path: root/contrib/keygen-html/README
diff options
authorJason A. Donenfeld <Jason@zx2c4.com>2017-12-01 13:31:33 +0100
committerJason A. Donenfeld <Jason@zx2c4.com>2017-12-03 15:07:52 +0100
commitbee819f2890f55fedebbc646f6d651d171ce70b2 (patch)
treea7b121f0f34815399b34851ca44614bc8f2e7102 /contrib/keygen-html/README
parentwg: fix removing preshared keys (diff)
contrib: keygen-html for generating keys in the browser
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Diffstat (limited to 'contrib/keygen-html/README')
1 files changed, 19 insertions, 0 deletions
diff --git a/contrib/keygen-html/README b/contrib/keygen-html/README
new file mode 100644
index 0000000..f1c3412
--- /dev/null
+++ b/contrib/keygen-html/README
@@ -0,0 +1,19 @@
+WireGuard Key Generation in JavaScript
+Various people believe in JavaScript crypto, unfortunately. This small
+example helps them fuel their poor taste.
+It's possible to generate WireGuard keys (and thus configurations) in the
+browser. The webpage here simulates talking to a server to exchange keys
+and then generates a configuration file for the user to download.
+Who knows how emscripten actually compiles this and whether or not it
+introduces interesting side-channel attacks.
+Secrets aren't zerored after use. Maybe you can get around this with
+some tricks taking advantage of browser allocator behavior and different
+processes, but it seems pretty hard.