poc
This commit is contained in:
parent
f8ef9ee252
commit
00ddc08afd
|
@ -1,4 +1,6 @@
|
|||
import { LoginMessage, Message, MessageType } from './message';
|
||||
import { optionsStorage } from './options-storage';
|
||||
import { decrypt, encrypt } from './crypto';
|
||||
|
||||
const COOKIE_NAME = 'sid';
|
||||
|
||||
|
@ -19,6 +21,13 @@ const handleLogin = async (message: LoginMessage) => {
|
|||
|
||||
console.log(cookie);
|
||||
|
||||
if (cookie) {
|
||||
const opts = await optionsStorage.getAll();
|
||||
const test1 = await encrypt(cookie.value, opts.encryptionPassword);
|
||||
const test2 = await decrypt(test1, opts.encryptionPassword);
|
||||
console.log(opts.encryptionPassword, test1, test2);
|
||||
}
|
||||
|
||||
const url = new URL(message.url);
|
||||
url.pathname = '/game.php';
|
||||
url.searchParams.set('screen', 'overview_villages');
|
||||
|
|
|
@ -0,0 +1,85 @@
|
|||
// https://github.com/bradyjoslin/webcrypto-example/blob/master/script.js
|
||||
|
||||
const ITERATIONS = 100000;
|
||||
|
||||
const enc = new TextEncoder();
|
||||
const dec = new TextDecoder();
|
||||
|
||||
export const encrypt = async (data: string, password: string) => {
|
||||
const salt = crypto.getRandomValues(new Uint8Array(16));
|
||||
const iv = crypto.getRandomValues(new Uint8Array(12));
|
||||
const passwordKey = await getPasswordKey(password);
|
||||
const aesKey = await deriveKey(passwordKey, salt, ['encrypt']);
|
||||
const encryptedContent = await crypto.subtle.encrypt(
|
||||
{
|
||||
name: 'AES-GCM',
|
||||
iv: iv,
|
||||
},
|
||||
aesKey,
|
||||
enc.encode(data)
|
||||
);
|
||||
|
||||
const encryptedContentArr = new Uint8Array(encryptedContent);
|
||||
let buf = new Uint8Array(
|
||||
salt.byteLength + iv.byteLength + encryptedContentArr.byteLength
|
||||
);
|
||||
buf.set(salt, 0);
|
||||
buf.set(iv, salt.byteLength);
|
||||
buf.set(encryptedContentArr, salt.byteLength + iv.byteLength);
|
||||
return bufToBase64(buf);
|
||||
};
|
||||
|
||||
export const decrypt = async (encryptedData: string, password: string) => {
|
||||
const encryptedDataBuff = base64ToBuf(encryptedData);
|
||||
const salt = encryptedDataBuff.slice(0, 16);
|
||||
const iv = encryptedDataBuff.slice(16, 16 + 12);
|
||||
const data = encryptedDataBuff.slice(16 + 12);
|
||||
const passwordKey = await getPasswordKey(password);
|
||||
const aesKey = await deriveKey(passwordKey, salt, ['decrypt']);
|
||||
const decryptedContent = await crypto.subtle.decrypt(
|
||||
{
|
||||
name: 'AES-GCM',
|
||||
iv: iv,
|
||||
},
|
||||
aesKey,
|
||||
data
|
||||
);
|
||||
return dec.decode(decryptedContent);
|
||||
};
|
||||
|
||||
const getPasswordKey = (password: string) => {
|
||||
return crypto.subtle.importKey('raw', enc.encode(password), 'PBKDF2', false, [
|
||||
'deriveKey',
|
||||
]);
|
||||
};
|
||||
|
||||
const deriveKey = (
|
||||
passwordKey: CryptoKey,
|
||||
salt: Uint8Array,
|
||||
keyUsages: KeyUsage[]
|
||||
) => {
|
||||
return crypto.subtle.deriveKey(
|
||||
{
|
||||
name: 'PBKDF2',
|
||||
salt: salt,
|
||||
iterations: ITERATIONS,
|
||||
hash: 'SHA-256',
|
||||
},
|
||||
passwordKey,
|
||||
{ name: 'AES-GCM', length: 256 },
|
||||
false,
|
||||
keyUsages
|
||||
);
|
||||
};
|
||||
|
||||
const bufToBase64 = (buf: Uint8Array) => {
|
||||
let s = '';
|
||||
buf.forEach((c) => {
|
||||
s += String.fromCharCode(c);
|
||||
});
|
||||
return btoa(s);
|
||||
};
|
||||
|
||||
const base64ToBuf = (b64: string) => {
|
||||
return Uint8Array.from(atob(b64), (c) => c.charCodeAt(0));
|
||||
};
|
Loading…
Reference in New Issue