←back to thread

Show HN: I created a web app to encrypt/decrypt messages using Web Crypto API

(webcrypto-private-messages.vercel.app)
33 points thiagosf | 3 comments | 19 Oct 24 22:42 UTC | HN request time: 0s | source
1. Rhapso ◴[21 Oct 24 17:34 UTC] No.41906366[source]
How are the public and private keys generated and stored?
replies(1): >>41907060 #
2. hesus_ruiz ◴[21 Oct 24 18:41 UTC] No.41907060[source]
Generation, signature, verification, and some more crypto operations are performed with the standard browser Crypto APIs (https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypt...).

Storage of the private key is another thing. For a web app it is difficult to acces a hardware-based storage system. So typically it is stored in Localstorage or IndexdedDB, encrypted using a user-provided password. It is possible (but very involved and I have not seen web apps using it) to use WebAuthn for that.

replies(1): >>41908523 #
3. thiagosf ◴[21 Oct 24 21:05 UTC] No.41908523[source]
I couldn't explain better, thank you !