Cypher desktop application written based on the node-webkit platform
The article will discuss the desktop application, based on the node-webkit platform. On Habré there were articles that describe the platform itself: one , two , three . But there are not so many real applications that use this platform. In the beginning I will tell about the application, its tasks and functionality, then I will go to the technical capabilities of the node-webkit platform, which were used in the application. The article is not replete with code inserts, all the code is posted on github. At the end of the article there will be links to all sources of information used.
My goal was to create a full-fledged application using the node-webkit platform. The task of the application is the protection of online correspondence carried out via instant messengers (Skype, Google Talk, etc.). By sending already encrypted information through open channels, you complicate the process of accessing data by a third party. There are many ways to encrypt a message, but the problem is that the key for encryption must be communicated to your interlocutor. Let's say your channel is tapped, and have access to everything that you send and receive. To solve this problem, the application uses the algorithm Deffi-Hellman. About this algorithm already on Habré, here the link . But the most impressive video, which clearly describes how the algorithm works - YouTube . More information about this algorithm can be found in Wikipedia .
')
And so the process can be divided into two parts. The first is the creation of a shared secret key, and the actual encryption of information. Creating a secret key for both partners consists of four consecutive steps. The whole process is built with minimal user involvement so that the secret key does not randomly turn out a la “12345678” or “password”.
The first step is to create a private key; To reduce the likelihood of reading it through a screenshot of the screen or listening to keyboard events, all the keys are generated by the script and the form is closed to the user's eyes. The second step is to create a public key that will need to be sent to your correspondent partner.
The third step is to get your partner's public key. The fourth step is to create a shared secret key, provided that all the previous steps were performed completely and in the right order.
Now we can proceed to the protection of personal correspondence. A friendly interface is implemented for inserting and clearing text fields. From the user, you only need to specify the direction of activity: encryption or decryption. The left margin is used for input, the right one is for output.
To create a visual presentation, I used the BootMetro web framework. In essence, this is a Bootstrap, designed under the Metro style from Windows. I think for the desktop application this style is just in place.
To make the interface more user-friendly and facilitate the process of copying a complex key from form fields, the application uses the clipboard object provided by the node-webkit platform. This object works cross-platform (tested on Ubuntu Linux 12 and Windows 7), but so far it supports only one data type - text.
Now to the more complex. The Daffy-Hellman algorithm is designed in such a way that the greater the number used to create a public key, the less likely it is to be decrypted by a third party in a reasonable time. At the stage of implementation of the algorithm, I was faced with the problem that JavaScript does not support mathematical operations with large numbers. A search in Google led me to the jsbn library by Tom Wu. The author claims that the API of his library works on the same principle as the java.math.BigInteger API in Java. The library not only provided an opportunity to perform mathematical operations on integers of a large dimension, but also included working examples of the implementation of the Daffy-Hellman algorithm and RSA encryption. Having tested the examples, I made a choice: use jsbn to create a secret key.
One of the key features of the node-webkit platform is the use of node.js modules. In order to use this feature, I decided to encrypt information using the crypto module, namely two classes: Cipher and Dechiper. There is enough documentation and live code examples on the Internet, so I don’t give them. The Cipher object supports various encryption algorithms, the list depends on the installed OpenSSL. For example, it could be 'aes192', 'blowfish', etc. Encrypted inofmaciya can be displayed in the form of 'binary', 'base64' or 'hex'. In the presented application, the algorithm 'des-ede3-cbc' is used, and the information is output in the form of 'hex'. So, if you want, you can rebuild the application for yourself from the source, using the method that is closer to you. To do this you will need to download and install the node-webkit platform. The documentation is available describes the process of building and packaging applications from source. There were no problems with using the node.js module in the code. Thanks to the developers of the node-webkit platform for the opportunity to use server-side and client-side JavaScript in one stream.
Cypher does not transfer the secret key, thereby complicating data access to the third party.
The application does not use an internet connection for its work.
Cypher does not store the keys, when you turn off the application, the keys are deleted.
For each session, new keys are used, even if it is not very convenient, but it is safe.
The routine process of creating a secret key.
The need to copy information from the source.
Possible areas of application: the transfer of important information through open channels (keys, passwords, or a description of the area where the treasure is buried).
Testing of the application was conducted in the environment of Linux operating systems Ubuntu 12 and Windows 7. For full testing of the application, you will need two participants, if you do not have such an opportunity, then, when forming the secret key, instead of your partner’s public key, insert your own public key.
