diff options
| -rw-r--r-- | .gitignore | 4 | ||||
| -rw-r--r-- | html/index.html | 11 | ||||
| -rw-r--r-- | index.ts | 32 | ||||
| -rw-r--r-- | readme.md | 1 |
4 files changed, 34 insertions, 14 deletions
@@ -1,3 +1,5 @@ node_modules/ -/package-lock.json
\ No newline at end of file +/package-lock.json + +certs/
\ No newline at end of file diff --git a/html/index.html b/html/index.html index 4dcc8de..354eb04 100644 --- a/html/index.html +++ b/html/index.html @@ -103,7 +103,10 @@ xhr.setRequestHeader('Content-Type', 'application/json'); xhr.onreadystatechange = function () { if (xhr.readyState == XMLHttpRequest.DONE) { - alert(xhr.responseText); + let dec = (kekw.decrypt(JSON.parse(xhr.responseText).data)); + if (JSON.parse(xhr.responseText).html) { + document.body.innerHTML = dec + } } } let user = document.getElementById('user').value @@ -120,7 +123,8 @@ xhr.setRequestHeader('Content-Type', 'application/json'); xhr.onreadystatechange = function () { if (xhr.readyState == XMLHttpRequest.DONE) { - pub = (xhr.responseText); + pub = kekw.decrypt(JSON.parse(xhr.responseText).data); + return pub } } let out = {} @@ -146,9 +150,10 @@ submit() } }; + let kekw let mypriv, mypub async function load() { - let kekw = await nodersa({ b: 512 }) + kekw = await nodersa({ b: 512 }) mypriv = await kekw.exportKey('pkcs1-private') mypub = await kekw.exportKey('pkcs8-public') console.log(mypub) @@ -1,17 +1,20 @@ import { readFileSync } from "fs" - +var privateKey = readFileSync('certs/selfsigned.key', 'utf8'); +var certificate = readFileSync('certs/selfsigned.crt', 'utf8'); +var http = require('http'); +var https = require('https'); const express = require('express') const app = express() -const port = 8008 +//const port = 8008 const fs = require('fs') const bodyParser = require("body-parser"); app.use(bodyParser.urlencoded({ extended: false })); app.use(bodyParser.json()); const NodeRSA = require('node-rsa'); var ip = require("ip") -function log(m:string){ +function log(m:any){ var date = new Date; - console.log('['+date.getHours()+':'+date.getMinutes()+':'+date.getSeconds()+'] ' + m) + console.log('['+date.getHours()+':'+date.getMinutes()+':'+date.getSeconds()+'] ' + m.toString()) } interface keyring{ [sid: string]: { @@ -22,10 +25,19 @@ interface keyring{ } let keyring = {} as keyring let key:any; -app.listen(port,'0.0.0.0', () => { - - log(`kanna is on http://${ip.address()}:${port} click on me click on me! :3`) + + +//http +var httpServer = http.createServer(app); +var credentials = {key: privateKey, cert: certificate}; +var httpsServer = https.createServer(credentials, app); +httpServer.listen(80,'0.0.0.0', () => { + log(`kanna is on http://${ip.address()} click on me click on me! :3`) +}) +httpsServer.listen(443,'0.0.0.0', () => { + log(`kanna is secure now too!! https://${ip.address()}`) }) +//end app.get('/', (req:any, res:any) => { res.sendFile(__dirname+"/html/index.html") }) @@ -49,7 +61,6 @@ app.post('/pub.key', async (req:{body:{json:boolean,sid:keyof keyring,pub:string keyring[req.body.sid]={mypriv:key.exportKey('pkcs1-private'), mypub:key.exportKey('pkcs8-public'), theirpub:req.body.pub} - console.log(keyring) res.send(key.exportKey('pkcs8-public')) } }) @@ -63,9 +74,10 @@ app.post('/login/submit', async (req:{body:{json:boolean,enc:boolean,data:string let users = JSON.parse(readFileSync('json/user.json').toString()) for(let user of users){ let use=user as typeof users - log(use) if(user.name==dec.user&&user.pass==dec.pass){ - res.send('logged in, hello!') + const skey = new NodeRSA() + skey.importKey(keyring[req.body.sid].theirpub,'pkcs8-public') + res.send(JSON.stringify({data:skey.encrypt('<h1>hello!</h1>','base64'),enc:true,html:true})) } } }) @@ -1,6 +1,7 @@ # kanna security project to learn client and server encryption +create generic keys `openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout ./selfsigned.key -out selfsigned.crt` run `npm i` & `npm start` |