0

I'm so sorry for the ambiguous title of this question, i'm not really sure how to phrase this.

I've generated a Public and Private key using SubtleCrypto in NodeJS like so:

const { publicKey, privateKey } = await  subtle.generateKey({
          name: 'RSA-OAEP',
          4096,
          new Uint8Array([1, 0, 1]),
          'SHA-256',
 }, true, ['encrypt', 'decrypt']);

And this works perfectly for one use case:
Public Key to Encrypt, Private Key to Decrypt.

However, the way I wish to implement RSA in my project is as such:

  1. Client asks Server for a Public Key
  2. Client encrypts payload using Public Key
  3. Server decrypts payload using Private Key
  4. Server encrypts response payload using Private Key
  5. Client decrypts response payload using Public Key

When I try to perform Step 4, i encountered this error:

The requested operation is not valid for the provided key

Is there a way to specify that each key could be used for Encrypt & Decrypt?

Also if my implementation is completely wrong, i'm sorry for that.

SunAwtCanvas
  • 1,261
  • 1
  • 13
  • 38

1 Answers1

0

Step 4, as described by you, is a signing operation. Signing is very different from encrypting data. For this to work, both, client and server would need their own keypair:

client: client public key & client private key
server: server public key & server private key
  1. Client uploads its client public key
  2. Client asks server for the server public key
  3. Client encrypts payload using the server public key
  4. Server decrypts payload using the server private key
  5. Server encrypts response payload using client public key
  6. Client decrypts response payload using client private key

Besides the possible huge computational workload of encrypting and decrypting large amount of data using RSA, what is the threat model here and what do you want to achieve? You should be very careful if you really want to deploy this into production, as you seem to be rather inexperienced with this topic (no offense here).

Johnni O.
  • 121
  • 8
  • Hi! Thanks for the answer. Yes I'm actually a bit inexperienced with cryptography, but i'm always keen to learn something new! Regarding the implementation in your answer, It should work! I'll give it a try. Also, what do you mean by "You should be very careful if you really want to deploy this into production", is this implementation not secure? – SunAwtCanvas Jan 25 '22 at 22:27
  • Getting IT-Sec right is not easy. It depends on your threat model and what do you want to achieve. The solution you proposed needs a lot of extra steps for something that http + tls (https) has built in, plus https features authentication out of the box (which is missing in your solution). Depending on the sensitivity of the data you are handeling, talking to someone with experience in it-sec would be beneficial. – Johnni O. Jan 25 '22 at 22:35
  • Thanks! Do u actually have some kind of link for me to read up on all this "Missing things" in my solution? I'm really keen to dig deeper into this. – SunAwtCanvas Jan 25 '22 at 22:48