堆栈内存溢出
  简体   繁体   English

在Javascript中生成PGP密钥对,并使用加密的PGP私钥对文本进行签名

[英]Generating PGP keypair, and signing text with an encrypted PGP private key, in Javascript

 原文  2012-05-18 03:43:56       javascript/ encryption/ cryptography/ pgp/ openpgp

问题描述

I'm writing something that needs to do electronic signatures . 我正在写一些需要做电子签名的东西。

Some users will be geeks like me and already have their own PGP keys. 有些用户会像我这样的极客,并且已经拥有自己的PGP密钥。 Most won't, and won't want to futz with installing or maintaining it anyway. 大多数人不会,也不会想要安装或维护它。

As a workaround solution, I want to do the following: 作为一种解决方案,我想做以下事情:

  1. Create a public/private keypair for the user that uses a separate "signing" password. 为使用单独“签名”密码的用户创建公钥/私钥对。
  2. When I need the user to sign something, provide the plaintext to the user, along with some other info inside it like timestamps and other references, and have them sign it with the private key that I store. 当我需要用户签名时,向用户提供明文,以及其中的一些其他信息,如时间戳和其他引用,并让他们使用我存储的私钥对其进行签名。

There are basically two ways to do this (for users who don't have their own PGP keys). 基本上有两种方法(对于没有自己的PGP密钥的用户)。

  1. The user submits the signing password to me over SSL. 用户通过SSL向我提交签名密码。 I generate the private keypair server side, and temporarily unlock the private key when needed to sign. 我生成私钥对服务器端,并在需要签名时暂时解锁私钥。 I don't store the password at all, and I get rid of the unlocked private key ASAP. 我根本不存储密码,我尽快摆脱解锁的私钥。
  2. The user generates the pub/priv key in Javascript. 用户在Javascript中生成pub / priv密钥。 They send me the pubkey and encrypted private key and keep a copy in local storage. 他们向我发送了pubkey和加密的私钥,并将副本保存在本地存储中。 When they need to sign something, I make sure their local storage has it (and push if not), they decrypt and sign the text locally using JS. 当他们需要签名时,我确保他们的本地存储有它(如果不是,则推送),他们使用JS在本地解密和签名文本。 I never see their signing password nor their unlocked private key. 我从未看到他们的签名密码或他们未锁定的私钥。

Either way, I also sign the result w/ the server's key. 无论哪种方式,我也用服务器的密钥签署结果。 But I need there to be a user-unique, non-repudiatable way for the user to sign text too, and having them have a PGP key that I maintain is the simplest way to do so. 但我需要有一个用户独特的,不可否认的方式让用户也可以签署文本,并让他们拥有一个我维护的PGP密钥是最简单的方法。

Option 1 is a lot simpler to do, and works well enough to meet my minimum needs. 选项1要简单得多,并且能够很好地满足我的最低需求。

Option 2 is a bit more trustworthy, in that unless I subvert the JS (which I still could do), I can't use their privkey myself. 选项2更值得信赖,因为除非我颠覆了JS(我仍然能够做到),否则我不能自己使用他们的私钥。

However, in order to do it, I need a JavaScript library that can 但是,为了做到这一点,我需要一个可以的JavaScript库

  1. generate a pub/priv keypair 生成pub / priv密钥对
  2. decrypt a private key for use 解密私钥以供使用
  3. sign a block of text with that private key 使用该私钥签署一个文本块

What libraries can do this? 哪些库可以做到这一点?

PS Please note that I don't need to encrypt to a given public key. PS请注意,我不需要加密到给定的公钥。 I need the user to sign with their own (encrypted-as-stored) key. 我需要用户使用他们自己的(加密存储的)密钥进行签名

3 个解决方案

解决方案1
 4  2013-01-14 06:28:46

看看http://openpgpjs.org - 它应该已经实现了你正在寻找的大部分功能。

解决方案2
 3  2012-05-18 04:12:57

First, read this article: http://www.matasano.com/articles/javascript-cryptography/ 首先,阅读这篇文章: http//www.matasano.com/articles/javascript-cryptography/

If you are still convinced that javascript crypto is a good idea for what you're doing, then: 如果您仍然确信javascript加密对于您正在做的事情是一个好主意,那么:

PGP is fairly complicated and you don't need 95% of what it does, I would recommend that you instead consider using Ed25519 for signatures - a javascript version is available at http://www.flownet.com/ron/code/ed25519.js . PGP相当复杂,你不需要它的95%,我建议你考虑使用Ed25519签名 - 一个javascript版本可以在http://www.flownet.com/ron/code/ed25519上找到.js It's an elliptic curve based system that is substantially faster than RSA with equivalent security and much smaller keys. 它是一个基于椭圆曲线的系统,比RSA快得多,具有相同的安全性和更小的密钥。 The keys are so small, in fact, that you can have the user choose a 'signing passphrase', feed it to scrypt[1] with their user ID as the salt, and use the output as the private key (you just need to frob three bits to make it a valid Ed25519 private key). 事实上,密钥非常小,您可以让用户选择“签名密码短语”,将其作为salt以scilpt [1]的形式提供给他们,并将输出用作私钥(您只需要frob三位使其成为有效的Ed25519私钥)。

  1. https://github.com/cheongwy/node-scrypt-js https://github.com/cheongwy/node-scrypt-js

解决方案3
 1  2013-08-19 17:30:56

I think your article claims wrong things. 我认为你的文章声称错误。 For Example, it says, there would be no way preventing for example math.RND() to be overwritten - but it can be done easily - write html file with inline js on top of the file. 例如,它说,没有办法阻止例如math.RND()被覆盖 - 但它可以很容易地完成 - 在文件顶部用内联js编写html文件。 in that code you freeze every object, openpgp.js depends on. 在那段代码中你冻结了每个对象,openpgp.js取决于。

Object.freeze() Object.freeze()

so you could build a secure env. 所以你可以建立一个安全的环境。 indeed! 确实! transfer the index.html with ssl, freeze what's important, prevent other js files to be loaded, make sure connections to other servers are not allowed and so on. 使用ssl传输index.html,冻结重要内容,阻止加载其他js文件,确保不允许与其他服务器的连接等等。

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Javascript中的PGP加密 - PGP Encryption in Javascript 在 JavaScript 中生成 RSA 密钥对 - Generating an RSA keypair in JavaScript 如何验证用户编写的PGP公钥? - How to validate PGP public key written by a user? 我可以通过JavaScript使用PGP / GPG吗? - Can I use PGP / GPG via JavaScript? OpenPGP.js将PGP块传递给javascript变量 - OpenPGP.js passing PGP block to javascript variable 无法使用gnupg解密openpgpjs(JS)加密的pgp消息(Ubuntu GPG通过PHP) - Can't decrypt openpgpjs (JS) encrypted pgp message with gnupg (Ubuntu GPG via PHP) pgp.as.format()中的'default'选项 - 'default' option in pgp.as.format() 客户端PGP文件加密 - Client Side PGP Encryption of File 客户端Web应用程序中的GPG(PGP)解密 - GPG (PGP) decryption in client side web applications 解码PKCS12文件并使用JavaScript从中获取加密私钥的最佳方法 - Best approch to decode the PKCS12 file and get the encrypted private key from it using JavaScript
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM