Home Explore Help
Sign In
miti
/
browser-extension
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: bc3d9b72e4
Branches Tags
browser-exte...
/
background_http_request.js

background_http_request.js 14 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420 
  1. Error.stackTraceLimit = Infinity;
    2. 

  2. 

  3. let urlPublicKeysMap = new Map();
    4. 

  4. // Adapted code from https://stackoverflow.com/questions/36598638/generating-ecdh-keys-in-the-browser-through-webcryptoapi-instead-of-the-browseri
    5. 

  5. const hex2Arr = str => {
    6. 

  6.     if (!str) {
    7. 

  7.         return new Uint8Array()
    8. 

  8.     }
    9. 

  9.     const arr = []
    10. 

  10.     for (let i = 0, len = str.length; i < len; i+=2) {
    11. 

  11.         arr.push(parseInt(str.substr(i, 2), 16))
    12. 

  12.     }
    13. 

  13.     return new Uint8Array(arr)
    14. 

  14. }
    15. 

  15. 

  16. const buf2Hex = buf => {
    17. 

  17.     return Array.from(new Uint8Array(buf))
    18. 

  18.         .map(x => ('00' + x.toString(16)).slice(-2))
    19. 

  19.         .join('')
    20. 

  20. }
    21. 

  21. 

  22. function doVerify(msg1, sigval, pubkey) {
    23. 

  23. 	var curve = "secp256r1";
    24. 

  24. 	let sigalg = "SHA256withECDSA";
    25. 

  25.   var sig = new KJUR.crypto.Signature({"alg": sigalg, "prov": "cryptojs/jsrsa"});
    26. 

  26.   sig.init({xy: pubkey, curve: curve});
    27. 

  27.   sig.updateHex(msg1); // updateHex for non-printable chars (updateString returns invalid signature); updateString if only printable chars.
    28. 

  28.   var result = sig.verify(sigval);
    29. 

  29. 	return result;
    30. 

  30. }
    31. 

  31. 

  32. async function generateOwnKeypairAndDeriveKey(dh_ga_x, dh_ga_y)
    33. 

  33. {
    34. 

  34. 	let alicePublicKey = hex2Arr('04' + dh_ga_x + dh_ga_y);
    35. 

  35. 	try {
    36. 

  36.   		const bobKey = await window.crypto.subtle.generateKey(
    37. 

  37.   		    { name: 'ECDH', namedCurve: 'P-256' },
    38. 

  38.   		    false, // no need to make Bob's private key exportable
    39. 

  39.   		    ['deriveKey', 'deriveBits']);
    40. 

  40. 

  41.   	  const bobPublicKeyExported = await window.crypto.subtle.exportKey('raw', bobKey.publicKey);
    42. 

  42.   		const bobPublicKeyHex = buf2Hex(bobPublicKeyExported);
    43. 

  43. 

  44.   		console.log(`Client's publicKey: ${bobPublicKeyHex}`);
    45. 

  45. 

  46.   		const aliceKeyImported = await window.crypto.subtle.importKey(
    47. 

  47.   				'raw',
    48. 

  48.   				alicePublicKey,
    49. 

  49.   				{ name: 'ECDH', namedCurve: 'P-256'},
    50. 

  50.   				true,
    51. 

  51.   				[]);
    52. 

  52. 

  53.   		const sharedSecret = await window.crypto.subtle.deriveBits(
    54. 

  54.   				{ name: 'ECDH', namedCurve: 'P-256', public: aliceKeyImported },
    55. 

  55.   				bobKey.privateKey,
    56. 

  56.   				256);
    57. 

  57. 

  58.   		const sharedSecretHex = buf2Hex(sharedSecret);
    59. 

  59.   		console.log(`sharedSecret: ${sharedSecretHex}`);
    60. 

  60. 

  61.   		const hashOfSharedSecret = await window.crypto.subtle.digest("SHA-256", sharedSecret);
    62. 

  62.   		console.log("This is the hash" + buf2Hex(hashOfSharedSecret));
    63. 

  63. 

  64.       const ownPublicKeyArray=Array.from(hex2Arr(bobPublicKeyHex).slice(1));
    65. 

  65.       const ownPublicKeyUnreadableString = ownPublicKeyArray.map(x => String.fromCharCode(x)).join('');
    66. 

  66.       const ownPublicKeyBase64=btoa(ownPublicKeyUnreadableString);
    67. 

  67. 

  68.   		return {mitigatorClientPublicKey: ownPublicKeyBase64, mitigatorDerivedKey: hashOfSharedSecret.slice(0, 16)};
    69. 

  69. 

  70.   		// console.log(aes_key_handle);
    71. 

  71.   		// The code below is just for testing that indeed the hash was stored as the aes key. It will fail if the encryptable parameter in importKey (3rd one) is set to false.
    72. 

  72.   		//		const aes_key = await window.crypto.subtle.exportKey(raw, aes_key_handle);
    73. 

  73.   		//		console.log("This is the exported AES key: " + buf2Hex(aes_key));
    74. 

  74. 	}
    75. 

  75. 	catch (err) {
    76. 

  76. 		console.log(err);
    77. 

  77.     return err;
    78. 

  78. 	}
    79. 

  79. }
    80. 

  80. 

  81. async function useDecryptorPublicKeyReturnOwnPublicKey(message) // sender
    82. 

  82. {
    83. 

  83.   // TODO: Lol how d'ya check the URL of the sender (sender["url"]) is the corresponding background JS page?
    84. 

  84.   // Need to compare it to a URL that consists of the extension's ID..
    85. 

  85.   // Background script only ever calls this when this is true, but still checking it anyway.
    86. 

  86.   if(!("decryptorPublicKey" in message))
    87. 

  87.     return {error: "could not find decryptorPublicKey"};
    88. 

  88. 

  89.   decryptorPublicKeyX=message["decryptorPublicKey"]["x"];
    90. 

  90.   decryptorPublicKeyY=message["decryptorPublicKey"]["y"];
    91. 

  91.   let returnValue = await generateOwnKeypairAndDeriveKey(decryptorPublicKeyX, decryptorPublicKeyY);
    92. 

  92.   if(!("mitigatorClientPublicKey" in returnValue) || !("mitigatorDerivedKey" in returnValue))
    93. 

  93.     return {error: "Oh no :( Could not generate the public key or the derived key"};
    94. 

  94.   console.log("And this is the derived key.");
    95. 

  95.   console.log(buf2Hex(returnValue.mitigatorDerivedKey));
    96. 

  96.   return {"ownPublicKeyBase64": returnValue.mitigatorClientPublicKey, "derivedKey": returnValue.mitigatorDerivedKey};
    97. 

  97. }
    98. 

  98. 

  99. /*
    100. 

  100. function recursiveIncrementIV(iv, byteCounter, minByteCounter)
    101. 

  101. {
    102. 

  102.   if(iv[byteCounter] !== 0xff)
    103. 

  103.   {
    104. 

  104.     iv[byteCounter]++;
    105. 

  105.     return {iv: iv};
    106. 

  106.   }
    107. 

  107.   else
    108. 

  108.   {
    109. 

  109.     if(byteCounter === minByteCounter)
    110. 

  110.       return {error: "Reached maximum number of messages. Plz regenerate a new key."};
    111. 

  111.     else
    112. 

  112.       return recursiveIncrementIV(iv, byteCounter-1, minByteCounter);
    113. 

  113.   }
    114. 

  114. }
    115. 

  115. 

  116. function incrementIV(iv)
    117. 

  117. {
    118. 

  118.   return recursiveIncrementIV(iv, 11, 8);
    119. 

  119. }
    120. 

  120. */
    121. 

  121. async function regenerateOwnPublicKey(input)
    122. 

  122. {
    123. 

  123. 	if(!input.decryptorPublicKeyObj && !input.url)
    124. 

  124. 	{
    125. 

  125. 		console.log("No decryptor public key or URL: dont know which website to regenerate own public key, derived key for");
    126. 

  126. 		return {error: "No decryptor public key or URL: dont know which website to regenerate own public key, derived key for"};
    127. 

  127. 	}
    128. 

  128. 	let decryptorPublicKeyObj;
    129. 

  129. 

  130. 	if(input.url)
    131. 

  131. 	{
    132. 

  132. 		returnValue=getDecryptorPublicKeyForUrl(input.url);
    133. 

  133. 		if(returnValue.error)
    134. 

  134. 			return returnValue;
    135. 

  135. 		decryptorPublicKeyObj=returnValue;
    136. 

