Commit cddb0ecb authored by Aral Balkan's avatar Aral Balkan
Browse files

Initial re-implementation of authentication

parent 0b8e42d9
import session25519 from 'session25519'
import blake from 'blakejs'
import nacl from 'tweetnacl'
import naclUtil from 'tweetnacl-util'
import sealedBox from 'tweetnacl-sealedbox-js'
let secretPath = null
// Add sealed box functionality to TweetNaCl.
nacl.sealedBox = sealedBox
export async function authenticate (passphrase) {
// Get the encrypted private socket path fragment.
const privateSocketResponse = await fetch('/private-socket')
const privateSocket = await privateSocketResponse.json()
const encryptedPrivateSocketPathFragment = privateSocket.encryptedPrivateSocketPathFragment
console.log(encryptedPrivateSocketPathFragment)
// Regenerate the private key.
// Note: hostname is hardcoded in this example!
const blake2bHashOfHostnameAsSalt = blake.blake2bHex('sign-in.small-web.org')
console.log(blake2bHashOfHostnameAsSalt)
const keys = await generateKeys(blake2bHashOfHostnameAsSalt, passphrase)
console.log(keys)
const publicKeyAsHex = toHex(keys.publicKey)
console.log('public key', publicKeyAsHex)
const sealedBoxOpenResult = nacl.sealedBox.open(hexToUInt8Array(encryptedPrivateSocketPathFragment), keys.publicKey, keys.secretKey)
if (sealedBoxOpenResult === null) {
return null
}
// OK, signed in.
secretPath = naclUtil.encodeUTF8(sealedBoxOpenResult)
console.log('secretPath', secretPath)
return secretPath
}
function generateKeys(blake2bHashOfHostnameAsSalt, passphrase){
return new Promise((resolve, reject) => {
session25519(blake2bHashOfHostnameAsSalt, passphrase, function (error, keys) {
if (error) {
console.log('error', error)
return reject(error)
}
resolve(keys)
})
})
}
// Uint8Array to Hex String
// Author: Michael Fabian 'Xaymar' Dirks
// https://blog.xaymar.com/2020/12/08/fastest-uint8array-to-hex-string-conversion-in-javascript/
// Pre-Init
const LUT_HEX_4b = ['0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F']
const LUT_HEX_8b = new Array(0x100)
for (let n = 0; n < 0x100; n++) {
LUT_HEX_8b[n] = `${LUT_HEX_4b[(n >>> 4) & 0xF]}${LUT_HEX_4b[n & 0xF]}`
}
// End Pre-Init
function toHex(buffer) {
let out = ''
for (let idx = 0, edx = buffer.length; idx < edx; idx++) {
out += LUT_HEX_8b[buffer[idx]]
}
return out
}
// Hex string to Uint8Array
function hexToUInt8Array(string) {
var bytes = new Uint8Array(Math.ceil(string.length / 2));
for (var i = 0; i < bytes.length; i++) bytes[i] = parseInt(string.substr(i * 2, 2), 16);
return bytes
}
......@@ -5,92 +5,3 @@ import Index from './Index.interface'
new Index({
target: document.getElementById('svelte')
})
// let signedIn = false
// let secretPath = null
// // Add sealed box functionality to TweetNaCl.
// nacl.sealedBox = sealedBox
// window.addEventListener('load', async () => {
// const signInForm = document.getElementById('signInForm')
// signInForm.addEventListener('submit', async event => {
// event.preventDefault()
// console.log(signInForm.elements.passphrase.value)
// // Get the encrypted private socket path fragment.
// const privateSocketResponse = await fetch('/private-socket')
// const privateSocket = await privateSocketResponse.json()
// const encryptedPrivateSocketPathFragment = privateSocket.encryptedPrivateSocketPathFragment
// console.log(encryptedPrivateSocketPathFragment)
// const passphrase = signInForm.elements.passphrase.value
// // Regenerate the private key.
// // Note: hostname is hardcoded in this example!
// const blake2bHashOfHostnameAsSalt = blake.blake2bHex('sign-in.small-web.org')
// console.log(blake2bHashOfHostnameAsSalt)
// const keys = await generateKeys(blake2bHashOfHostnameAsSalt, passphrase)
// console.log(keys)
// const publicKeyAsHex = toHex(keys.publicKey)
// console.log('public key', publicKeyAsHex)
// const sealedBoxOpenResult = nacl.sealedBox.open(hexToUInt8Array(encryptedPrivateSocketPathFragment), keys.publicKey, keys.secretKey)
// if (sealedBoxOpenResult === null) {
// alert('Wrong passphrase. Please try again.')
// return
// }
// // OK, signed in.
// secretPath = naclUtil.encodeUTF8(sealedBoxOpenResult)
// console.log('secretPath', secretPath)
// signedIn = true
// showSection('/private')
// })
// })
// function generateKeys(blake2bHashOfHostnameAsSalt, passphrase){
// return new Promise((resolve, reject) => {
// session25519(blake2bHashOfHostnameAsSalt, passphrase, function (error, keys) {
// if (error) {
// console.log('error', error)
// return reject(error)
// }
// resolve(keys)
// })
// })
// }
// // Uint8Array to Hex String
// // Author: Michael Fabian 'Xaymar' Dirks
// // https://blog.xaymar.com/2020/12/08/fastest-uint8array-to-hex-string-conversion-in-javascript/
// // Pre-Init
// const LUT_HEX_4b = ['0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F']
// const LUT_HEX_8b = new Array(0x100)
// for (let n = 0; n < 0x100; n++) {
// LUT_HEX_8b[n] = `${LUT_HEX_4b[(n >>> 4) & 0xF]}${LUT_HEX_4b[n & 0xF]}`
// }
// // End Pre-Init
// function toHex(buffer) {
// let out = ''
// for (let idx = 0, edx = buffer.length; idx < edx; idx++) {
// out += LUT_HEX_8b[buffer[idx]]
// }
// return out
// }
// // Hex string to Uint8Array
// function hexToUInt8Array(string) {
// var bytes = new Uint8Array(Math.ceil(string.length / 2));
// for (var i = 0; i < bytes.length; i++) bytes[i] = parseInt(string.substr(i * 2, 2), 16);
// return bytes
// }
<script>
import session25519 from 'session25519'
import blake from 'blakejs'
import nacl from 'tweetnacl'
import naclUtil from 'tweetnacl-util'
import sealedBox from 'tweetnacl-sealedbox-js'
import { getContext } from 'svelte'
import { state } from '../state.js'
import Section from './Section.interface'
import { authenticate } from '../authentication.js'
const path = '/sign-in'
......@@ -19,10 +14,15 @@
passphraseField.focus()
}
async function handleSignIn () {
const secretPath = await authenticate(passphraseField.value)
alert(`Secret path: ${secretPath}`)
}
</script>
<Section {path} title='Sign in'>
<form id='signInForm' name='signInForm'>
<form on:submit|preventDefault={handleSignIn} id='signInForm' name='signInForm'>
<label for='passphrase'>Password</label>
<input bind:this={passphraseField} name='passphrase' type='password'/>
<button>Sign in</button>
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment