z-hao-wang
commented
8 years ago Hi @xing-zheng, Looks like you need to store the private key on client. RSA works like this, you keep private key to yourself, and open you public key to everyone. So any one can send you encrypted message using public key, however this message can only be decrypted using your private key.
My solution is every client has it's own private key and public key. I store each client's public key in server database. Then if I need to send an encrypted message to a client, I need to look up its public key, then encrypt using its public key.
Another note is RSA can only encrypt certain size data, if you need to encrypt larger data, you must use something like AES. I use RSA to encrypt the AES cipher(password), then use AES to encrypt/decrypt the actual data blob.
xing-zheng
kevinvn1709
Hi @z-hao-wang , I'm very interesting in and appreciate your project. But my scenario is:
I need encrypt some data on server, and decrypt them on client. So, the private key should be kept on server for encryption, and the public key will be distribute to any client for decryption.
But I found that, This project can only use public key for encryption and private key for decryption. It will not fit this scenario. Could you help to support this case.