  136. 	}
    137. 

  137. 	else
    138. 

  138. 		decryptorPublicKeyObj=input.decryptorPublicKeyObj;
    139. 

  139. 

  140. 	returnValue=await useDecryptorPublicKeyReturnOwnPublicKey(decryptorPublicKeyObj);
    141. 

  141. 	console.log(returnValue);
    142. 

  142. 	if(!returnValue.ownPublicKeyBase64 || !returnValue.derivedKey)
    143. 

  143. 	{
    144. 

  144. 		let string3="Could not derive own public key or the derivedkey";
    145. 

  145. 		console.log(string3 + returnValue);
    146. 

  146. 		return {error: string3 + returnValue};
    147. 

  147. 	}
    148. 

  148. 

  149. 	decryptorPublicKeyObj.ownPublicKey=returnValue.ownPublicKeyBase64;
    150. 

  150. 	decryptorPublicKeyObj.derivedKey = returnValue.derivedKey;
    151. 

  151.   let iv=new Uint8Array(12);
    152. 

  152.   window.crypto.getRandomValues(iv);
    153. 

  153.   decryptorPublicKeyObj.iv = iv;
    154. 

  154. 	urlPublicKeysMap.set(input.url, decryptorPublicKeyObj);
    155. 

  155. 	return {success: "Successfully set own public key"};
    156. 

  156. }
    157. 

  157. 

  158. async function processMitigatorPublicKeyHeader(e)
    159. 

  159. {
    160. 

  160. 	const headers=e.responseHeaders;
    161. 

  161. 	const mitigatorHeader = headers.find(function(element) {
    162. 

  162. 		return element.name === "Mitigator-Public-Key";
    163. 

  163. 	});
    164. 

  164. 

  165. 	if(mitigatorHeader === undefined)
    166. 

  166. 	{
    167. 

  167. 		const string="Either Mitigator is not supported or this function is called on headers for other objects fetched along with the webpage.";
    168. 

  168. 		console.log(string);
    169. 

  169. 		return {log: string};
    170. 

  170. 	}
    171. 

  171. 

  172. 		let url;
    173. 

  173. 		if(e.documentUrl === undefined) // user opened a new tab.
    174. 

  174. 			url=e.url;
    175. 

  175. 		else
    176. 

  176. 			url=e.documentUrl;
    177. 

  177. 		url=url.split('/').slice(0, 3).join('/').concat('/');
    178. 

  178. 

  179. 	//urlPublicKeysMap.set(url, undefined);
    180. 

  180. 

  181. 	console.log("Here's the header value:");
    182. 

  182. 	console.log(mitigatorHeader["value"]);
    183. 

  183. 

  184. 	let returnValue = verifyHeaderRetrieveDecryptorPublicKey(mitigatorHeader["value"]);
    185. 

  185. 	if (!returnValue.decryptorPublicKey)
    186. 

  186. 	{
    187. 

  187. 		console.log("Could not find decryptor public key:");
    188. 

  188. 		return {error: "Could not find decryptor public key:"};
    189. 

  189. 	}
    190. 

  190. 	const decryptorPublicKeyObj=returnValue;
    191. 

  191. 	urlPublicKeysMap.set(url, decryptorPublicKeyObj);
    192. 

  192. 

  193. 	returnValue = await regenerateOwnPublicKey({decryptorPublicKeyObj: decryptorPublicKeyObj});
    194. 

  194. 	console.log(returnValue);
    195. 

  195. }
    196. 

  196. 

  197. async function encryptFieldsForUrl(url, fields_array)
    198. 

  198. {
    199. 

  199. 	let returnValue = getDerivedKeyIvForUrl(url);
    200. 

  200. 	if(returnValue.error)
    201. 

  201. 	{
    202. 

  202. 		console.log(returnValue);
    203. 

  203. 		return returnValue;
    204. 

  204. 	}
    205. 

  205. 

  206. 	//console.log("Encrypting");
    207. 

  207. 	const derivedKey=returnValue.derivedKey;
    208. 

  208. 	let iv=returnValue.iv;
    209. 

  209.   let ciphertextArray = [];
    210. 

  210. 

  211.   const algo = {   name: "AES-GCM", iv: iv };
    212. 

  212. 

  213.   const aes_key_handle = await window.crypto.subtle.importKey("raw", derivedKey,
    214. 

