I have been reading examples on implementing PGP encryption using bouncy castle lib. First step seems to be creation of a public keyring file which eventually has the public key. Can someone please help me understand how to add an existing public key to the PublicKeyRing?
Related
i know that the default is that you have a public key to encrypt messages and a private key to decrypt the encrypted messages.
I need this turned around so that the public key can read the message and the private key can encrypt it.
My Goal is to generate a License Key for my software(NodeJS) which is given in with an ENV and i want to read than the License Key in Nodejs with the built in public Key to verify that the key got created by me.
Maybe there is a better solution for this?
Searched for basicly a switched Asymmetric Encryption variant.
I'm working with the enccc example, I'm able to encrypt and decrypt with a shared key, so the same key is used for both encryption and decryption. I need to use different keys, one to encrypt (like a public key) and another to decrypt (like a private key). Could someone guide me or tell me where I could read about it? Thanks and regards!
You can use the crypto/rsa package for encrypting using RSA.
basically my computer bug down earlier and can no longer retrieve my files from my SSD HD.
i have my id_rsa.pub with me since I emailed this to our support team before for me to access the servers.
now I execute this command "ssh-keygen -t rsa" to my computer to generate new pub key.
upon checking the file is inside .ssh and i just replace the id_rsa.pub with the file i have on my email and leave id_rsa as it is.
trying out to access the server but always give me an error "Permission denied (publickey)."
it could be because of id_rsa which is still the latest.
any way i could replace the value based on the pubkey i have?
thanks.
Simply put, no.
The big idea behind public key cryptography is that the private key (in this case, id_rsa) is always hidden and secure, and only one person (or computer) has access to it. The public key (id_rsa.pub) provides just enough information that it is safe for anyone in the world to have access to it. If you could retrieve the original private key from the public key, then your private key would not be secure1.
The new keypair that you generated is totally distinct from your old one. Whatever server you are trying to ssh into is expecting to see the request signed with your old private key. Since you don't have access to it anymore, you can't sign the request with the correct key, and the server is rejecting your ssh attempt with a public key error.
So, basically, because you lost access to your private key, you can no longer ssh using that keypair.
Your administrative team will need to put your new public key onto the server so that you can ssh using the new key.
1 Note: It is theoretically possible to generate a private key that would match an existing public key, but this process is computationally intractable. Digicert estimates that this would take 6.4 quadrillion years for a 2048-bit RSA key.
normally you have a private part of a rsa key and a public one. You spread the public key out to the internet. Now you can sign with the private key you packages or data, and everyone how knows you public key can check if this data or package is from you. So it's possible to generate a public key from a private, but i is impossible to generate a private key out of a public key in a acceptable time. So you need to generate a new one on you computer and need to put the new generated public key on your server, and you will have access again.
I'm using ursa (nodejs module) to do the following:
Use a private key and someone else's public key to generate a symmetric key
Encrypt some data with the symmetric key
Encrypt the symmetric key with the user's public key
However, I can't seem to find any methods that allow me to create a symmetric key. My understanding is that simply generating a pseudo-random byte string should be good enough for the key, but then I can't use the rest of the method in ursa to actually encrypt anything because it's a random string and not a key/cert.
Am I missing anything?
URSA as the name suggests is an RSA implementation and as such doesn't not handle symmetric encryption. If you want those, then you can use node.js' native crypto module which provides everything you need in this regard.
Encrypt the symmetric key with the user's public key
This means that the symmetric key is simply data. URSA doesn't have to know what this is.
I know how asymmetric cryptography works. I know there are two keys (one private and one public).
When someone wants to communicate they exchange their public keys encrypt messages with those public keys AND then the respective message could be decrypted ONLY by the user that has the private key.
Now, I'm using Node.js and I need to do something like this...
I need an application that EACH hour reads a database, extracts data and saves it to a file that I need to send to another server.
My problem is that I DON'T WANT that file will be visible to other, I do the transfer using SSH so there is no problem BUT
I must encrypt that file because I'm not the admin of that server SO maybe someone could read it. Unfortunately the admin is the same for both servers.
So my idea is to encrypt the file with a public key, and then only he who has the private key(me) could decrypt it.
I think it is pointless using something like:
var key = 'blablabla'
If I use a public key, there is no problem, all can read it..... it is public indeed. But with this public key, nobody can decrypt the message, so it is
something like one-way encryption.
Now, could someone tell me if I need a signer/verifier to do this job, OR maybe I have to generate two keys (public/private) with openssl and pass those keys to a cipher/dechiper?
I'm looking at crypto modules, but there are no examples....
In general, your idea is right - you encrypt using public key and decrypt using private key of yours. However, practically the procedure is more complex. Random symmetric key is generated and the data is encrypted using that key. Then the public key is used to encrypt the random key. Encrypted key is sent to recipient together with encrypted data. On the other side encrypted key is decrypted using a private key, then the data is decrypted.
You can use OpenPGP keys or X.509 certificates to do the job.
In case of OpenPGP the standard offers encryption and decryption as atomic procedures (on the user level). In case of X.509 certificates you need to use PKCS#7 / CMS.
OpenSSL library offers operations with PKCS#7 / CMS, however when I look at nodeJS API for OpenSSL, that API is very limited and doesn't expose those functions. Maybe you can write your own nodeJS module which will interface with OpenSSL and provide missing functions.
Another alternative is to use OpenPGP keys and node-gpg module. That module uses gnupg to do the actual job, so gnupg must be installed.
Unfortunately I don't see any other suitable libraries in the 3rd-party module list provided in nodeJS wiki.