From 316f87b936c589a04e38e31dfa20369487214b97 Mon Sep 17 00:00:00 2001
From: grant-kun <geedub602@gmail.com>
Date: Tue, 4 Oct 2022 09:49:49 -0500
Subject: [PATCH] http(s)

---
 .gitignore      |  4 +++-
 html/index.html | 11 ++++++++---
 index.ts        | 32 ++++++++++++++++++++++----------
 readme.md       |  1 +
 4 files changed, 34 insertions(+), 14 deletions(-)

diff --git a/.gitignore b/.gitignore
index f5279ca..35aebb0 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,5 @@
 node_modules/
 
-/package-lock.json
\ No newline at end of file
+/package-lock.json
+
+certs/
\ No newline at end of file
diff --git a/html/index.html b/html/index.html
index 4dcc8de..354eb04 100644
--- a/html/index.html
+++ b/html/index.html
@@ -103,7 +103,10 @@
             xhr.setRequestHeader('Content-Type', 'application/json');
             xhr.onreadystatechange = function () {
                 if (xhr.readyState == XMLHttpRequest.DONE) {
-                    alert(xhr.responseText);
+                    let dec = (kekw.decrypt(JSON.parse(xhr.responseText).data));
+                    if (JSON.parse(xhr.responseText).html) {
+                        document.body.innerHTML = dec
+                    }
                 }
             }
             let user = document.getElementById('user').value
@@ -120,7 +123,8 @@
             xhr.setRequestHeader('Content-Type', 'application/json');
             xhr.onreadystatechange = function () {
                 if (xhr.readyState == XMLHttpRequest.DONE) {
-                    pub = (xhr.responseText);
+                    pub = kekw.decrypt(JSON.parse(xhr.responseText).data);
+                    return pub
                 }
             }
             let out = {}
@@ -146,9 +150,10 @@
                 submit()
             }
         };
+        let kekw
         let mypriv, mypub
         async function load() {
-            let kekw = await nodersa({ b: 512 })
+            kekw = await nodersa({ b: 512 })
             mypriv = await kekw.exportKey('pkcs1-private')
             mypub = await kekw.exportKey('pkcs8-public')
             console.log(mypub)
diff --git a/index.ts b/index.ts
index fff4e97..81301ee 100644
--- a/index.ts
+++ b/index.ts
@@ -1,17 +1,20 @@
 import { readFileSync } from "fs"
-
+var privateKey  = readFileSync('certs/selfsigned.key', 'utf8');
+var certificate = readFileSync('certs/selfsigned.crt', 'utf8');
+var http = require('http');
+var https = require('https');
 const express = require('express')
 const app = express()
-const port = 8008
+//const port = 8008
 const fs = require('fs')
 const bodyParser = require("body-parser");
 app.use(bodyParser.urlencoded({ extended: false }));
 app.use(bodyParser.json());
 const NodeRSA = require('node-rsa');
 var ip = require("ip")
-function log(m:string){
+function log(m:any){
   var date = new Date;
-  console.log('['+date.getHours()+':'+date.getMinutes()+':'+date.getSeconds()+'] ' + m)
+  console.log('['+date.getHours()+':'+date.getMinutes()+':'+date.getSeconds()+'] ' + m.toString())
 }
 interface keyring{
   [sid: string]: {
@@ -22,10 +25,19 @@ interface keyring{
  }
 let keyring = {} as keyring
 let key:any;
-app.listen(port,'0.0.0.0', () => {
-  
-  log(`kanna is on http://${ip.address()}:${port} click on me click on me! :3`)
+
+
+//http
+var httpServer = http.createServer(app);
+var credentials = {key: privateKey, cert: certificate};
+var httpsServer = https.createServer(credentials, app);
+httpServer.listen(80,'0.0.0.0', () => {
+  log(`kanna is on http://${ip.address()} click on me click on me! :3`)
 })
+httpsServer.listen(443,'0.0.0.0', () => {
+  log(`kanna is secure now too!! https://${ip.address()}`)
+})
+//end
 app.get('/', (req:any, res:any) => {
   res.sendFile(__dirname+"/html/index.html")
 })
@@ -49,7 +61,6 @@ app.post('/pub.key', async (req:{body:{json:boolean,sid:keyof keyring,pub:string
     keyring[req.body.sid]={mypriv:key.exportKey('pkcs1-private'),
     mypub:key.exportKey('pkcs8-public'),
     theirpub:req.body.pub}
-    console.log(keyring)
     res.send(key.exportKey('pkcs8-public'))
   }
 })
@@ -63,9 +74,10 @@ app.post('/login/submit', async (req:{body:{json:boolean,enc:boolean,data:string
   let users = JSON.parse(readFileSync('json/user.json').toString())
   for(let user of users){
     let use=user as typeof users
-    log(use)
     if(user.name==dec.user&&user.pass==dec.pass){
-      res.send('logged in, hello!')
+      const skey = new NodeRSA()
+      skey.importKey(keyring[req.body.sid].theirpub,'pkcs8-public')
+      res.send(JSON.stringify({data:skey.encrypt('<h1>hello!</h1>','base64'),enc:true,html:true}))
     }
   }
 })
diff --git a/readme.md b/readme.md
index d752263..eea4218 100644
--- a/readme.md
+++ b/readme.md
@@ -1,6 +1,7 @@
 # kanna
 
 security project to learn client and server encryption
+create generic keys `openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout ./selfsigned.key -out selfsigned.crt`
 
 run `npm i` & `npm start`