|
Project Information
|
Project home page located at http://cryptico.wwwtyro.net. API DocumentationRSA Keys
cryptico.generateRSAKey(passphrase, bitlength)Generates an RSAKey object from a password and bitlength. Parameters passphrase: string from which the RSA kay is generated. bitlength: integer, length of the RSA key (512, 1024, 2048, 4096, 8192). Returns An RSAKey object.
cryptico.publicKeyString(rsakey)Returns the public key portion of an RSAKey object in ascii-armored string form, which allows it to be used on websites and in text files without fear of corrupting the public key. Parameters rsakey: An RSAKey object. Returns An ascii-armored public key string.
cryptico.publicKeyID(publicKeyString)Returns an MD5 sum of a publicKeyString for easier identification. Parameters publicKeyString: a public key in ascii-armored string form, as generated by the cryptico.publicKeyString function. Returns An MD5 sum of the public key string. Encryption
cryptico.encrypt(plaintext, publicKeyString, signingKey)Encrypts a string with the provided public key. Optionally signs the encrypted string with an RSAKey object. Parameters plaintext: the string to be encrypted.
publicKeyString: The public key string of the recipient. signingKey: the RSAKey object of the sender.Returns {status, cipher} status: "success" if encryption succeeded, "failure" if it failed.
cipher: An ascii-armored encrypted message string, optionally signed. Decryption
cryptico.decrypt(ciphertext, key)Decrypts an encrypted message with the recipient's RSAKey and verifies the signature, if any. Parameters ciphertext: The encrypted message to be decrypted.
key: The RSAKey object of the recipient. Returns {status, plaintext, signature, publicKeyString} status: "success" if decryption succeeded, "failure" if it failed. Does not reflect the status of the signature verification. plaintext: The decrypted message.
signature: "unsigned" if there was no signature, "verified" if it is signed and valid, "forged" if the signature fails verification. publicKeyString: public key string of the signature (presumably the sender). Returned even if the signature appears to be forged. Encryption Technical DocumentationKey generationA hash is generated of the user's passphrase using the SHA256 algorithm found at webtoolkit.info. This hash is used to seed David Bau's seedable random number generator. A (seeded) random RSA key is generated with Tom Wu's RSA key generator with 3 as a hard-coded public exponent. EncryptionA 32-byte AES key is generated with Tom Wu's random number generator. The plaintext message is converted to a byte string and padded with zeros to 16 bytes round. An initialization vector is created with Tom Wu's random number generator. The AES key is expanded and the plaintext message is encrypted with the Cipher-block chaining mode using the jsaes library. The AES key is encrypted with the recipient's public key using Tom Wu's RSA encryption library. The encrypted AES key and encrypted message are ascii-armored and concatenated with the "?" character as a delimiter. As an example, here is the result of the phrase "Matt, I need you to help me with my Starcraft strategy." encrypted with the passphrase "The Moon is a Harsh Mistress." used to generate the 1024-bit public key: SigningWhen signing the encrypted message, two more pieces of information are attached to the cipher text. The first is the ascii-armored RSA public key of the sender. The second piece of information concatenated with the cipher text is the signature itself, which is generated with the rsa-sign extension by Kenji Urushima, along with the SHA256 algorithm found at webtoolkit.info. These two pieces of code are also used when verifying the signature. The signature is concatenated with the public key with the string ::52cee64bb3a38f6403386519a39ac91c:: used as the delimiter between the plaintext, the public key of the sender, and the signature: This concatenated block is then encrypted with CBC AES and concatenated with the encrypted AES key to form the complete encrypted message. |
|