Use new key sharing scheme and address points 1, 3, and 4 from https://github.com/cs01/termpair/issues/36#issue-907434506. I know I said I wasn't going to work on this, but it seemed like a fun challenge to get it all working, and I got to learn some things along the way.
Different keys used in different directions
AES GCM IV nonces now use distinct, monotonically increasing counters in the sharing terminal and browser.
For each session, the terminal client creates an AES key to encrypt data from terminal and another to encrypt from browsers. All browsers for that session use the same key to encrypt (until rotated, see next bullet). Each browser window gets its own number space to monotonically increase the nonce until its exhausted, then request a key rotation from the broadcasting terminal.
Keys rotated. I chose what I thought was a (very) conservative number of encryptions to rotate after, 2^20 or ~1 million (see message_count_rotation_required). I can also switch from 128 bit keys to 256 if necessary since I saw a key rotation is recommended after 2^32 when using 256 bit keys.
Secret keys retrieved by browsers via RSA public key rather than embedding in the URL. Each browser window creates a new RSA key pair using the subtle crypto API at initialization time, requests the AES keys and passes the pk along with the request, and receives back the AES keys encrypted with the pk (and a random salt because I thought there might be a way to take two messages that different only by their public keys and derive the rest of the message?).
Updated documentation to reflect the changes
Test plan
Tested by running
make build_frontend
nox -s serve
# in new terminal
nox -s share
Would appreciate any input from @colmmacc or @ignoramous if you have the time. I realize it's a big PR so feel free to ask questions, I'm happy to answer any.
CHANGELOG.mdSummary of changes
Use new key sharing scheme and address points 1, 3, and 4 from https://github.com/cs01/termpair/issues/36#issue-907434506. I know I said I wasn't going to work on this, but it seemed like a fun challenge to get it all working, and I got to learn some things along the way.
message_count_rotation_required). I can also switch from 128 bit keys to 256 if necessary since I saw a key rotation is recommended after 2^32 when using 256 bit keys.Test plan
Tested by running
Would appreciate any input from @colmmacc or @ignoramous if you have the time. I realize it's a big PR so feel free to ask questions, I'm happy to answer any.
closes #36