Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Using <keygen> to get an RSA key for use with javascript?

I need an RSA key pair for my web project and while there are some libraries I think it would be a good idea to rely on the browser (for security and speed) to generate the key for me. Is it possible to use keygen or something an other browser API to do so? I don't know how to get the keys from keygen. They seem to be generated on submit, but I don't want to send them to the server.

like image 481
nep Avatar asked May 10 '11 14:05

nep


2 Answers

What you are probably looking for is something like Mozilla's DOMCrypt API proposal. It allows you to generate a key pair via window.mozCrypto.pk.generateKeypair() (window.mozCrypto is supposed to change into window.crypto later), you can get the public key and also encrypt or decrypt text with the private key. It will still not grant you direct access to the private key however, you only get a key ID.

Unfortunately, this API isn't supported by any browser yet. There is only a Firefox extension that can be used to test it, so that proposal is still in a very early stage. But I think that's the best you can get at this point.

like image 195
Wladimir Palant Avatar answered Nov 15 '22 10:11

Wladimir Palant


I found this site, talking about generating RSA keys within the browser

like image 38
epoch Avatar answered Nov 15 '22 09:11

epoch