Skip to content
SecureJS: Secure the JavaScript execution in the client device
C C++ Makefile Other
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
ChromeExtension
clientSideApp
encryptionChecker
encryptionGenerator
serverRemoteAttestation
signatureChecker
signatureGenerator
www
README.txt
secureJSDemo.mp4
solutionImplementation.pdf

README.txt

README.txt

Directories:
	- ChromeExtension: contains the extension to be installed in Chrome. It requires some configuration in the .json files.
	- clientSideApp: main application, client side app.
	- encryptionChecker: Tool to decrytp encrypted values with default or new keys.
	- encryptionGenerator: Tool to generate the data (JavaScript code) to be passed to the main client side app in Encryption Mode. It generates a hex encrypted value of the given text. There is a directory with created examples.
	- serverRemoteAttestation: Server code that is able to perform the EPID process for SecureJS.
	- signatureChecker: Tool to verify signature values with default or new keys.
	- signatureGenerator: Tool to generate the data (JavaScript code) to be passed to the main client side app in Signature Mode and also needed in Encryption Mode. It generates a hex signature value of the given text.
	- www: web page example to use SecureJS. Note that the Chrome extension id may change for your installation (Setup testPage.php according to your id). Setup the getData.php to store the data received in the right path.

Extra: All "Enclave" directories require a pem private key in order to sign he code during the building process. This is required by SGX. If you are familiar with SGX you will understand what this key is.

The flow is the following:
	Setup: Build every tool and client and server side app (Makefiles should do the work). Install the Chrome Extension.
	1- Use signatureGenerator and/or encryptionGenerator to create a signature and/or encryption.
	2- Set the values in testPage.php
	3- Surf to to testPage.php
	4- If everything went fine, you should have a data file where you configured getData.php.
	5- Use the signatureChecker and/or encryptionChecker to verify and decrypt the data received.

I will try to put the demo video and a graph of SecureJS architecture.

Sorry for the code not being the prettiest one, the goal was to create a proof of concept that worked :P
You can’t perform that action at this time.