89b983fa22
We also reduce the optimization level, just in case, but add closure compiler into the mix. Suggested-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
28 lines
858 B
Plaintext
28 lines
858 B
Plaintext
WireGuard Key Generation in JavaScript
|
|
======================================
|
|
|
|
Various people believe in JavaScript crypto, unfortunately. This small
|
|
example helps them fuel their poor taste.
|
|
|
|
It's possible to generate WireGuard keys (and thus configurations) in the
|
|
browser. The webpage here simulates talking to a server to exchange keys
|
|
and then generates a configuration file for the user to download.
|
|
|
|
Bugs
|
|
----
|
|
|
|
Who knows how emscripten actually compiles this and whether or not it
|
|
introduces interesting side-channel attacks.
|
|
|
|
Secrets aren't zerored after use. Maybe you can get around this with
|
|
some tricks taking advantage of browser allocator behavior and different
|
|
processes, but it seems pretty hard.
|
|
|
|
Building
|
|
--------
|
|
|
|
In order to use the example `keygen.html` file, you must first build
|
|
the C sources using emscripten. Simply run:
|
|
|
|
$ make
|