I am interested in having something that I am encrypting using the public key on the LAMPhp server, decrypted using the corresponding private key on the web client (at least firefox if it is standard javascript)
Please note that what I want to do is not just an encrypted connection using SSL / https. Or even use browser-based client certificates as a method of entry / access control. I know how to do both of these things. What I want to do is more like sending an email using the gpg keys. I want to be able to create a short message that I will encrypt with the user's public key - only they can decrypt with their private key. I’m not looking for confidentiality automatically obtained using ssl, but the ability to allow only certain users to decrypt messages. I know that I can easily do this with gpg or maybe with SMIME, and maybe this is the best way, but I would prefer to use a web alternative.
Firefox etc have certificate stores, and I know that the private keys that are stored there are unlikely to be exported to javascript for obvious security reasons, but I would suggest that there is some way -use- certificates from javascript calls to decrypt that. .
The reason I would like to do this is because I need a secure method to give an arbitrarily generated password to the administrator. I am trying to implement full database transparency, and public key cryptography seems to be an important part of this effort. But this is one use case that I find it difficult to cope without.
So, on the php side, I would use openssl encryption calls, for example ...
<?php
$browsers_public_key = get_it_from_the_browser_via_apache_maybe();
openssl_public_encrypt($data,$encrypted_ends_up_here,$browsers_public_key);
echo "<html><head>
<script type='javascript'>
function decrypt_textarea(){
??
}
</script>
</head>
<body><textarea id='decrypt_me'> $encrypted_ends_up_here </textarea>
<div id='where_the_plaintext_goes'> </div>
</body> </html>";
?>
, stackedoverflow javascript... , Firefox, MyOpenId.com CaCert.org
- , ?
,
-Ft