mirror of
https://github.com/keepassxreboot/keepassxc-browser.git
synced 2026-03-11 08:54:43 +00:00
Second draft
This commit is contained in:
parent
8639ab2288
commit
98bc2be845
4 changed files with 24 additions and 13 deletions
|
|
@ -13,7 +13,7 @@ keepass.currentKeePassXC = '';
|
|||
keepass.requiredKeePassXC = '2.3.1';
|
||||
keepass.latestVersionUrl = 'https://api.github.com/repos/keepassxreboot/keepassxc/releases/latest';
|
||||
keepass.cacheTimeout = 30 * 1000; // Milliseconds
|
||||
keepass.databaseHash = '';
|
||||
keepass.databaseHash = ''; // Hash of the active database
|
||||
keepass.previousDatabaseHash = '';
|
||||
keepass.reconnectLoop = null;
|
||||
keepass.protocolV2 = false;
|
||||
|
|
|
|||
|
|
@ -26,7 +26,7 @@ keepassProtocol.associate = async function(tab) {
|
|||
keepass.clearErrorMessage(tab);
|
||||
|
||||
const kpAction = kpActions.ASSOCIATE;
|
||||
const key = nacl.util.encodeBase64(keepass.keyPair.publicKey);
|
||||
const key = protocolClient.getPublicConnectionKey();
|
||||
const nonce = protocolClient.getNonce();
|
||||
const idKeyPair = nacl.box.keyPair();
|
||||
const idKey = nacl.util.encodeBase64(idKeyPair.publicKey);
|
||||
|
|
@ -105,9 +105,9 @@ keepassProtocol.changePublicKeys = async function(tab, enableTimeout = false, co
|
|||
}
|
||||
|
||||
const kpAction = kpActions.CHANGE_PUBLIC_KEYS;
|
||||
const key = nacl.util.encodeBase64(keepass.keyPair.publicKey);
|
||||
const key = protocolClient.getPublicConnectionKey();
|
||||
const [ nonce, incrementedNonce ] = protocolClient.getNonces();
|
||||
keepass.clientID = nacl.util.encodeBase64(nacl.randomBytes(protocolClient.keySize));
|
||||
keepass.clientID = protocolClient.generateClientId();
|
||||
|
||||
const request = {
|
||||
action: kpAction,
|
||||
|
|
|
|||
|
|
@ -15,7 +15,7 @@ protocol.associate = async function(tab, args = []) {
|
|||
keepass.clearErrorMessage(tab);
|
||||
|
||||
const kpAction = kpActions.ASSOCIATE;
|
||||
const key = nacl.util.encodeBase64(keepass.keyPair.publicKey);
|
||||
const key = protocolClient.getPublicConnectionKey();
|
||||
const idKeyPair = nacl.box.keyPair();
|
||||
const idKey = nacl.util.encodeBase64(idKeyPair.publicKey);
|
||||
|
||||
|
|
@ -42,6 +42,7 @@ protocol.associate = async function(tab, args = []) {
|
|||
return AssociatedAction.NOT_ASSOCIATED;
|
||||
};
|
||||
|
||||
// Unencrypted
|
||||
protocol.changePublicKeys = async function(tab, enableTimeout = false, connectionTimeout) {
|
||||
if (!keepass.isConnected) {
|
||||
keepass.handleError(tab, kpErrors.TIMEOUT_OR_NOT_CONNECTED);
|
||||
|
|
@ -49,16 +50,16 @@ protocol.changePublicKeys = async function(tab, enableTimeout = false, connectio
|
|||
}
|
||||
|
||||
const kpAction = kpActions.CHANGE_PUBLIC_KEYS;
|
||||
const key = nacl.util.encodeBase64(keepass.keyPair.publicKey);
|
||||
const [ nonce, incrementedNonce ] = keepassClient.getNonces();
|
||||
keepass.clientID = nacl.util.encodeBase64(nacl.randomBytes(keepassClient.keySize));
|
||||
const key = protocolClient.getPublicConnectionKey();
|
||||
const [ nonce, incrementedNonce ] = protocolClient.getNonces();
|
||||
keepass.clientID = protocolClient.generateClientId();
|
||||
|
||||
const request = {
|
||||
action: kpAction,
|
||||
publicKey: key,
|
||||
nonce: nonce,
|
||||
clientID: keepass.clientID,
|
||||
requestID: keepassClient.getRequestId()
|
||||
requestID: protocolClient.getRequestId()
|
||||
};
|
||||
|
||||
try {
|
||||
|
|
@ -143,7 +144,7 @@ protocol.generatePassword = async function(tab, args = []) {
|
|||
const messageData = {
|
||||
action: kpAction,
|
||||
clientID: keepass.clientID,
|
||||
requestID: keepassClient.getRequestId() // Needed?