  214.       algo,
    215. 

  215.       false, //    true, //whether the key is extractable (i.e. can be used in exportKey)
    216. 

  216.       ["encrypt"] //can "encrypt", "decrypt", "wrapKey", or "unwrapKey"
    217. 

  217.     );
    218. 

  218.   // TODO: Error catching here
    219. 

  219. 

  220.   for (field of fields_array) {
    221. 

  221.     let fieldAscii = new Uint8Array(field.length);
    222. 

  222.     for (let i=0;i<field.length; i++)
    223. 

  223.   	{
    224. 

  224.       fieldAscii[i] = field.charCodeAt(i);
    225. 

  225.     }
    226. 

  226.     console.log("About to encrypt this:");
    227. 

  227.     console.log(field);
    228. 

  228.     console.log("In ASCII:");
    229. 

  229.     console.log(fieldAscii.toString());
    230. 

  230.   	try {
    231. 

  231.       const ciphertextAndTag = await crypto.subtle.encrypt(algo, aes_key_handle, fieldAscii);
    232. 

  232.       const ciphertextAndTagUint8 = new Uint8Array(ciphertextAndTag);
    233. 

  233.       let ciphertext = ciphertextAndTagUint8.slice(0,-16);
    234. 

  234.       let tag = ciphertextAndTagUint8.slice(-16);
    235. 

  235.       let ciphertextIVTag = Array.of(...ciphertext, ...iv, ...tag);
    236. 

  236.       console.log(ciphertextIVTag);
    237. 

  237.       let ciphertextIVTagBase64 = btoa(ciphertextIVTag.map(x => String.fromCharCode(x)).join(''));
    238. 

  238.       console.log(ciphertextIVTagBase64);
    239. 

  239.       ciphertextArray.push(ciphertextIVTagBase64);
    240. 

  240.     }
    241. 

  241.     catch(err)
    242. 

  242.     {
    243. 

  243.       console.log(err);
    244. 

  244.       console.log("Something went wrong when encrypting the fields.");
    245. 

  245.       return {error: "Something went wrong when encrypting the fields."};
    246. 

  246.     }
    247. 

  247.     // To change the IV for each field.
    248. 

  248.     window.crypto.getRandomValues(iv);
    249. 

  249.     returnValue.iv = iv;
    250. 

  250.   }
    251. 

  251.   return {ciphertextFields: ciphertextArray};
    252. 

  252. }
    253. 

  253. 

  254. // TODO: PUT THE CODE BELOW INTO ANOTHER FUNCTION, CALL IT AND THEN CALL THE CONTENT SCRIPT TO SET
    255. 

  255. // DERIVED KEY, OWN PUBLIC KEY, WHICH THEN CALLS BACK TO SET ITS OWN PUBLIC KEY OVER HERE.
    256. 

  256. function verifyHeaderRetrieveDecryptorPublicKey(mitigatorHeaderValue) {
    257. 

  257. 

  258. 	console.log("Verifying header");
    259. 

  259. 	let decryptorLongTermPublicKey = "04e2e1449dece8b8cf759b2f52541a9ff28eee70449cfb67807079b04f6d2a10e36dd1f3735ebfc95e1a7a4162c6eede07a8969bd1ff5850008614325002a882c3";
    260. 

  260. 	//"04
    261. 

  261. 	//950b235cda836f8660885a9aabe5816fc8142c4912bd44f65c278c1749081061
    262. 

  262. 	//abad883ca934f8cc11c6c74205d2c9e55285a5696f075d1440a091e3bd6f0d81";
    263. 

  263. 	// this function does **not** return an array of bytes. It returns a *string* of potentially non-printable characters- it converts the array of bytes into their ASCII representation.
    264. 

  264. 	const decodedData = atob(mitigatorHeaderValue);
    265. 

  265. 

  266. 	// converting it into an array of strings of hex representation of bytes.
    267. 

  267. 	const decodedDataArray = [];
    268. 

  268. 	for (let i = 0; i < decodedData.length; i++) {
    269. 

  269. 		decodedDataArray[i] = decodedData.charCodeAt(i).toString(16).padStart(2, '0');
    270. 

  270. 	}
    271. 

  271. 

  272. 	const signature_r = decodedDataArray.slice(96,128).join('');
    273. 

