wwwtyro/cryptico wwwtyro/cryptico

  • This repository has been archived on 05/Aug/2022
  • Stars
    star
    1,174
  • Rank 39,823 (Top 0.8 %)
  • Language
    JavaScript
  • Created over 12 years ago
  • Updated almost 4 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
wwwtyro/cryptico
github

wwwtyro

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

An easy-to-use encryption system utilizing RSA and AES for javascript.

cryptico

Overview

Generating an RSA key pair & public key string

Sam wants to send Matt an encrypted message. In order to do this, he first needs Matt's public key string. A public key pair can be generated for Matt like this:

// The passphrase used to repeatably generate this RSA key.
var PassPhrase = "The Moon is a Harsh Mistress."; 

// The length of the RSA key, in bits.
var Bits = 1024; 

var MattsRSAkey = cryptico.generateRSAKey(PassPhrase, Bits);

Matt's public key string can then be generated like this:

var MattsPublicKeyString = cryptico.publicKeyString(MattsRSAkey);

and looks like this:

uXjrkGqe5WuS7zsTg6Z9DuS8cXLFz38ue+xrFzxrcQJCXtVccCoUFP2qH/AQ
4qMvxxvqkSYBpRm1R5a4/NdQ5ei8sE8gfZEq7dlcR+gOSv3nnS4/CX1n5Z5m
8bvFPF0lSZnYQ23xlyjXTaNacmV0IuZbqWd4j9LfdAKq5dvDaoE=

Encrypting a message

Matt emails Sam his public key string. Now Sam can encrypt a message for Matt:

var PlainText = "Matt, I need you to help me with my Starcraft strategy.";

var EncryptionResult = cryptico.encrypt(PlainText, MattsPublicKeyString);

EncryptionResult.cipher is the encrypted message, and looks like this:

OOHoAlfm6Viyl7afkUVRoYQv24AfdLnxaay5GjcqpxvEK+dph5kUFZEZIFKo
vVoHoZbtUMekSbMqHQr3wNNpvcNWr4E3DgNLfMZQA1pCAUVmPjNM1ZQmrkKY
HPKvkhmVKaBiYAJGoO/YiFfKnaylLpKOYJZctkZc4wflZcEEqqg=?cJPt71I
HcU5c2LgqGXQKcx2BaAbm25Q2Ku94c933LX5MObL9qbTJEVEv29U0C3gIqcd
qwMV6nl33GtHjyRdHx5fZcon21glUKIbE9P71NwQ=

Decrypting a message

Sam sends his encrypted message to Matt. The message can be decrypted like this:

var CipherText = "OOHoAlfm6Viyl7afkUVRoYQv24AfdLnxaay5GjcqpxvEK+dph5kUFZEZIFKo \
                  vVoHoZbtUMekSbMqHQr3wNNpvcNWr4E3DgNLfMZQA1pCAUVmPjNM1ZQmrkKY \
                  HPKvkhmVKaBiYAJGoO/YiFfKnaylLpKOYJZctkZc4wflZcEEqqg=?cJPt71I \
                  HcU5c2LgqGXQKcx2BaAbm25Q2Ku94c933LX5MObL9qbTJEVEv29U0C3gIqcd \
                  qwMV6nl33GtHjyRdHx5fZcon21glUKIbE9P71NwQ=";

var DecryptionResult = cryptico.decrypt(CipherText, MattsRSAkey);

The decrypted message is in DecryptionResult.plaintext.

Signatures & Public Key IDs

If Sam's RSA key is provided to the cryptico.encrypt function, the message will be signed by him:

var PassPhrase = "There Ain't No Such Thing As A Free Lunch."; 

var SamsRSAkey = cryptico.generateRSAKey(PassPhrase, 1024);

var PlainText = "Matt, I need you to help me with my Starcraft strategy.";

var EncryptionResult = cryptico.encrypt(PlainText, MattsPublicKeyString, SamsRSAkey);

The public key associated with the signature can be used by Matt to make sure that it was sent by Sam, but there are a lot of characters to examine in the key - it would be easy to make a mistake. Instead, the public key string associated with the signature can be processed like this:

var PublicKeyID = cryptico.publicKeyID(EncryptionResult.publickey);

and PublicKeyID would look something like this:

d0bffb0c422dfa3d3d8502040b915248

This shorter key ID can be used to uniquely identify Sam's public key more easily if it must be done manually. Moreover, this key ID can be used by Sam or Matt to make sure they have typed their own passphrases correctly.

