refactor: port over the encrypted key exchange and set key from extension
This commit is contained in:
parent
97e083fb21
commit
6fa0d49ce1
GPG Key ID:
C997C339BE476FF2
|
|
@ -9,6 +9,7 @@
|
|||
"version": "0.1.0-develop.1",
|
||||
"dependencies": {
|
||||
"@lumeweb/libweb": "0.2.0-develop.27",
|
||||
"@noble/ciphers": "^0.1.4",
|
||||
"binconv": "^0.2.0"
|
||||
},
|
||||
"devDependencies": {
|
||||
|
|
@ -1731,6 +1732,14 @@
|
|||
"vite-plugin-optimizer": "^1.4.2"
|
||||
}
|
||||
},
|
||||
"node_modules/@noble/ciphers": {
|
||||
"version": "0.1.4",
|
||||
"resolved": "https://registry.npmjs.org/@noble/ciphers/-/ciphers-0.1.4.tgz",
|
||||
"integrity": "sha512-d3ZR8vGSpy3v/nllS+bD/OMN5UZqusWiQqkyj7AwzTnhXFH72pF5oB4Ach6DQ50g5kXxC28LdaYBEpsyv9KOUQ==",
|
||||
"funding": {
|
||||
"url": "https://paulmillr.com/funding/"
|
||||
}
|
||||
},
|
||||
"node_modules/@noble/curves": {
|
||||
"version": "1.1.0",
|
||||
"resolved": "https://registry.npmjs.org/@noble/curves/-/curves-1.1.0.tgz",
|
||||
|
|
|
|||
|
|
@ -17,6 +17,7 @@
|
|||
},
|
||||
"dependencies": {
|
||||
"@lumeweb/libweb": "0.2.0-develop.27",
|
||||
"@noble/ciphers": "^0.1.4",
|
||||
"binconv": "^0.2.0"
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,4 +1,5 @@
|
|||
import { boot } from "./kernel.js";
|
||||
import { handleIncomingMessage } from "./messages.js";
|
||||
|
||||
document.title = "Hosted Lume Kernel";
|
||||
let header = document.createElement("h1");
|
||||
|
|
@ -6,4 +7,6 @@ header.textContent =
|
|||
"Something went wrong! You should not be visiting this page, this page should only be accessed via an invisible iframe.";
|
||||
document.body.appendChild(header);
|
||||
|
||||
window.addEventListener("message", handleIncomingMessage);
|
||||
|
||||
boot();
|
||||
|
|
|
|||
|
|
@ -0,0 +1,76 @@
|
|||
import exchangeCommunicationKeys from "./messages/exchangeCommunicationKeys.js";
|
||||
import setLoginKey from "./messages/setLoginKey.js";
|
||||
|
||||
const kernelMessageHandlers = {
|
||||
exchangeCommunicationKeys,
|
||||
setLoginKey,
|
||||
};
|
||||
|
||||
export async function handleIncomingMessage(event: MessageEvent) {
|
||||
if (event.source === null) {
|
||||
return;
|
||||
}
|
||||
if (event.source === window) {
|
||||
return;
|
||||
}
|
||||
|
||||
if (!("nonce" in event.data)) {
|
||||
(event.source as WindowProxy).postMessage(
|
||||
{
|
||||
nonce: "N/A",
|
||||
method: "response",
|
||||
err: "message sent to kernel with no nonce",
|
||||
},
|
||||
event.origin,
|
||||
);
|
||||
return;
|
||||
}
|
||||
|
||||
if (!("method" in event.data)) {
|
||||
(event.source as WindowProxy).postMessage(
|
||||
{
|
||||
nonce: event.data.nonce,
|
||||
method: "response",
|
||||
err: "message sent to kernel with no method",
|
||||
},
|
||||
event.origin,
|
||||
);
|
||||
return;
|
||||
}
|
||||
|
||||
if (event.data.method in kernelMessageHandlers) {
|
||||
let response;
|
||||
|
||||
try {
|
||||
response = await kernelMessageHandlers[event.data.method](
|
||||
event.data.data,
|
||||
);
|
||||
} catch (e: any) {
|
||||
response = { err: (e as Error).message };
|
||||
}
|
||||
|
||||
(event.source as WindowProxy).postMessage(
|
||||
{
|
||||
nonce: event.data.nonce,
|
||||
data: response,
|
||||
},
|
||||
event.origin,
|
||||
);
|
||||
return;
|
||||
}
|
||||
|
||||
if (["moduleCall", "response"].includes(event.data.method)) {
|
||||
return;
|
||||
}
|
||||
|
||||
(event.source as WindowProxy).postMessage(
|
||||
{
|
||||
nonce: event.data.nonce,
|
||||
method: "response",
|
||||
err:
|
||||
"unrecognized method (user may need to log in): " + event.data.method,
|
||||
},
|
||||
event.origin,
|
||||
);
|
||||
return;
|
||||
}
|
||||
|
|
@ -0,0 +1,12 @@
|
|||
import { bytesToHex, hexToBytes } from "@lumeweb/libweb";
|
||||
import {
|
||||
getCommunicationPubKey,
|
||||
setFrontendCommunicationPubkey,
|
||||
} from "../vars.js";
|
||||
import { log } from "../util.js";
|
||||
|
||||
export default function (data: any) {
|
||||
setFrontendCommunicationPubkey(hexToBytes(data));
|
||||
|
||||
return bytesToHex(getCommunicationPubKey());
|
||||
}
|
||||
|
|
@ -0,0 +1,26 @@
|
|||
import { secretbox } from "@noble/ciphers/salsa";
|
||||
import { x25519 } from "@noble/curves/ed25519";
|
||||
import {
|
||||
getCommunicationKey,
|
||||
getFrontendCommunicationPubkey,
|
||||
setLoginComplete,
|
||||
} from "../vars.js";
|
||||
import { saveUserKey } from "../storage.js";
|
||||
import { hexToBytes } from "@lumeweb/libweb";
|
||||
|
||||
export default function (data: any) {
|
||||
const box = secretbox(
|
||||
x25519.getSharedSecret(
|
||||
getCommunicationKey(),
|
||||
getFrontendCommunicationPubkey(),
|
||||
),
|
||||
hexToBytes(data.nonce),
|
||||
);
|
||||
const decryptedData = box.open(hexToBytes(data.data));
|
||||
|
||||
setLoginComplete(false);
|
||||
|
||||
saveUserKey(decryptedData);
|
||||
|
||||
return true;
|
||||
}
|
||||
Loading…
Reference in New Issue