Unverified Commit d4aeeb6b authored by Aral Balkan's avatar Aral Balkan
Browse files

Removed old key generators, added session25519

parent de8506cb
......@@ -6,35 +6,58 @@
<meta http-equiv='X-UA-Compatible' content='ie=edge'>
<title>Hypha Aspect Setup Spike 1</title>
<link rel='stylesheet' href='style.css'>
<script src='sodium.js'></script>
<script src='keys.js'></script>
<script src='session25519.js'></script>
</head>
<body>
<h1>Hypha Aspect Setup Spike 1</h1>
<form id='passwordForm'>
<fieldset>
<label>Choose a password:</label>
<label for='domain'>Domain</label>
<input type='text' id='domain' value='ar.al'>
</fieldset>
<fieldset>
<label>Choose a strong password (min 6 words):</label>
<input type='text' id='password'>
<button id='submit' type='submit'>Submit</button>
</fieldset>
</form>
<form id='outputForm'>
<label for='salt'>Salt:</label>
<input type='text' id='salt'>
<label for='publicSigningKey'>Public signing key:</label>
<input type='text' id='publicSigningKey'>
<label for='nonce'>Nonce:</label>
<input type='text' id='nonce'>
<label for='privateSigningKey'>Private signing key:</label>
<textarea id='privateSigningKey'></textarea>
<label for='publicKey'>Public key:</label>
<input type='text' id='publicKey'>
<label for='publicEncryptionKey'>Public encryption key:</label>
<input type='text' id='publicEncryptionKey'>
<label for='privateKey'>Private key:</label>
<textarea id='privateKey'></textarea>
<label for='privateEncryptionKey'>Private encryption key:</label>
<textarea id='privateEncryptionKey'></textarea>
</form>
<script>
// From libsodium.
function to_hex(input) {
// Disable input checking for this simple spike.
// input = _any_to_Uint8Array(null, input, "input");
var str = "",
b,
c,
x;
for (var i = 0; i < input.length; i++) {
c = input[i] & 0xf;
b = input[i] >>> 4;
x =
((87 + c + (((c - 10) >> 8) & ~38)) << 8) |
(87 + b + (((b - 10) >> 8) & ~38));
str += String.fromCharCode(x & 0xff) + String.fromCharCode(x >>> 8);
}
return str;
}
// Main
document.addEventListener('DOMContentLoaded', () => {
document.getElementById('password').focus()
......@@ -42,18 +65,21 @@
document.getElementById('passwordForm').addEventListener('submit', (event) => {
const form = event.target
const password = form.elements.password.value
const domain = form.elements.domain.value
const keys = new Keys(password).keysObject
const publicSigningKeyTextField = document.getElementById('publicSigningKey')
const privateSigningKeyTextArea = document.getElementById('privateSigningKey')
const publicEncryptionKeyTextField = document.getElementById('publicEncryptionKey')
const privateEncryptionKeyTextArea = document.getElementById('privateEncryptionKey')
const saltTextField = document.getElementById('salt')
const nonceTextField = document.getElementById('nonce')
const publicKeyTextField = document.getElementById('publicKey')
const privateKeyTextArea = document.getElementById('privateKey')
session25519(domain, password, (error, keys) => {
if (error) { alert(error); return }
saltTextField.value = keys.salt
nonceTextField.value = keys.nonce
publicKeyTextField.value = keys.publicKey
privateKeyTextArea.value = keys.privateKey
publicSigningKeyTextField.value = to_hex(keys.publicSignKey)
privateSigningKeyTextArea.value = to_hex(keys.secretSignKey)
publicEncryptionKeyTextField.value = to_hex(keys.publicKey)
privateEncryptionKeyTextArea.value = to_hex(keys.secretKey)
})
event.preventDefault()
})
......
......@@ -10,8 +10,7 @@ const options = {
const routes = {
'/': 'index.html',
'/style.css': 'style.css',
'/keys.js': 'keys.js',
'/sodium.js': 'sodium.js',
'/session25519.js': 'session25519.js',
'/favicon.ico': 'favicon.ico'
}
......
// const sodium = require('libsodium-wrappers')
class Keys {
/**
* keyLength has been set to 32. This to be able to use the secretbox
* method inside libsodium.
*/
constructor (password = null) {
this.privateKey = null
this.publicKey = null
this.derivedKey = null
this.encryptedPrivateSigningKey = null
this.encryptedPrivateSigningKeyNonce = sodium.randombytes_buf(sodium.crypto_secretbox_NONCEBYTES)
this.derivedKeySettings = {
keyLength: sodium.crypto_box_SEEDBYTES,
opslimit: sodium.crypto_pwhash_OPSLIMIT_MODERATE,
// The memory limit here is set low as this runs in the browser (where
// there is a cap on the amount of heap memory that can be used). To
// compensate, we set the opslimit to the moderate constant value
// defined in the library.
//
// For further information, please see:
// https://github.com/jedisct1/libsodium.js#standard-vs-sumo-version
memlimit: 10777215,
algorithm: sodium.crypto_pwhash_ALG_DEFAULT,
saltBytes: sodium.crypto_pwhash_SALTBYTES,
salt: sodium.randombytes_buf(sodium.crypto_pwhash_SALTBYTES)
}
console.log(`Password is ${password}`)
if (password !== null) {
// If a password is provided, create initialise the object with it.
this.generateSigningKeys()
this.createDerivedKeyFromPassword(password)
this.encryptPrivateSigningKeyWithDerivedKey()
}
}
// Public methods
get keysObject () {
const _keysObject = {
salt: this.stringify(this.derivedKeySettings.salt),
nonce: this.stringify(this.encryptedPrivateSigningKeyNonce),
publicKey: this.stringify(this.publicKey),
privateKey: this.stringify(this.encryptedPrivateSigningKey)
}
return _keysObject
}
// Private methods
generateSigningKeys () {
const keyPair = sodium.crypto_sign_keypair()
this.publicKey = keyPair.publicKey
this.privateKey = keyPair.privateKey
}
createDerivedKeyFromPassword (password) {
this.derivedKey = sodium.crypto_pwhash(this.derivedKeySettings.keyLength, password, this.derivedKeySettings.salt, this.derivedKeySettings.opslimit, this.derivedKeySettings.memlimit, this.derivedKeySettings.algorithm)
}
encryptPrivateSigningKeyWithDerivedKey () {
this.encryptedPrivateSigningKey = sodium.crypto_secretbox_easy(this.privateKey, this.encryptedPrivateSigningKeyNonce, this.derivedKey)
}
decryptPrivateSigningKeyWithDerivedKey () {
this.privateKey = sodium.crypto_secretbox_open_easy(this.encryptedPrivateSigningKey, this.encryptedPrivateSigningKeyNonce, this.derivedKey)
}
signMessage (nonce) {
return sodium.crypto_sign(nonce, this.privateKey)
}
stringify (value) {
return sodium.to_hex(value)
}
parse (value) {
return sodium.from_hex(value)
}
}
This diff is collapsed.
This diff is collapsed.
......@@ -13,7 +13,7 @@ form {
fieldset {
display: grid;
grid-template-columns: 100px 1fr 100px;
grid-template-columns: 200px 1fr 100px;
border: 0;
padding: 0;
margin: 0;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment