diff --git a/src/pyj/read_book/globals.pyj b/src/pyj/read_book/globals.pyj index 3a70c17906..72cd6e7a69 100644 --- a/src/pyj/read_book/globals.pyj +++ b/src/pyj/read_book/globals.pyj @@ -1,6 +1,8 @@ # vim:fileencoding=utf-8 # License: GPL v3 Copyright: 2016, Kovid Goyal +from aes import GCM + _boss = None def set_boss(b): @@ -10,3 +12,21 @@ def set_boss(b): def get_boss(): return _boss +class Messenger: + + def __init__(self): + self.secret = Uint8Array(64) + + def reset(self): + window.crypto.getRandomValues(self.secret) + self.gcm_to_iframe = GCM(self.secret.subarray(0, 32)) + self.gcm_from_iframe = GCM(self.secret.subarray(32)) + + def encrypt(self, data): + return self.gcm_to_iframe.encrypt(JSON.stringify(data)) + + def decrypt(self, data): + return JSON.parse(self.gcm_from_iframe.decrypt(data)) + +messenger = Messenger() +iframe_id = 'read-book-iframe' diff --git a/src/pyj/read_book/resources.pyj b/src/pyj/read_book/resources.pyj index 00cf524048..9aaa732101 100644 --- a/src/pyj/read_book/resources.pyj +++ b/src/pyj/read_book/resources.pyj @@ -1,7 +1,6 @@ # vim:fileencoding=utf-8 # License: GPL v3 Copyright: 2016, Kovid Goyal -from aes import GCM def decode_component(x): x = str.replace(x,',p', '|') @@ -11,17 +10,6 @@ def decode_url(x): parts = x.split(',,') return decode_component(parts[0]), decode_component(parts[1] or '') -secret = Uint8Array(64) -window.crypto.getRandomValues(secret) -gcm_to_iframe, gcm_from_iframe = GCM(secret.subarray(0, 32)), GCM(secret.subarray(32)) -iframe_id = 'read-book-iframe' - -def encrypt_message(data): - return gcm_to_iframe.encrypt(JSON.stringify(data)) - -def decrypt_message(data): - return JSON.parse(gcm_from_iframe.decrypt(data)) - class Resource: def __init__(self, name, mimetype, data, placeholder, parent): diff --git a/src/pyj/read_book/view.pyj b/src/pyj/read_book/view.pyj index 0acd9eddf0..dd1abf2404 100644 --- a/src/pyj/read_book/view.pyj +++ b/src/pyj/read_book/view.pyj @@ -3,7 +3,8 @@ from elementmaker import E from gettext import gettext as _ -from read_book.resources import ResourceManager, encrypt_message, iframe_id, decrypt_message, secret +from read_book.globals import messenger, iframe_id +from read_book.resources import ResourceManager LOADING_DOC = ''' @@ -59,7 +60,7 @@ class View: def send_message(self, data): if self.encrypted_communications: - data = encrypt_message(data) + data = messenger.encrypt(data) self.iframe.contentWindow.postMessage(data, '*') def handle_message(self, event): @@ -68,7 +69,7 @@ class View: data = event.data if self.encrypted_communications: try: - data = decrypt_message(data) + data = messenger.decrypt(data) except Exception as e: print('Could not process message from iframe:') console.log(e) @@ -80,7 +81,8 @@ class View: print('Unknown action in message from iframe to parent: ' + data.action) def on_iframe_ready(self, data): - self.send_message({'action':'keys', 'secret':secret}) + messenger.reset() + self.send_message({'action':'keys', 'secret':messenger.secret}) self.iframe_ready = True if self.pending_spine_load: self.show_spine_item_stage2()