way to feel the noise is when it's good and loud *
>>
>> In reply please use the key: 0xF0F72044
>>
>>
>>
>> _______________________________________________
>>
>> http://openpgpjs.org
>> Subscribe/unsubscribe: http://list.openpgpjs.org
>>
>
>
_______________________________________________
http://openpgpjs.org
Subscribe/unsubscribe: http://list.openpgpjs.org
