From 50d37aa22e670b4d9f8d6068626b28c9ad443304 Mon Sep 17 00:00:00 2001 From: Matias Alejo Garcia Date: Tue, 29 Apr 2014 19:51:49 -0300 Subject: [PATCH] implements authenticated encryption --- bower.json | 1 + config.template.js | 12 +++++++++--- index.html | 1 + js/models/network/WebRTC.js | 37 +++++++++++++++++++++++++++++++++++-- package.json | 3 ++- 5 files changed, 48 insertions(+), 6 deletions(-) diff --git a/bower.json b/bower.json index 950d050b1..ef00f8bc7 100644 --- a/bower.json +++ b/bower.json @@ -15,6 +15,7 @@ "mocha": "~1.18.2", "chai": "~1.9.1", "crypto-js": "http://crypto-js.googlecode.com/files/CryptoJS%20v3.1.2.zip", + "sjcl":"1.0.0", "file-saver": "*" } } diff --git a/config.template.js b/config.template.js index ea2f712b9..e614e7aa8 100644 --- a/config.template.js +++ b/config.template.js @@ -10,12 +10,18 @@ var config = { //port: 10009, //path: '/', // - key: 'g23ihfh82h35rf', - host:'162.242.219.26', + key: 'g23ihfh82h35rf', // api key for the peerjs server + host:'162.242.219.26', // peerjs server port:10009, path: '/', maxPeers: 15, - debug: 3 +// debug: 3, + sjclParams: { + salt: 'cc295e13e14edcc0', // choose your own salt (hex string) + iter:500, + mode:'ccm', + ts:parseInt(64), + } }, limits: { totalCopayers: 10, diff --git a/index.html b/index.html index 1673917ab..3c8820c34 100644 --- a/index.html +++ b/index.html @@ -518,6 +518,7 @@ + diff --git a/js/models/network/WebRTC.js b/js/models/network/WebRTC.js index cff75bb48..e2aa0690d 100644 --- a/js/models/network/WebRTC.js +++ b/js/models/network/WebRTC.js @@ -24,6 +24,12 @@ function Network(opts) { this.debug = opts.debug || 3; this.maxPeers = opts.maxPeers || 10; this.opts = { key: opts.key }; + this.sjclParams = opts.sjclParams || { + salt: 'f28bfb49ef70573c', + iter:500, + mode:'ccm', + ts:parseInt(64), + }; // For using your own peerJs server ['port', 'host', 'path', 'debug'].forEach(function(k) { @@ -152,10 +158,11 @@ Network.prototype._addCopayer = function(copayerId, isInbound) { -Network.prototype._onData = function(data, isInbound, peerId) { +Network.prototype._onData = function(encStr, isInbound, peerId) { var sig, payload; try { + var data = this._decrypt(encStr); payload= JSON.parse(data); } catch (e) { console.log('### ERROR IN DATA: "%s" ', data, isInbound, e); @@ -355,13 +362,39 @@ Network.prototype.getPeer = function() { return this.peer; }; +Network.prototype._encryptFor = function(copayerId, payloadStr) { + var cBits= sjcl.codec.hex.toBits(copayerId); + var pass64= sjcl.codec.base64.fromBits(cBits); + var plainText = sjcl.codec.utf8String.toBits(payloadStr); + var p = this.sjclParams; // auth strength + ct = sjcl.encrypt(pass64, plainText, p);//,p, rp); + var c = JSON.parse(ct); + var toSend = { + iv: c.iv, + ct: c.ct, + }; + return JSON.stringify(toSend); +}; + + +Network.prototype._decrypt = function(encStr) { + var i = JSON.parse(encStr); + for (var k in this.sjclParams) { + i[k] = this.sjclParams[k]; + } + var str= JSON.stringify(i); + var cBits= sjcl.codec.hex.toBits(this.copayerId); + var pass64= sjcl.codec.base64.fromBits(cBits); + var pt = sjcl.decrypt(pass64, str); + return pt; +}; Network.prototype._sendToOne = function(copayerId, payloadStr, sig, cb) { var peerId = this.peerFromCopayer(copayerId); if (peerId !== this.peerId) { var dataConn = this.connections[peerId]; if (dataConn) { - dataConn.send(payloadStr); + dataConn.send(this._encryptFor(copayerId, payloadStr)); } else { console.log('[WebRTC.js.255] WARN: NO CONNECTION TO:', peerId); //TODO diff --git a/package.json b/package.json index fdcbedbfb..5de074274 100644 --- a/package.json +++ b/package.json @@ -18,7 +18,8 @@ "url": "https://github.com/bitpay/copay/issues" }, "scripts": { - "test": "mocha" + "test": "mocha", + "postinstall": "cd lib/sjcl;./configure;make;cp sjcl.js ../" }, "homepage": "https://github.com/bitpay/copay", "devDependencies": {