API Documentation

RSA Keys

cryptico.generateRSAKey(passphrase, bitlength)

Generates an RSAKey object from a password and bitlength.

passphrase: string from which the RSA key is generated.

bitlength: integer, length of the RSA key (512, 1024, 2048, 4096, 8192).

Returns an RSAKey object.

cryptico.publicKeyString(rsakey)

Returns the public key portion of an RSAKey object in ascii-armored string form, which allows it to be used on websites and in text files without fear of corrupting the public key.

rsakey: An RSAKey object.

Returns an ascii-armored public key string.

cryptico.publicKeyID(publicKeyString)

Returns an MD5 sum of a publicKeyString for easier identification.

publicKeyString: a public key in ascii-armored string form, as generated by the cryptico.publicKeyString function.

Returns an MD5 sum of the public key string.

Encryption

cryptico.encrypt(plaintext, publicKeyString, signingKey)

Encrypts a string with the provided public key. Optionally signs the encrypted string with an RSAKey object.

plaintext: the string to be encrypted.

publicKeyString: The public key string of the recipient.

signingKey: the RSAKey object of the sender.

Returns: status, cipher

status: "success" if encryption succeeded, "failure" if it failed.

cipher: An ascii-armored encrypted message string, optionally signed.

Decryption

cryptico.decrypt(ciphertext, key)

Decrypts an encrypted message with the recipient's RSAKey and verifies the signature, if any.

ciphertext: The encrypted message to be decrypted.

key: The RSAKey object of the recipient.

Returns: status, plaintext, signature, publicKeyString

status: "success" if decryption succeeded, "failure" if it failed. Does not reflect the status of the signature verification.

plaintext: The decrypted message.

signature: "unsigned" if there was no signature, "verified" if it is signed and valid, "forged" if the signature fails verification.

publicKeyString: public key string of the signature (presumably the sender). Returned even if the signature appears to be forged.

Encryption Technical Documentation

Key generation

A hash is generated of the user's passphrase using the SHA256 algorithm found at webtoolkit.info. This hash is used to seed David Bau's seedable random number generator. A (seeded) random RSA key is generated with Tom Wu's RSA key generator with 3 as a hard-coded public exponent.

Encryption

A 32-byte AES key is generated with Tom Wu's random number generator. The plaintext message is converted to a byte string and padded with zeros to 16 bytes round. An initialization vector is created with Tom Wu's random number generator. The AES key is expanded and the plaintext message is encrypted with the Cipher-block chaining mode using the jsaes library. The AES key is encrypted with the recipient's public key using Tom Wu's RSA encryption library.

The encrypted AES key and encrypted message are ascii-armored and concatenated with the "?" character as a delimiter. As an example, here is the result of the phrase "Matt, I need you to help me with my Starcraft strategy." encrypted with the passphrase "The Moon is a Harsh Mistress." used to generate the 1024-bit public key:

EuvU2Ov3gpgM9B1I3VzEgxaAVO/Iy85NARUFZb/h+HrOP72degP0L1fWiHO3
RDm5+kWRaV6oZsn91juJ0L+hrP6BDwlIza9x9DBMEsg3PnOHJENG63RXbu0q
PZd2xDJY70i44sufNqHZ0mui9OdNIeE8FvzEOzMtFGCqDx1Z48s=?K3lOtQC
2w+emoR4W3yvAaslSzTj/ZZIkOu3MNTW8y/OX0OxTKfpsaI6zX6XYrM0MpPr
uw7on1N6VUMpNQO8KUVYl4clquaibKs0marXPFH4=

Signing

When signing the encrypted message, two more pieces of information are attached to the cipher text. The first is the ascii-armored RSA public key of the sender. The second piece of information concatenated with the cipher text is the signature itself, which is generated with the rsa-sign extension by Kenji Urushima, along with the SHA256 algorithm found at webtoolkit.info. These two pieces of code are also used when verifying the signature.

