Show HN: I created a web app to encrypt/decrypt messages using Web Crypto API

(webcrypto-private-messages.vercel.app)
33 points thiagosf | 8 comments | 19 Oct 24 22:42 UTC | HN request time: 1.098s | source | bottom
1. random_kris ◴[20 Oct 24 11:02 UTC] No.41894537[source]
Very cool wanted to build something similar myself
replies(1): >>41908509 #
2. Rhapso ◴[21 Oct 24 17:34 UTC] No.41906366[source]
How are the public and private keys generated and stored?
replies(1): >>41907060 #
3. hesus_ruiz ◴[21 Oct 24 18:41 UTC] No.41907060[source]
Generation, signature, verification, and some more crypto operations are performed with the standard browser Crypto APIs (https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypt...).

Storage of the private key is another thing. For a web app it is difficult to acces a hardware-based storage system. So typically it is stored in Localstorage or IndexdedDB, encrypted using a user-provided password. It is possible (but very involved and I have not seen web apps using it) to use WebAuthn for that.

replies(1): >>41908523 #
4. yfw ◴[21 Oct 24 20:21 UTC] No.41908145[source]
I did this a while ago as well for rsa vs aes implementations. https://yifeiwu.github.io/subtlecrypto-demo/
replies(1): >>41908534 #
5. thiagosf ◴[21 Oct 24 21:03 UTC] No.41908509[source]
Nice! You can check my source code and create your implementation!

https://github.com/thiagosf/webcrypto-private-messages

6. thiagosf ◴[21 Oct 24 21:05 UTC] No.41908523{3}[source]
I couldn't explain better, thank you !
7. thiagosf ◴[21 Oct 24 21:06 UTC] No.41908534[source]
That's cool, thanks for sharing it.