I did not read all messages of this thread, but it sounds to me that you maybe want to use S/MIME. Maybe look for that on the Internet. Barry
> Date: Tue, 18 Aug 2015 19:05:59 -0300 > From: [email protected] > To: [email protected] > Subject: Re: [openpgpjs] Decrypting with a public key > > I wanted to avoid the clients having keys, to avoid the hassle of > managing those keys. If > I could encrypt with my private key all I'd need would be to distribute my > public key to > all clients. I know it is less safe -- anybody with the public key would be > able to > decrypt it, so it doesn't provide more security than just signing -- but it's > a pure block > of characters instead of a signed file that the user tries to open and thinks > "ah I can > edit this". > > Thanks! > > > Your client need have a pair - his keys - and then he should give you his > > public key. > > If you encrypt the message with his key, he will read it using his private > > key. > > > > If you sign the message with your private key, he will verify the message > > using your public key. > > > > Users give to others only public keys, private keys are kept on their side. > > > > Of course you may prepare key pair for your client and give them to him, > > but to encrypt the message you need only his key. > > > > I have an impression you want to encrypt and sign using this same keypair, > > and then use this same keypair to read/verify the message. It is not really > > a good approach I think. > > > > -- > > Pozdrawiam > > Paweł Górny > > > > Sent from my BlackBerry Passport > > Original Message > > From: Bruno Barberi Gnecco > > Sent: wtorek, 18 sierpnia 2015 23:50 > > To: OpenPGP.js Mailing List > > Reply To: OpenPGP.js Mailing List > > Subject: Re: [openpgpjs] Decrypting with a public key > > > > Thanks for the fast response! > > > > But I don't want to send both the private and the public key to the client. > > It would > > easily defeat any security. > > > >> You should use > >> > >> signAndEncryptMessage > >> > >> http://openpgpjs.org/openpgpjs/doc/openpgp.js.html#line93 > >> > >> If you want to encrypt - you need public key of the recipient, if you want > >> to decrypt - > >> your private key; > >> If you want to sign - your private key. If you want to verify signature - > >> public key of > >> the sender. > >> > >> W dniu 18.08.2015 o 23:09, Bruno Barberi Gnecco pisze: > >>> Hi, > >>> > >>> I posted this as an issue but it seems more appropriate to this list. > >>> > >>> Is it possible to encrypt with a private key and decrypt with a public > >>> key? I want to send > >>> data that is guaranteed to be from a sender and I'd rather not send it as > >>> clear text, so > >>> just signClearMessage() is not an option. decryptAndVerifyMessage() > >>> requires both the > >>> public and private keys, so also not an option. > >>> > >>> I can encrypt with a private key easily: > >>> > >>> var publicKey = openpgp.key.readArmored(fs.readFileSync('public.key', > >>> 'utf-8')); > >>> var privateKey = openpgp.key.readArmored(fs.readFileSync('private.key', > >>> 'utf-8')).keys[0]; > >>> privateKey.decrypt(PASSPHRASE); > >>> openpgp.encryptMessage(privateKey, text).then(function(pgpMessage){ // > >>> yes, private }); > >>> > >>> But trying to decrypt with a public key does not work. This returns > >>> Error: Private key is > >>> not decrypted. > >>> > >>> pgpMessage = openpgp.message.readArmored(pgpMessage); > >>> openpgp.decryptMessage(publicKey.keys[0], > >>> pgpMessage).then(function(plain) { > >>> .... > >>> }); > >>> > >>> But publicKey.keys[0].decrypt(PASSPHRASE) throw Error: Nothing to decrypt > >>> in a public key. > >>> > >>> Any tips? > >>> > >>> _______________________________________________ > >>> > >>> http://openpgpjs.org > >>> Subscribe/unsubscribe:http://list.openpgpjs.org > >> > >> > >> -- > >> Paweł Górny > >> mailto:[email protected] http://pawelgorny.com > >> * only way to feel the noise is when it's good and loud * > >> > >> In reply please use the key: 0xF0F72044 > >> > >> > >> > >> _______________________________________________ > >> > >> http://openpgpjs.org > >> Subscribe/unsubscribe: http://list.openpgpjs.org > >> > > > > > _______________________________________________ > > http://openpgpjs.org > Subscribe/unsubscribe: http://list.openpgpjs.org
_______________________________________________ http://openpgpjs.org Subscribe/unsubscribe: http://list.openpgpjs.org
