Storage of the private key is another thing. For a web app it is difficult to acces a hardware-based storage system. So typically it is stored in Localstorage or IndexdedDB, encrypted using a user-provided password. It is possible (but very involved and I have not seen web apps using it) to use WebAuthn for that.
I did this a while ago as well for rsa vs aes implementations. https://yifeiwu.github.io/subtlecrypto-demo/
That's cool, thanks for sharing it.
nice - have you considered using a websocket to push the message to the receiver instead of when the receiver posts a message back?
Good one! I added some possible future improvements in the Readme.md, I'll add this one too. Thank you
How are the public and private keys generated and stored?
Generation, signature, verification, and some more crypto operations are performed with the standard browser Crypto APIs (https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypt...).
Storage of the private key is another thing. For a web app it is difficult to acces a hardware-based storage system. So typically it is stored in Localstorage or IndexdedDB, encrypted using a user-provided password. It is possible (but very involved and I have not seen web apps using it) to use WebAuthn for that.
I couldn't explain better, thank you !
Very cool wanted to build something similar myself
Nice! You can check my source code and create your implementation!
https://github.com/thiagosf/webcrypto-private-messages