Re: Encrypted Private Key

We're doing the same thing. It's not a standard encrypted key format, but
it is a standard encrypted data format and standard key derivation method.

Charlie

On Tue, Aug 16, 2016 at 12:54 PM, Jason Proctor <jason@mono.hm> wrote:

> hi Peter,
>
> our product implements end to end encryption and protects its private keys
> in a way which might work for you. i use a crypto concept called
> "passphrase based encryption", which isn't implemented directly by
> WebCrypto -- but this is forgiveable, IMHO, as there isn't really a proper
> standard for its details. i couldn't get it to work interoperably, so i
> rolled my own, and now i have 100% compatibility between WebCrypto, Bouncy
> Castle, and OpenSSL.
>
> essentially the private key is protected by a passphrase which is only
> stored in the user's head. this passphrase is digested into a symmetric key
> which is then used to encrypt the serialised form of the private key. the
> encrypted form is then persisted with reasonable safety. on the way back
> out, the user is asked for the passphrase, it's used to decrypt the key
> back into its serialised form, which can then be imported into WebCrypto or
> other crypto packages.
>
> does this make sense? let me know if i can help any further.
>
> regards
> Jason
>
>
>
>
>
> On Tue, Aug 16, 2016 at 7:10 AM, Anders Rundgren <
> anders.rundgren.net@gmail.com> wrote:
>
>> On 2016-08-16 14:09, Peter Bielak, Executive Manager wrote:
>>
>>> Anders thank you for help.
>>>
>>> I need to generate private key on client side so that provider cannot
>>> see this key.
>>>
>>
>> Hi Peter,
>>
>> This is the core problem with this design: the code that generates the
>> key, decrypts the key etc. is supplied by the provider.
>> IMHO, you either trust a service provider or you do not; this is
>> something in between.
>>
>> This issue is probably also a reason to why WebCrypto maybe haven't been
>> the smash hit once anticipated.
>>
>> If you still consider this solution, I would recommend taking a peek in
>> https://pkijs.org/
>> and check if they haven't already implemented something along the lines
>> you request.
>>
>> Anders
>>
>>
>> > That is why I need WebCrypto, I know that I could generate keys on
>> server using OpenSSL etc. and the key needs to be stored in database so the
>> only thing user has to care about is his password, it also needs to be in
>> PKCS#8 PEM format so this key can be used for encryption in Swift on
>> iDevices and in browser.
>>
>>>
>>> One person from StackOverflow figured it out, here's my question:
>>> http://stackoverflow.com/questions/38413391/generate-rsa-key
>>> -pair-using-webcrypto-api-and-protect-it-with-passphrase
>>>
>>> but when using forge JS library it somehow breaks the key and it cannot
>>> be imported as CryptoKey - DOMException error - nothing more
>>> I did this:
>>> my other question: http://stackoverflow.com/quest
>>> ions/38677742/cryptokey-arraybuffer-to-base64-and-back
>>> CryptoKey to base64 and back works but when encrypted using forge and
>>> imported back - DOMException
>>>
>>> Thanks again
>>>
>>>
>>> ---- On Tue, 16 Aug 2016 13:45:32 +0200 *Anders Rundgren <
>>> anders.rundgren.net@gmail.com>*wrote ----
>>>
>>>
>>>     On Aug 16, 2016 12:50, "Peter Bielak, Executive Manager" <
>>> peter@safebash.com <mailto:peter@safebash.com>> wrote:
>>>     >
>>>     > I think the question should have been:
>>>     > How do I generate passphrase protected encrypted private key -
>>> pkcs#8 using WebCrypto API?
>>>     >
>>>
>>>
>>>     It is surely doable but since protected keys is already a part of
>>> WebCrypto there is no direct support for your use-case.
>>>
>>>     I have a feeling you are on the wrong track..
>>>
>>>     anders
>>>
>>>
>>>
>>
>>
>