search

encryb / simplecrypto

Simple wrapper around WebCrypto implementations
Apache License 2.0
21 stars 4 forks source link

One or two key pair(s) to encrypt AND sign with? #5

Closed pwFoo closed 5 years ago

pwFoo commented 5 years ago

Hi @encryb searched some time for a solution to encrypt / decrypt AND sign / verify with a key pair and found your simplecrypto which do... But I looked into the code and found two generate methods?

asym: {
            generateEncryptKeys: function(onError, onSuccess) {
                wrap(_cryptoSubtle.generateKey(
                        {
                            name: config.rsaEncryptCipher,
                            modulusLength: config.rsaLength,
                            publicExponent: new Uint8Array([0x01, 0x00, 0x01]),
                            hash: { name: config.rsaEncryptHash }
                        },
                        true,
                        ["encrypt", "decrypt"]
                    ), 
                    onError,
                    onSuccess
                );        
            },
            generateSignKeys: function (onError, onSuccess) {
                wrap(_cryptoSubtle.generateKey(
                        {
                            name: config.rsaSignCipher,
                            modulusLength: config.rsaLength,
                            publicExponent: new Uint8Array([0x01, 0x00, 0x01]),
                            hash: { name: config.rsaSignHash }
                        },
                        true,
                        ["sign", "verify"]
                    ), 
                    onError,
                    onSuccess
                );
            },

So to do both jobs I need two key pairs? How is verified that the signing key belongs to the users encrypt key? Or what I'm missing how to be sure the signing user is the encrypting user too?