|
||||
requestID: protocolClient.getRequestId() // Needed?
|
||||
};
|
||||
|
||||
try {
|
||||
|
|
|
|||
|
|
@ -88,7 +88,8 @@ protocolClient.sendNativeMessage = function(requestAction, request, enableTimeou
|
|||
|
||||
protocolClient.sendMessage = async function(kpAction, tab, messageData, enableTimeout = false, triggerUnlock = false) {
|
||||
const nonce = protocolClient.getNonce();
|
||||
const request = protocolClient.buildRequest(protocolClient.encrypt(messageData, nonce), nonce, keepass.clientID, triggerUnlock);
|
||||
const encryptedMessage = protocolClient.encrypt(messageData, nonce);
|
||||
const request = protocolClient.buildRequest(encryptedMessage, nonce, keepass.clientID, triggerUnlock);
|
||||
const response = await protocolClient.sendNativeMessage(kpAction, request, enableTimeout);
|
||||
const incrementedNonce = keepassClient.incrementedNonce(nonce);
|
||||
|
||||
|
|
@ -110,6 +111,7 @@ protocolClient.buildRequest = function(encryptedMessage, nonce, clientID, trigge
|
|||
return request;
|
||||
};
|
||||
|
||||
// Verifies nonces, decrypts and parses the response
|
||||
protocolClient.handleResponse = function(response, incrementedNonce, tab) {
|
||||
if (response.message && protocolClient.verifyNonce(response, incrementedNonce)) {
|
||||
const res = keepassClient.decrypt(response.message, response.nonce);
|
||||
|
|
@ -130,7 +132,7 @@ protocolClient.handleResponse = function(response, incrementedNonce, tab) {
|
|||
|
||||
protocolClient.verifyNonce = function(response, nonce) {
|
||||
if (!response.nonce) {
|
||||
logError('No nonce in reponse');
|
||||
logError('No nonce in response');
|
||||
return false;
|
||||
}
|
||||
|
||||
|
|
@ -190,6 +192,14 @@ protocolClient.generateNewKeyPair = function() {
|
|||
keepass.keyPair = nacl.box.keyPair();
|
||||
};
|
||||
|
||||
protocolClient.getPublicConnectionKey = function() {
|
||||
return nacl.util.encodeBase64(keepass.keyPair.publicKey);
|
||||
};
|
||||
|
||||
protocolClient.generateClientId = function() {
|
||||
return nacl.util.encodeBase64(nacl.randomBytes(keepassClient.keySize));
|
||||
};
|
||||
|
||||
//--------------------------------------------------------------------------
|
||||
// Encrypt/Decrypt
|
||||
//--------------------------------------------------------------------------
|
||||
|
|
@ -245,7 +255,7 @@ function onDisconnected() {
|
|||
keepass.databaseHash = '';
|
||||
|
||||
page.clearAllLogins();
|
||||
keepass.updatePopup('cross');
|
||||
keepass.updatePopup();
|
||||
keepass.updateDatabaseHashToContent();
|
||||
logError(`Failed to connect: ${(browser.runtime.lastError === null ? 'Unknown error' : browser.runtime.lastError.message)}`);
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in a new issue