This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
component:data [2021/02/07 09:58] tshaw [Examples] |
component:data [2021/02/07 10:42] (current) tshaw [Examples] |
||
---|---|---|---|
Line 64: | Line 64: | ||
* (The following items are to be done on the RECEIVER) | * (The following items are to be done on the RECEIVER) | ||
* Generate a public key (rPublic) and private key (rPrivate). | * Generate a public key (rPublic) and private key (rPrivate). | ||
- | * *\*If no automated key exchange, then you'll need to send rPublic to the SENDER. | + | * *\*If no automated key exchange, then you'll need to send rPublic to the SENDER manually. |
The SENDER must: | The SENDER must: | ||
- | * Read the RECEIVER's public key (rPublic), unserialize it, and rebuild the key object. | + | * *\*\*Read the RECEIVER's public key (rPublic), unserialize it, and rebuild the key object. |
* Generate a public key (sPublic) and private key (sPrivate). | * Generate a public key (sPublic) and private key (sPrivate). | ||
* *Generate an encryption key using rPublic and sPrivate. | * *Generate an encryption key using rPublic and sPrivate. | ||
* Generate an Initialization Vector (IV). | * Generate an Initialization Vector (IV). | ||
* Convert sPublic into a string with sPublic.serialize(). | * Convert sPublic into a string with sPublic.serialize(). | ||
- | * Serialize the data using the serialization library, then encrypt it using the encryption key and IV. | + | * *\*\*Serialize the data using the serialization library, then encrypt it using the encryption key and IV. |
* Serialize and transmit the message, with sPublic and IV in plain-text. | * Serialize and transmit the message, with sPublic and IV in plain-text. | ||
Line 84: | Line 84: | ||
**NOTE*** In the above, the terms 'encryption key' and 'decryption key' are used. These keys are, byte-for-byte, the same. This is because both keys were generated using the `ecdh()` function. | **NOTE*** In the above, the terms 'encryption key' and 'decryption key' are used. These keys are, byte-for-byte, the same. This is because both keys were generated using the `ecdh()` function. | ||
- | **NOTE**** In the above, it is stated that //you will manually transfer rPublic to SENDER//. This would not be the case in systems that employ a handshake protocol. For example, SENDER would make themselves known to RECEIVER, who will then reply to SENDER with a public key (and possibly additional information, such as key-length). For simplicity, the following examples will not cover the functions of handshake protocols. | + | **NOTE**\** In the above, it is stated that //you will manually transfer rPublic to SENDER//. This would not be the case in systems that employ a handshake protocol. For example, SENDER would make themselves known to RECEIVER, who will then reply to SENDER with a public key (and possibly additional information, such as key-length). For simplicity, the following examples will not cover the functions of handshake protocols. |
+ | |||
+ | **NOTE***** The examples above and below state that you must serialize/unserialize a key or message. In-general, it is good practice to serialize data (especially when in binary format) before you write it to a file, or transfer it on the network. Serialization makes sure that the binary data is 'escaped', making it safe for your script or shell to read. | ||
To send an encrypted message: | To send an encrypted message: |