  273. 	const signature_s = decodedDataArray.slice(128).join('');
    274. 

  274. 	let signature = "30440220";
    275. 

  275. 	signature=signature + signature_r + "0220" + signature_s;
    276. 

  276. 	const signature_data = decodedDataArray.slice(0,96).join('');
    277. 

  277. 

  278. 	const result = doVerify(signature_data, signature, decryptorLongTermPublicKey);
    279. 

  279. 	if(result)
    280. 

  280. 		console.log("Yay dude it works wtf");
    281. 

  281. 	else
    282. 

  282. 	{
    283. 

  283. 		console.log("Damn, dude, it doesn't.");
    284. 

  284. 		// return false;
    285. 

  285. 	}
    286. 

  286. 

  287. 	const verifier_mrenclave = decodedDataArray.slice(64).join('');
    288. 

  288. 	// TODO: Add verifier mrenclave checking code.
    289. 

  289. 	// Extracting public key components in a hex string format.
    290. 

  290. 	const public_key_x=decodedDataArray.slice(0,32).join('');
    291. 

  291. 	const public_key_y=decodedDataArray.slice(32,64).join('');
    292. 

  292. 

  293. 	const urlDecryptorPublicKeyObject = {decryptorPublicKey: {x: public_key_x, y: public_key_y}};
    294. 

  294. 	return urlDecryptorPublicKeyObject;
    295. 

  295. }
    296. 

  296. 

  297. function setMitigatorClientPublicKeyHeader(e) {
    298. 

  298. 	let headers = e.requestHeaders;
    299. 

  299. 	let returnValue = getOwnPublicKeyForUrl(e.url);
    300. 

  300. 	if(returnValue.ownPublicKey)
    301. 

  301. 	{
    302. 

  302. 		let clientHeaderObj={name: "mitigator-client-public-key", value:returnValue["ownPublicKey"] };
    303. 

  303. 		headers.push(clientHeaderObj);
    304. 

  304.     console.log("Setting client's public key");
    305. 

  305. 	}
    306. 

  306. 	else
    307. 

  307. 		console.log(returnValue);
    308. 

  308.   return {requestHeaders: headers};
    309. 

  309. }
    310. 

  310. 

  311. function getDecryptorPublicKeyForUrl(url)
    312. 

  312. {
    313. 

  313. 	const searchUrl = url.split('/').slice(0, 3).join('/').concat('/');
    314. 

  314. 	const hasSearchUrl = urlPublicKeysMap.has(searchUrl);
    315. 

  315. 	let urlPublicKeyObj;
    316. 

  316. 	if(hasSearchUrl)
    317. 

  317. 	{
    318. 

  318. 		urlPublicKeyObj= urlPublicKeysMap.get(searchUrl);
    319. 

  319. 		return {decryptorPublicKey: urlPublicKeyObj["decryptorPublicKey"]};
    320. 

  320. 	}
    321. 

  321. 	else
    322. 

  322. 		return {error: "Could not find this URL"};
    323. 

  323. }
    324. 

  324. /*
    325. 

  325. function setOwnPublicKeyForUrl(url, ownPublicKeyBase64)
    326. 

  326. {
    327. 

  327. 	const searchUrl = url.split('/').slice(0, 3).join('/').concat('/');
    328. 

  328. 	const hasSearchUrl = urlPublicKeysMap.has(searchUrl);
    329. 

  329. 	if(hasSearchUrl)
    330. 

  330. 	{
    331. 

  331. 		let urlPublicKeyObj= urlPublicKeysMap.get(searchUrl);
    332. 

  332. 		urlPublicKeyObj["ownPublicKey"]=ownPublicKeyBase64;
    333. 

  333. 		urlPublicKeysMap.set(searchUrl, urlPublicKeyObj);
    334. 

  334. 		return {success: "Successfully set own public key"};
    335. 

  335. 	}
    336. 

  336. 	else
    337. 

  337. 		return { error: "Could not find this URL"};
    338. 

  338. }
    339. 

  339. */
    340. 

  340. function getOwnPublicKeyForUrl(url)
    341. 

  341. {
    342. 

  342. 	const searchUrl = url.split('/').slice(0, 3).join('/').concat('/');
    343. 

  343. 	const hasSearchUrl = urlPublicKeysMap.has(searchUrl);
    344. 