The signature is concatenated with the public key with the string ::52cee64bb3a38f6403386519a39ac91c:: used as the delimiter between the plaintext, the public key of the sender, and the signature:

plaintext
::52cee64bb3a38f6403386519a39ac91c::
public key of sender
::52cee64bb3a38f6403386519a39ac91c::
signature

This concatenated block is then encrypted with CBC AES and concatenated with the encrypted AES key to form the complete encrypted message.

More Repositories

1

glsl-atmosphere

Renders sky colors with Rayleigh and Mie scattering.
GLSL
583
star
2

Astray

A WebGL maze game built with Three.js and Box2dWeb.
JavaScript
503
star
3

space-3d

Quickly generate procedural 3D space scenes in your browser with WebGL
JavaScript
500
star
4

candygraph

Fast by default, flexible 2D plotting library.
TypeScript
434
star
5

badlands

procedural badlands
JavaScript
417
star
6

speck

Browser-based WebGL molecule renderer with the goal of producing figures that are as attractive as they are practical.
JavaScript
397
star
7

vixel

A WebGL voxel path tracer
JavaScript
317
star
8

instanced-lines-demos

This is the source for the demos in my blog post Instanced Line Rendering.
JavaScript
226
star
9

keyzen

A touch typing trainer geared towards programmers and others that need to practice with all the symbols on the keyboard.
JavaScript
195
star
10

sdf-csg

Generate meshes from signed distance functions and constructive solid geometry operations.
JavaScript
178
star
11

dis-gui

An extensible, styleable, & React-based controller library inspired by the venerable dat-gui.
JavaScript
176
star
12

map-tile-lighting-demo

JavaScript
172
star
13

geo-ambient-occlusion

Generates a per-vertex ambient occlusion array for arbitrary meshes.
JavaScript
165
star
14

planet-3d

Procedural 3D planet texture and 2D planet sprite generator.
JavaScript
139
star
15

canvas-video-generator

Capture HTML5 canvas frames and render high quality video with FFMPEG.
JavaScript
137
star
16

space-2d

Fast procedural 2D space scene generation on the GPU.
JavaScript
133
star
17

procedural.js

JavaScript
106
star
18

space-scene-2d

Procedural generator for 2D space scenes.
JavaScript
96
star
19

caffeine

Path tracing demo
JavaScript
95
star
20

astray-2

A real-time WebGL path tracing maze game proof-of-concept
JavaScript
73
star
21

perlin.js

A javascript 1, 2, and 3-dimensional perlin noise generator.
JavaScript
72
star
22

vixel-editor

A javascript & webgl voxel path tracer.
JavaScript
52
star
23

python-ovrsdk

Cross-platform Python wrapper for the Oculus VR SDK C API
Python
49
star
24

three-vr-renderer

VR renderer for THREE.js utilizing the upcoming VR APIs in popular browsers.
JavaScript
43
star
25

rounded-box-figures

TypeScript
38
star
26

rounded-box

Generates a rounded box mesh centered on the origin with configurable dimensions, corner and edge radius, and resolution.
TypeScript
37
star
27

instanced-lines-2

TypeScript
35
star
28

isosurface-generator

A JS generator function that returns a list of vertices describing an isosuface given a density and level.
JavaScript
35
star
29

flameout

JavaScript
33
star
30

proceduro

A collection of procedural generation tools in a desktop application.
JavaScript
31
star
31

regl-atmosphere-envmap

Easily generate an environment map, or skybox, of Earth atmosphere given a 3D vector representing the direction of the sun.
JavaScript
30
star
32

cellophane

A dead simple web terminal that gets all of the boilerplate out of the way and lets you do 100% of your work on the server side and in python.
Python
28
star
33

