feat: proxy password security - encryption at rest and elevation-gated peek#172
feat: proxy password security - encryption at rest and elevation-gated peek#172miguelAngelo1999 wants to merge 10 commits into
Conversation
|
can you share a test build so that I can see if it works well? |
24a916d to
ad20e75
Compare
…dpoint
- Add AES-GCM encryption for proxy passwords in config.json using a
machine-derived key (Windows MachineGuid + SHA-256 salt)
- Transparently decrypt on Read() and encrypt on Write() so all
existing proxy connections continue to work unchanged
- Add GET /proxies/{id} endpoint that returns the full proxy config
including the decrypted password (used by Flutter after credential
verification)
- Strip passwords from GET /proxies list response so the web dashboard
can no longer expose plaintext credentials
- Backward compatible: plaintext passwords in existing configs are
encrypted on the next write
Companion PR: igoogolx/lux#172
ad20e75 to
fcc3540
Compare
|
@JeromeNelsonC I'm just doing some finishing touches and as soons as its done ill send you the binary. Please test it and tell me your feedback. |
1c35d29 to
8c1ec15
Compare
|
@miguelAngelo1999 I understand you might not want to make a release. but if you could put the installer in this public Gdrive folder, https://drive.google.com/drive/folders/1mm7sTaHvnrmMOjBM1arYFwKhO4ANlXVK, I would appreciate it. I'll the beta testing, if you wish. |
|
If you could address some of my issues too it would be kind. I wanted to add sudoers rule for lux core on first run, I understand Igoogolx concern for not making it that way. But at least for test sake it would help. Also Mail.app doesnt work in mixed mode on macOS. Disabling rules would be nice from ui. |
|
i dropped some files into that folder. PLease share your feedback! @JeromeNelsonC |
|
Oh! Great. Thanks. I will test for sure |
* chore: add device_info_plus dep * fix: elevation not working on macOS-26 * chore: upgrade deps * chore: update CHANGELOG * feat: upgrade core * feat: upgrade core * chore: v1.40.3-beat.0 * ci: upgrade actions/setup-python * ci: setup xcode version * ci: upgrade flutter * chore: v1.40.3-beat.1 * ci: setup xcode version * chore: v1.40.3-beat.2 * ci: upgrade actions * feat: upgrade core * chore: v1.40.3-beat.3 * chore: update CHANGELOG * feat: upgrade core * chore: v1.40.3
…ted reveal - AES-GCM encryption at rest for proxy passwords in config.json - Lock Password: permanently prevent password from being revealed - Unlock/Reset: clear locked password (requires admin verification) - Show Password: admin credential verification before revealing - Web dashboard: lock/reveal/unlock in proxy menu and edit form - Eye icon in password field triggers admin verification flow - Dio localhost proxy bypass for reliable core communication - Direct lux_core process launch for faster startup - Increased timeouts for autoconnect reliability - Updated checksum and CMakeLists SDK paths - i18n support (English + Chinese)
- Encryption at rest (AES-GCM with hardware UUID key) - Auto-encrypt plaintext passwords on startup - Admin elevation via osascript for password peek (Flutter) - chmod 600 config file protection on macOS - Lock password (hides from API, proxy keeps working) - Reset password (wipes + unlocks, forces re-entry) - Elevation bypass script (NOPASSWD sudoers) - Localization strings for all security UI
- Check passwordLocked flag before showing 'no password configured' - Update checksum for lux_core with one-time/timed password backend
8c1ec15 to
eef6846
Compare
|
@JeromeNelsonC Thanks for volunteering to test! Looking forward to your feedback. |
|
The dmg isnt working. it says checksum error |
|
@JeromeNelsonC Sorry about that! The checksum verification was failing on the universal binary. Fixed now — dropping an updated DMG in the folder. |
|
interested in this too. |
|
Me too. |
|
I'm making siginificant changes, for my personal usecase, but if it interests any of you i would apreciate tesing and feedback. I just added things like home/office autodetect. switches to direct when at home. and also detects corporate ssl mitm cert and prompts to intsall. but that has nothing to do with password security, i will create new pr. Added optinos for pasasword type incase corporate admins rewquire to enter password so that it doesnt remain. Let me know if it all works. same gdrive folder cehck the latest file there. mac verison only for now. windows still on the password securty branch. |
|
Thank you very much for your contribution. I’m currently busy with other things, but I’ll review the code as soon as I have time. |
Summary
This PR adds two layers of security for proxy passwords in Lux.
1. Encryption at rest (lux_core)
Proxy passwords in config.json are now encrypted using AES-GCM with a machine-derived key (Windows MachineGuid + SHA-256). The core decrypts on read and encrypts on write transparently — existing connections are unaffected.
The GET /proxies list endpoint now strips passwords from the response, so the web dashboard can no longer expose them.
2. Elevation-gated password peek (Flutter)
A new Show Password option is added to each proxy action menu. Clicking it:
The password is fetched via a new GET /proxies/{id} endpoint which returns the decrypted password.
Flutter changes
lux_core changes (igoogolx/itun2socks - companion PR needed)
Notes