Linux
Windows
Information sources:
GitHub Repo Repository
Project page on GitHub Page
Project node-webkit
Daffy-Hellmann algorithm on Wikipedia
YouTube video
Jsbn library
Web framework BootMetro
My goal was to create a full-fledged application using the node-webkit platform. The task of the application is the protection of online correspondence carried out via instant messengers (Skype, Google Talk, etc.). By sending already encrypted information through open channels, you complicate the process of accessing data by a third party. There are many ways to encrypt a message, but the problem is that the key for encryption must be communicated to your interlocutor. Let's say your channel is tapped, and have access to everything that you send and receive. To solve this problem, the application uses the algorithm Deffi-Hellman. About this algorithm already on Habré, here the link . But the most impressive video, which clearly describes how the algorithm works - YouTube . More information about this algorithm can be found in Wikipedia .
')
And so the process can be divided into two parts. The first is the creation of a shared secret key, and the actual encryption of information. Creating a secret key for both partners consists of four consecutive steps. The whole process is built with minimal user involvement so that the secret key does not randomly turn out a la “12345678” or “password”.
The first step is to create a private key; To reduce the likelihood of reading it through a screenshot of the screen or listening to keyboard events, all the keys are generated by the script and the form is closed to the user's eyes. The second step is to create a public key that will need to be sent to your correspondent partner.
The third step is to get your partner's public key. The fourth step is to create a shared secret key, provided that all the previous steps were performed completely and in the right order.
Now we can proceed to the protection of personal correspondence. A friendly interface is implemented for inserting and clearing text fields. From the user, you only need to specify the direction of activity: encryption or decryption. The left margin is used for input, the right one is for output.
Not a lot of technical details.
To create a visual presentation, I used the BootMetro web framework. In essence, this is a Bootstrap, designed under the Metro style from Windows. I think for the desktop application this style is just in place.
To make the interface more user-friendly and facilitate the process of copying a complex key from form fields, the application uses the clipboard object provided by the node-webkit platform. This object works cross-platform (tested on Ubuntu Linux 12 and Windows 7), but so far it supports only one data type - text.
Now to the more complex. The Daffy-Hellman algorithm is designed in such a way that the greater the number used to create a public key, the less likely it is to be decrypted by a third party in a reasonable time. At the stage of implementation of the algorithm, I was faced with the problem that JavaScript does not support mathematical operations with large numbers. A search in Google led me to the jsbn library by Tom Wu. The author claims that the API of his library works on the same principle as the java.math.BigInteger API in Java. The library not only provided an opportunity to perform mathematical operations on integers of a large dimension, but also included working examples of the implementation of the Daffy-Hellman algorithm and RSA encryption. Having tested the examples, I made a choice: use jsbn to create a secret key.
One of the key features of the node-webkit platform is the use of node.js modules. In order to use this feature, I decided to encrypt information using the crypto module, namely two classes: Cipher and Dechiper. There is enough documentation and live code examples on the Internet, so I don’t give them. The Cipher object supports various encryption algorithms, the list depends on the installed OpenSSL. For example, it could be 'aes192', 'blowfish', etc. Encrypted inofmaciya can be displayed in the form of 'binary', 'base64' or 'hex'. In the presented application, the algorithm 'des-ede3-cbc' is used, and the information is output in the form of 'hex'. So, if you want, you can rebuild the application for yourself from the source, using the method that is closer to you. To do this you will need to download and install the node-webkit platform. The documentation is available describes the process of building and packaging applications from source. There were no problems with using the node.js module in the code. Thanks to the developers of the node-webkit platform for the opportunity to use server-side and client-side JavaScript in one stream.
Advantages of the application
Cypher does not transfer the secret key, thereby complicating data access to the third party.
The application does not use an internet connection for its work.
Cypher does not store the keys, when you turn off the application, the keys are deleted.
For each session, new keys are used, even if it is not very convenient, but it is safe.
Cons of the application
The routine process of creating a secret key.
The need to copy information from the source.
Possible areas of application: the transfer of important information through open channels (keys, passwords, or a description of the area where the treasure is buried).
Testing of the application was conducted in the environment of Linux operating systems Ubuntu 12 and Windows 7. For full testing of the application, you will need two participants, if you do not have such an opportunity, then, when forming the secret key, instead of your partner’s public key, insert your own public key.
Link to the application
Linux
Windows
Information sources:
GitHub Repo Repository
Project page on GitHub Page
Project node-webkit
Daffy-Hellmann algorithm on Wikipedia
YouTube video
Jsbn library
Web framework BootMetro
Source: https://habr.com/ru/post/167311/
All Articles