1. #1
    Ext JS Premium Member amorworx's Avatar
    Join Date
    Jun 2008
    Location
    The Netherlands
    Posts
    70
    Vote Rating
    0
    amorworx is on a distinguished road

      0  

    Lightbulb Crypto: OpenSSL compatible cryptographic classes & functions in Javascript

    Crypto: OpenSSL compatible cryptographic classes & functions in Javascript


    Hi all!

    I have compiled a library of OpenSSL compatible cryptographic classes & functions by using different resources from the web and my own input. Documentation is not complete (yet) and I do not have a demo link at the moment, but everything works and it is pretty straight forward. I used some functions from ExtJS 3.0 (base) so it won't work if you haven't included that with your page. Have fun!

    Cheers

    Bert
    Attached Files

  2. #2
    Ext User
    Join Date
    Sep 2008
    Posts
    1
    Vote Rating
    0
    vgimeno is on a distinguished road

      0  

    Default


    Looks awesome!!! Thanks a lot!!!

  3. #3
    Ext JS Premium Member amorworx's Avatar
    Join Date
    Jun 2008
    Location
    The Netherlands
    Posts
    70
    Vote Rating
    0
    amorworx is on a distinguished road

      0  

    Default


    Your welcome ...
    /Cheers,

    Bert Moorthaemer
    /(bb|[^b]{2})/ that is the question ...

  4. #4
    Sencha User
    Join Date
    Oct 2009
    Posts
    4
    Vote Rating
    0
    Dishwasha is on a distinguished road

      0  

    Default digital signatures and key pairs

    digital signatures and key pairs


    Thank you very much for this library. I am interested in doing signature verification, but I can't seem to find it in the library.

    Also, I know you're working on documentation, but could you provide a quick and dirty on how to generate a public/private key pair and use those to encrypt a message? I've tried calling Crypto.RSA.generateKeyPair but it doesn't find the function. I was able to figure out the other namespaces like calling Crypto.hash.sha256("test").

  5. #5
    Ext JS Premium Member amorworx's Avatar
    Join Date
    Jun 2008
    Location
    The Netherlands
    Posts
    70
    Vote Rating
    0
    amorworx is on a distinguished road

      0  

    Default


    Hi Dishwasha,

    Well generating a key pair is easy. Just instantiate an object by calling:

    Code:
    var rsa = new Crypto.RSA();
    ... and then call:

    Code:
    rsa.generateKeyPair(1024, 0x10001); // where 1024 = bits and 0x10001 = public exponent
    Although a better approach is to generate a public/private key pair with openssl and use the setPublicKey function, then you can create the signature with the private key on the server-side and verify it with the public key on the client-side.

    To encrypt and decrypt a message you can use the high-level functions:
    - encrypt(message, options)
    - decrypt(cipherText, options)

    where options are:
    - padding: padding function to use (PKCS1PADx functions)
    - method: either 'private' or 'public'

    Both functions return the data as binary strings so I recommend that you call encodeB64 after encryption and decodeB64 before decryption.

    So encrypting a string would look something like this:

    Code:
    var rsa = new Crypto.RSA();
    rsa.setPublicKey(<RSA public key in hex notation>, <public exponent>);
    
    var msg = 'This message is secret';
    var cipherText = rsa.encrypt(msg).encodeB64();
    var plainText = rsa.decrypt(cipherText.decodeB64());

    /Cheers

    Bert.
    /Cheers,

    Bert Moorthaemer
    /(bb|[^b]{2})/ that is the question ...

  6. #6
    Sencha User
    Join Date
    Oct 2009
    Posts
    4
    Vote Rating
    0
    Dishwasha is on a distinguished road

      0  

    Default


    Very awesome, I just didn't get that I had to instantiate first. I guess that's the difference between Ext.extend and Ext.apply. Once again, thank you very much for this code. This will go very far in ensuring asynchronous client data streams haven't been hijacked. Most people are really only concerned that the server doesn't get hijacked to the client and not the other way around.

  7. #7
    Ext JS Premium Member amorworx's Avatar
    Join Date
    Jun 2008
    Location
    The Netherlands
    Posts
    70
    Vote Rating
    0
    amorworx is on a distinguished road

      0  

    Default


    You're very right indeed, and again ... thx ...
    /Cheers,

    Bert Moorthaemer
    /(bb|[^b]{2})/ that is the question ...

  8. #8
    Sencha User
    Join Date
    Jul 2009
    Posts
    3
    Vote Rating
    0
    RodelNaz is on a distinguished road

      0  

    Default


    This library is just what i need for my project. I am interested in the areas that Dishwasha needs along with digital signature and verification. I'm also new to ExtJS that's why I would like to request if you could please provide a sample on how to use this library for digital signing and verification? I know that the documentation is still not complete but i would appreciate it if you could release it to us.

    Thank you very much in advance.
    Cheers...!

  9. #9
    Sencha User
    Join Date
    Oct 2009
    Posts
    4
    Vote Rating
    0
    Dishwasha is on a distinguished road

      0  

    Default Key signing

    Key signing


    In a typical encryption scenario, both parties publish their public keys to each other and each client will encrypt the data use the other party's public key. In digital signature, the party signing the data will encrypt the data using their private key and the other party will decrypt using the source's public key. Some prefer to send a CRC or hash of the original decrypted data in the signature and this ensures when you decrypt public key encrypted data, that you have verified that the CRC or hash decrypted in the signature matches a CRC or hash of the decrypted data.

    A simulation of a digital encryption would be as follows using amorworx's js crypto library (I recommend using firebug to simulate):

    The signer creates a public/private key pair
    var rsa = new Crypto.RSA();
    rsa.generateKeyPair(1024, 0x10001);

    Then the signer takes a "Signature message" (or hash computation) and encrypts it using the private key. By default the Crypto.RSA.encrypt function uses the public key to encrypt.
    var msg = "Signature message not secret";
    enc = rsa.encrypt(msg,{method: "private"}).encodeB64();

    Then the signer publishes their public key to anyone:
    pubkey = rsa.n.toBytes().bytesToHex();

    The other party receiving the signed data takes the data and the signer's public key and is now able to view the message.
    var rsa2 = new Crypto.RSA();
    rsa2.setPublicKey(pubkey,0x10001);
    rsa2.decrypt(enc.decodeB64(), {method: "public"});

    P.S. I noticed line 5734 has a slight mistake so you'll need to change "return me.chunkJoin().rawDecodeUTF8(utf8);" to "return me.chunkJoin().rawDecodeB64(utf8);" before this will work.
    Last edited by Dishwasha; 8 Nov 2009 at 8:59 AM. Reason: Extra explanation.

  10. #10
    Ext JS Premium Member amorworx's Avatar
    Join Date
    Jun 2008
    Location
    The Netherlands
    Posts
    70
    Vote Rating
    0
    amorworx is on a distinguished road

      0  

    Default


    Hi all,

    I've found a few minor bugs and I hereby posting a new version. Note: I've still hadn't any time to update the documentation.

    @Dishwasha: Thx for reporting the bug in decodeB64
    Attached Files
    /Cheers,

    Bert Moorthaemer
    /(bb|[^b]{2})/ that is the question ...

film izle

hd film izle

film sitesi

takipci kazanma sitesi

takipci kazanma sitesi

güzel olan herşey

takipci alma sitesi

komik eğlenceli videolar