refactor: port over the encrypted key exchange and set key from extension

This commit is contained in:
Derrick Hammer 2023-07-21 10:33:44 -04:00
parent 97e083fb21
commit 6fa0d49ce1
Signed by: pcfreak30
GPG Key ID: C997C339BE476FF2
6 changed files with 127 additions and 0 deletions

9
npm-shrinkwrap.json generated
View File

@ -9,6 +9,7 @@
"version": "0.1.0-develop.1",
"dependencies": {
"@lumeweb/libweb": "0.2.0-develop.27",
"@noble/ciphers": "^0.1.4",
"binconv": "^0.2.0"
},
"devDependencies": {
@ -1731,6 +1732,14 @@
"vite-plugin-optimizer": "^1.4.2"
}
},
"node_modules/@noble/ciphers": {
"version": "0.1.4",
"resolved": "https://registry.npmjs.org/@noble/ciphers/-/ciphers-0.1.4.tgz",
"integrity": "sha512-d3ZR8vGSpy3v/nllS+bD/OMN5UZqusWiQqkyj7AwzTnhXFH72pF5oB4Ach6DQ50g5kXxC28LdaYBEpsyv9KOUQ==",
"funding": {
"url": "https://paulmillr.com/funding/"
}
},
"node_modules/@noble/curves": {
"version": "1.1.0",
"resolved": "https://registry.npmjs.org/@noble/curves/-/curves-1.1.0.tgz",

View File

@ -17,6 +17,7 @@
},
"dependencies": {
"@lumeweb/libweb": "0.2.0-develop.27",
"@noble/ciphers": "^0.1.4",
"binconv": "^0.2.0"
}
}

View File

@ -1,4 +1,5 @@
import { boot } from "./kernel.js";
import { handleIncomingMessage } from "./messages.js";
document.title = "Hosted Lume Kernel";
let header = document.createElement("h1");
@ -6,4 +7,6 @@ header.textContent =
"Something went wrong! You should not be visiting this page, this page should only be accessed via an invisible iframe.";
document.body.appendChild(header);
window.addEventListener("message", handleIncomingMessage);
boot();

76
src/messages.ts Normal file
View File

@ -0,0 +1,76 @@
import exchangeCommunicationKeys from "./messages/exchangeCommunicationKeys.js";
import setLoginKey from "./messages/setLoginKey.js";
const kernelMessageHandlers = {
exchangeCommunicationKeys,
setLoginKey,
};
export async function handleIncomingMessage(event: MessageEvent) {
if (event.source === null) {
return;
}
if (event.source === window) {
return;
}
if (!("nonce" in event.data)) {
(event.source as WindowProxy).postMessage(
{
nonce: "N/A",
method: "response",
err: "message sent to kernel with no nonce",
},
event.origin,
);
return;
}
if (!("method" in event.data)) {
(event.source as WindowProxy).postMessage(
{
nonce: event.data.nonce,
method: "response",
err: "message sent to kernel with no method",
},
event.origin,
);
return;
}
if (event.data.method in kernelMessageHandlers) {
let response;
try {
response = await kernelMessageHandlers[event.data.method](
event.data.data,
);
} catch (e: any) {
response = { err: (e as Error).message };
}
(event.source as WindowProxy).postMessage(
{
nonce: event.data.nonce,
data: response,
},
event.origin,
);
return;
}
if (["moduleCall", "response"].includes(event.data.method)) {
return;
}
(event.source as WindowProxy).postMessage(
{
nonce: event.data.nonce,
method: "response",
err:
"unrecognized method (user may need to log in): " + event.data.method,
},
event.origin,
);
return;
}

View File

@ -0,0 +1,12 @@
import { bytesToHex, hexToBytes } from "@lumeweb/libweb";
import {
getCommunicationPubKey,
setFrontendCommunicationPubkey,
} from "../vars.js";
import { log } from "../util.js";
export default function (data: any) {
setFrontendCommunicationPubkey(hexToBytes(data));
return bytesToHex(getCommunicationPubKey());
}

View File

@ -0,0 +1,26 @@
import { secretbox } from "@noble/ciphers/salsa";
import { x25519 } from "@noble/curves/ed25519";
import {
getCommunicationKey,
getFrontendCommunicationPubkey,
setLoginComplete,
} from "../vars.js";
import { saveUserKey } from "../storage.js";
import { hexToBytes } from "@lumeweb/libweb";
export default function (data: any) {
const box = secretbox(
x25519.getSharedSecret(
getCommunicationKey(),
getFrontendCommunicationPubkey(),
),
hexToBytes(data.nonce),
);
const decryptedData = box.open(hexToBytes(data.data));
setLoginComplete(false);
saveUserKey(decryptedData);
return true;
}