Move clipboard decryption to main process.

Signed-off-by: Anders Kaseorg <[email protected]>

Author: andersk

app/common/typed-ipc.ts

@@ -8,6 +8,7 @@ export type MainMessage = {
   "focus-app": () => void;
   "focus-this-webview": () => void;
   "get-injected-js": () => string;
+  "new-clipboard-key": () => {key: Uint8Array; sig: Uint8Array};
   "permission-callback": (permissionCallbackId: number, grant: boolean) => void;
   "quit-app": () => void;
   "realm-icon-changed": (serverURL: string, iconURL: string) => void;
@@ -28,6 +29,7 @@ export type MainMessage = {
 export type MainCall = {
   "get-server-settings": (domain: string) => ServerConf;
   "is-online": (url: string) => boolean;
+  "poll-clipboard": (key: Uint8Array, sig: Uint8Array) => string | undefined;
   "save-server-icon": (iconURL: string) => string;
 };
 

app/main/index.ts

@@ -1,5 +1,8 @@
+import {clipboard} from "electron/common";
 import type {IpcMainEvent, WebContents} from "electron/main";
 import {BrowserWindow, app, dialog, powerMonitor, session} from "electron/main";
+import {Buffer} from "node:buffer";
+import crypto from "node:crypto";
 import fs from "node:fs";
 import path from "node:path";
 import process from "node:process";
@@ -210,6 +213,42 @@ function createMainWindow(): BrowserWindow {
     );
   });
 
+  const clipboardSigKey = crypto.randomBytes(32);
+
+  ipcMain.on("new-clipboard-key", (event) => {
+    const key = crypto.randomBytes(32);
+    const hmac = crypto.createHmac("sha256", clipboardSigKey);
+    hmac.update(key);
+    event.returnValue = {key, sig: hmac.digest()};
+  });
+
+  ipcMain.handle("poll-clipboard", (event, key, sig) => {
+    // Check that the key was generated here.
+    const hmac = crypto.createHmac("sha256", clipboardSigKey);
+    hmac.update(key);
+    if (!crypto.timingSafeEqual(sig, hmac.digest())) return;
+
+    try {
+      // Check that the data on the clipboard was encrypted to the key.
+      const data = Buffer.from(clipboard.readText(), "hex");
+      const iv = data.slice(0, 12);
+      const ciphertext = data.slice(12, -16);
+      const authTag = data.slice(-16);
+      const decipher = crypto.createDecipheriv("aes-256-gcm", key, iv, {
+        authTagLength: 16,
+      });
+      decipher.setAuthTag(authTag);
+      return (
+        decipher.update(ciphertext, undefined, "utf8") + decipher.final("utf8")
+      );
+    } catch {
+      // If the parsing or decryption failed in any way,
+      // the correct token hasn’t been copied yet; try
+      // again next time.
+      return undefined;
+    }
+  });
+
   AppMenu.setMenu({
     tabs: [],
   });

app/renderer/js/clipboard-decrypter.ts

@@ -1,6 +1,4 @@
-import {clipboard} from "electron/common";
-import {Buffer} from "node:buffer";
-import crypto from "node:crypto";
+import {ipcRenderer} from "./typed-ipc-renderer.js";
 
 // This helper is exposed via electron_bridge for use in the social
 // login flow.
@@ -30,15 +28,16 @@ export class ClipboardDecrypterImpl implements ClipboardDecrypter {
   constructor(_: number) {
     // At this time, the only version is 1.
     this.version = 1;
-    this.key = crypto.randomBytes(32);
+    const {key, sig} = ipcRenderer.sendSync("new-clipboard-key");
+    this.key = key;
     this.pasted = new Promise((resolve) => {
       let interval: NodeJS.Timeout | null = null;
       const startPolling = () => {
         if (interval === null) {
           interval = setInterval(poll, 1000);
         }
 
-        poll();
+        void poll();
       };
 
       const stopPolling = () => {
@@ -48,30 +47,9 @@ export class ClipboardDecrypterImpl implements ClipboardDecrypter {
         }
       };
 
-      const poll = () => {
-        let plaintext;
-
-        try {
-          const data = Buffer.from(clipboard.readText(), "hex");
-          const iv = data.slice(0, 12);
-          const ciphertext = data.slice(12, -16);
-          const authTag = data.slice(-16);
-          const decipher = crypto.createDecipheriv(
-            "aes-256-gcm",
-            this.key,
-            iv,
-            {authTagLength: 16},
-          );
-          decipher.setAuthTag(authTag);
-          plaintext =
-            decipher.update(ciphertext, undefined, "utf8") +
-            decipher.final("utf8");
-        } catch {
-          // If the parsing or decryption failed in any way,
-          // the correct token hasn’t been copied yet; try
-          // again next time.
-          return;
-        }
+      const poll = async () => {
+        const plaintext = await ipcRenderer.invoke("poll-clipboard", key, sig);
+        if (plaintext === undefined) return;
 
         window.removeEventListener("focus", startPolling);
         window.removeEventListener("blur", stopPolling);