get firefox to decrypt using private portion of client certificate

xSilver

New Member
I am interested in having something that I encrypt using a public key on a LAMPhp server, decrypted using the appropriate private key on the web client (firefox at least, best if it is standard javascript) Note that what I want to do is -not- merely to have an encrypted connection using SSL/https. Or even to use browser-based client certificates as a login/access control method. I know how to do both of those things. What I want to do is more like emailing with gpg keys. I want to be able to create a short message that I will encrypt with a users public key that -only they- can decrypt using their private key. What I am looking for is not the privacy achieved automatically by ssl, but the ability to allow only particular users to decrypt messages. I know I can easily do this with gpg or perhaps SMIME, and perhaps that is the best way, but I would prefer a web-based alternative.Firefox etc have a certificate stores, and I know that the private keys held there are unlikely to be exportable into javascript for obvious security reasons, but I would assume there is some way to -use- the certificates from javascript calls to decrypt something..The reason I would like to do this, is that I need a secure method to give a randomly generated password to a particluar administrator. I am trying to implement full database translucency and public key cryptography seems like an important part of that effort. But this is one use-case that I am having trouble addressing without this kind of ability.So on the php side I would use the openssl encryption calls like so...\[code\]<?php$browsers_public_key = get_it_from_the_browser_via_apache_maybe(); openssl_public_encrypt($data,$encrypted_ends_up_here,$browsers_public_key);echo "<html><head><script type='javascript'> function decrypt_textarea(){ ?? }</script></head><body><textarea id='decrypt_me'> $encrypted_ends_up_here </textarea> <div id='where_the_plaintext_goes'> </div></body> </html>";?>\[/code\]Note that I have found via stackedoverflow many fine javascript encrypton libraries... but I actually want to use keys imported into Firefox as per MyOpenId.com or CaCert.orgDoes anyone know if this is possible? Thanks,-FT
 
Back
Top