regl-irradiance-envmap

Easily generate an irradiance environment map from an existing environment map.
JavaScript
27
star
34

nw-ovrsdk-helloworld

A bare-bones example of using node-webkit, THREE.js, and node-ovrsdk to make an Oculus Rift application.
JavaScript
26
star
35

brownie.js

A javascript library for creating and rendering (with THREE.js) voxel objects.
JavaScript
18
star
36

node-ovrsdk

Node FFI wrapper for the 0.3.2 Oculus VR SDK C API
JavaScript
18
star
37

spaceship-2d

Create 2D spaceship diffuse, normal, depth, and position sprites with ambient occlusion through directed evolution.
JavaScript
18
star
38

conway3d.js

Conway's Game of Life, in 3D, in Javascript.
JavaScript
16
star
39

toothless

HTML
16
star
40

trackball-controller

Captures mouse events on an element and translates them to trackball-like motion.
JavaScript
16
star
41

pyrift

Python wrapper for the Oculus Rift SDK
C++
12
star
42

geo-3d-transform-mat4

Transform geometry positions with a 4x4 transformation matrix.
JavaScript
12
star
43

geo-center

Centers vertices around a point.
JavaScript
11
star
44

stackgl-shader-experiment

Generates boilerplate for experimenting with a fragment shader.
JavaScript
10
star
45

webrift

An Oculus Rift websocket server
Python
10
star
46

regl-render-envmap

A simple tool for rendering environment maps with regl.
JavaScript
9
star
47

gl-skybox

Draws a skybox into a 3D scene.
JavaScript
9
star
48

webgpu-prng-example

A WebGPU example demonstrating pseudorandom number generation.
TypeScript
8
star
49

gl-render-cubemap

Renders a scene to a cubemap.
JavaScript
7
star
50

regl-webxr-example

Bare-bones example of using WebXR with regl.
JavaScript
6
star
51

gl-format-compiler-error

Formats a webgl glsl compiler error.
JavaScript
6
star
52

cmdy

A tool for managing your utility scripts. Supports subcommands.
Python
6
star
53

wwwtyro.github.io

HTML
5
star
54

webgl-perlin2d-example

JavaScript
4
star
55

gl-texture-cube

Wraps WebGL's cube texture object.
JavaScript
4
star
56

tumblebluff

JavaScript
3
star
57

AegisLuna

Game entry for pyweek September 2013
Python
3
star
58

latexyt

A clone of the popular Mac OS program latexit for GTK/linux.
Python
3
star
59

simple-pan

JavaScript
2
star
60

game-off-2022-public

My Game Off 2022 Entry, public repo with assets removed.
TypeScript
2
star
61

gl-cubemap-placeholder

Simple debug cubemap generator.
JavaScript
2
star
62

jjviz

JavaScript
2
star
63

geo-convert-position-format

Converts between a few common geometry position formats.
JavaScript
2
star
64

gevent-websocket

Python
2
star
65

kdb-viewer

A simple webgl xyz file renderer for the [KDB](http://theory.cm.utexas.edu/KDB/) project.
JavaScript
2
star
66

geo-identify-position-format

Identifies geometry position format as flat array, array of arrays, typed array, or 1D ndarray.
JavaScript
2
star
67

share

Things I want to share.
Python
1
star
68

tests

JavaScript
1
star
69

juju-status

Compact, no-wrap, colored Juju status.
Python
1
star
70

bins

1
star
71

retired

JavaScript
1
star
72

geogame

JavaScript
1
star
73

layer-freeciv-server

Charm layer for a freeciv server.
Python
1
star
74

k8s-snap-bot-test

Makefile
1
star
75

cdk-cli

A command line utility for performing various tasks related to the management of the Canonical Distribution of Kubernetes.
Python
1
star
76

media

1
star
77

toothless-pkg

Packaging utilities for Toothless
Makefile
1
star
78

widgiverse-editor-demo

Demo for the Widgiverse editor.
1
star