programmer group

Using RSA to Encrypt Front-end Public Key and Decrypt Back-end Private Key

In the project, users need to encrypt their usernames and passwords when they log in. RSA asymmetric encryption is chosen here. Public key private key: OpenSSL public key private key (Node crypto module restriction) Front end: jsencrypt library encryption Backend: Node crypto module Using OpenSSL to generate public key and private key Linux generates public key and private key commands: Genrsa-out rsa_private_key.pem 1024//Generate 1024-bit private key PKCs 8-topk8-inform PEM-in rsa_private_key.pem-out form PEM-nocrypt//convert RSA...

nullprogram.com

Keyringless GnuPG

My favorite music player is Audacious. It follows the Winamp Classic tradition of not trying to manage my music library. Instead it waits patiently for me to throw files and directories at it. These selections will be informally grouped into transient, disposable playlists of whatever I fancy that day. This matters to me because my music collection is the result of around 25 years of hoarding music files from various sources including CD rips, Napster P2P sharing, and, most recently, YouTube downloads. It’s not well-organized, but it’s...

nullprogram.com

Predictable, Passphrase-Derived PGP Keys

tl;dr: passphrase2pgp. One of my long-term concerns has been losing my core cryptographic keys, or just not having access to them when I need them. I keep my important data backed up, and if that data is private then I store it encrypted. My keys are private, but how am I supposed to encrypt them? The chicken or the egg? The OpenPGP solution is to (optionally) encrypt secret keys using a key derived from a passphrase. GnuPG prompts the user for this passphrase when generating keys and when using secret keys. This protects the keys at rest,...