RSA Key Encryption over TCP

Author: Matt MacDonald
This example requires REBOL/Command
Return to REBOL Cookbook

Here is a small example of setting up RSA encryption over a TCP port connection.

Client Side:

Make a connection to a server that you want to send encrypted data to:

    fileserve: open/lines/no-wait/direct tcp://server-ip:7999

Make a blank RSA key and wait to fill it from the server:

    rsa-key: rsa-make-key
    rsa-key/e: 3
    wait fileserve ; server will send us the key
    rsa-key/n: debase first fileserve ; remote public key

Generate an encrypt/decrypt key for this session and encrypt it using fileserve's public key and send it to fileserve:

    crypt-key: copy/part checksum/secure mold now/precise 16
    enc-crypt-key: rsa-encrypt rsa-key crypt-key
    insert fileserve enbase enc-crypt-key

Server Side:

With client connection already listening (see earlier cookbook examples), generate an RSA key and send the public portion of the key to the client:

    rsa-key: rsa-make-key
    rsa-generate-key rsa-key 1024 3
    insert client enbase rsa-key/n

Get the client's encrypted encryption key:

    wait clients
    crypt-key: debase first last clients

Decrypt it using our private key:

    crypt-key: copy rsa-encrypt/private/decrypt rsa-key crypt-key

From this point on, your code can exchange data using the crypt-key with standard symmetric encryption for encrypting and decrypting data sent between the client and the server.