setting nonce in response payload

2021-04-08 17:36:42 +02:00 · 2021-04-08 17:36:42 +02:00 · c78af7c3ad
parent f9cd0d4e29
commit c78af7c3ad
1 changed files with 11 additions and 6 deletions
--- a/app/scripts/comp/app/browser-extension-connector.js
+++ b/app/scripts/comp/app/browser-extension-connector.js
@ -49,7 +49,10 @@ function decryptRequest(request) {
    const json = new TextDecoder().decode(data);
    const payload = JSON.parse(json);

-    if (payload?.action !== request.action) {
+    if (!payload) {
+        throw new Error('Empty request payload');
+    }
+    if (payload.action !== request.action) {
        throw new Error(`Bad action in decrypted payload`);
    }

@ -57,18 +60,20 @@ function decryptRequest(request) {
 }

 function encryptResponse(request, payload) {
+    const nonceBytes = kdbxweb.ByteUtils.base64ToBytes(request.nonce);
+    incrementNonce(nonceBytes);
+    const nonce = kdbxweb.ByteUtils.bytesToBase64(nonceBytes);
+
    const client = getClient(request);

+    payload.nonce = nonce;
+
    const json = JSON.stringify(payload);
    const data = new TextEncoder().encode(json);

-    let nonce = kdbxweb.ByteUtils.base64ToBytes(request.nonce);
-    incrementNonce(nonce);
-
-    const encrypted = tweetnaclBox(data, nonce, client.publicKey, client.keys.secretKey);
+    const encrypted = tweetnaclBox(data, nonceBytes, client.publicKey, client.keys.secretKey);

    const message = kdbxweb.ByteUtils.bytesToBase64(encrypted);
-    nonce = kdbxweb.ByteUtils.bytesToBase64(nonce);

    return {
        action: request.action,