  344. 	let returnValue;
    345. 

  345. 	if(hasSearchUrl)
    346. 

  346. 	{
    347. 

  347. 		returnValue=urlPublicKeysMap.get(searchUrl);
    348. 

  348. 		if(returnValue.ownPublicKey)
    349. 

  349. 			return {ownPublicKey:returnValue["ownPublicKey"]};
    350. 

  350. 		else {
    351. 

  351. 			return {error: "Own public key has not been set by content script yet."}
    352. 

  352. 		}
    353. 

  353. 	}
    354. 

  354. 	else
    355. 

  355. 		return {error: "Could not find this URL"};
    356. 

  356. }
    357. 

  357. 

  358. function getDerivedKeyIvForUrl(url)
    359. 

  359. {
    360. 

  360. 	const searchUrl = url.split('/').slice(0, 3).join('/').concat('/');
    361. 

  361. 	const hasSearchUrl = urlPublicKeysMap.has(searchUrl);
    362. 

  362. 	let returnValue;
    363. 

  363. 	if(hasSearchUrl)
    364. 

  364. 	{
    365. 

  365. 		returnValue=urlPublicKeysMap.get(searchUrl);
    366. 

  366. 		if(returnValue.derivedKey && returnValue.iv)
    367. 

  367. 			return {derivedKey:returnValue.derivedKey, iv:returnValue.iv};
    368. 

  368. 		else {
    369. 

  369. 			return {error: "Derived key, IV have not been set by content script yet."}
    370. 

  370. 		}
    371. 

  371. 	}
    372. 

  372. 	else
    373. 

  373. 		return {error: "Could not find this URL"};
    374. 

  374. }
    375. 

  375. // from the content script and reply back with the decryptor's public key or to set own public key.
    376. 

  376. 

  377. async function backgroundListener(message)
    378. 

  378. {
    379. 

  379. 	//	if("getDecryptorPublicKey" in message)
    380. 

  380. 	//		return returnValue= getDecryptorPublicKeyForUrl(message["url"]);
    381. 

  381. 

  382. 	//	if("setOwnPublicKey" in message)
    383. 

  383. 	//		return setOwnPublicKeyForUrl(message["url"], message["setOwnPublicKey"]);
    384. 

  384. 	let returnValue; let ownPublicKey;
    385. 

  385. 	if(!message.url)
    386. 

  386. 	{
    387. 

  387. 		returnValue={error: "No URL sent: cant check if Mitigator is supported on the content script site."};
    388. 

  388. 		console.log(returnValue.error);
    389. 

  389. 		return returnValue;
    390. 

  390. 	}
    391. 

  391. 	if(message.regenerateOwnPublicKey) // TODO: Set a home_url property in the url object and if the sent_url and home_url are different, then regenerate.
    392. 

  392. 	{
    393. 

  393. 		returnValue = await regenerateOwnPublicKey({url: message.url});
    394. 

  394. 		console.log(returnValue);
    395. 

  395. 		if(returnValue.error)
    396. 

  396. 			return returnValue;
    397. 

  397. 	}
    398. 

  398. 	if(message.fields)
    399. 

  399. 		returnValue=await encryptFieldsForUrl(message.url, message.fields);
    400. 

  400. 	if(message.getOwnPublicKey)
    401. 

  401. 	{
    402. 

  402. 		ownPublicKey=getOwnPublicKeyForUrl(message.url);
    403. 

  403. 		returnValue.ownPublicKey=ownPublicKey;
    404. 

  404. 	}
    405. 

  405. 	return returnValue;
    406. 

  406. }
    407. 

  407. 

  408. browser.webRequest.onHeadersReceived.addListener(
    409. 

  409.   processMitigatorPublicKeyHeader,
    410. 

  410.   {urls: ["http://*/*"]},
    411. 

  411.   ["responseHeaders"]
    412. 

  412. );
    413. 

  413. 

  414. browser.webRequest.onBeforeSendHeaders.addListener(
    415. 

  415.   setMitigatorClientPublicKeyHeader,
    416. 

  416.   {urls: ["http://*/*"]},
    417. 

  417.   ["blocking", "requestHeaders"]
    418. 

  418. );
    419. 

  419. 

  420. browser.runtime.onMessage.addListener(backgroundListener);
    421.