fix issues
This commit is contained in:
parent
538f52c815
commit
98b44d0681
|
@ -7,9 +7,7 @@ import { useRouter } from 'next/router';
|
|||
import SubmitButton from 'components/SubmitButton';
|
||||
import {
|
||||
generateAndSaveIntermediateKeyAttributes,
|
||||
generateKeyAttributes,
|
||||
generateLoginSubKey,
|
||||
generateSRPSetupAttributes,
|
||||
generateKeyAndSRPAttributes,
|
||||
isWeakPassword,
|
||||
saveKeyInSessionStore,
|
||||
} from 'utils/crypto';
|
||||
|
@ -79,18 +77,8 @@ export default function SignUp(props: SignUpProps) {
|
|||
throw e;
|
||||
}
|
||||
try {
|
||||
const { keyAttributes, masterKey } =
|
||||
await generateKeyAttributes(passphrase);
|
||||
|
||||
const loginSubKey = await generateLoginSubKey(
|
||||
passphrase,
|
||||
keyAttributes.kekSalt,
|
||||
keyAttributes.memLimit,
|
||||
keyAttributes.opsLimit
|
||||
);
|
||||
const srpSetupAttributes = await generateSRPSetupAttributes(
|
||||
loginSubKey
|
||||
);
|
||||
const { keyAttributes, masterKey, srpSetupAttributes } =
|
||||
await generateKeyAndSRPAttributes(passphrase);
|
||||
|
||||
setData(LS_KEYS.ORIGINAL_KEY_ATTRIBUTES, keyAttributes);
|
||||
setData(LS_KEYS.SRP_SETUP_ATTRIBUTES, srpSetupAttributes);
|
||||
|
|
|
@ -69,12 +69,7 @@ export default function ChangePassword() {
|
|||
memLimit: kek.memLimit,
|
||||
};
|
||||
|
||||
const loginSubKey = await generateLoginSubKey(
|
||||
passphrase,
|
||||
updatedKey.kekSalt,
|
||||
updatedKey.opsLimit,
|
||||
updatedKey.memLimit
|
||||
);
|
||||
const loginSubKey = await generateLoginSubKey(kek.key);
|
||||
|
||||
const { srpUserID, srpSalt, srpVerifier } =
|
||||
await generateSRPSetupAttributes(loginSubKey);
|
||||
|
|
|
@ -95,19 +95,20 @@ export default function Verify() {
|
|||
if (keyAttributes) {
|
||||
setData(LS_KEYS.KEY_ATTRIBUTES, keyAttributes);
|
||||
setData(LS_KEYS.ORIGINAL_KEY_ATTRIBUTES, keyAttributes);
|
||||
} else if (getData(LS_KEYS.ORIGINAL_KEY_ATTRIBUTES)) {
|
||||
} else {
|
||||
if (getData(LS_KEYS.ORIGINAL_KEY_ATTRIBUTES)) {
|
||||
await putAttributes(
|
||||
token,
|
||||
getData(LS_KEYS.ORIGINAL_KEY_ATTRIBUTES)
|
||||
);
|
||||
}
|
||||
|
||||
if (getData(LS_KEYS.SRP_SETUP_ATTRIBUTES)) {
|
||||
const srpSetupAttributes: SRPSetupAttributes = getData(
|
||||
LS_KEYS.SRP_SETUP_ATTRIBUTES
|
||||
);
|
||||
await configureSRP(srpSetupAttributes);
|
||||
}
|
||||
}
|
||||
clearFiles();
|
||||
setIsFirstLogin(true);
|
||||
if (keyAttributes?.encryptedKey) {
|
||||
|
|
|
@ -33,6 +33,7 @@ import {
|
|||
SRPAttributes,
|
||||
UpdateSRPAndKeysRequest,
|
||||
UpdateSRPAndKeysResponse,
|
||||
GetSRPAttributesResponse,
|
||||
} from 'types/user';
|
||||
import { ServerErrorCodes } from 'utils/error';
|
||||
import isElectron from 'is-electron';
|
||||
|
@ -46,6 +47,7 @@ import { addLocalLog } from 'utils/logging';
|
|||
import { setUserSRPSetupPending } from 'utils/storage';
|
||||
import { convertBase64ToBuffer, convertBufferToBase64 } from 'utils/user';
|
||||
import { setLocalMapEnabled } from 'utils/storage';
|
||||
import ComlinkCryptoWorker from 'utils/comlink/ComlinkCryptoWorker';
|
||||
|
||||
const ENDPOINT = getEndpoint();
|
||||
|
||||
|
@ -486,7 +488,7 @@ export const getSRPAttributes = async (email: string) => {
|
|||
const resp = await HTTPService.get(`${ENDPOINT}/users/srp/attributes`, {
|
||||
email,
|
||||
});
|
||||
return resp.data as SRPAttributes;
|
||||
return (resp.data as GetSRPAttributesResponse).attributes;
|
||||
} catch (e) {
|
||||
if (e.status?.toString() === ServerErrorCodes.NOT_FOUND) {
|
||||
return null;
|
||||
|
@ -613,12 +615,16 @@ export const loginViaSRP = async (
|
|||
passphrase: string
|
||||
) => {
|
||||
try {
|
||||
const loginSubKey = await generateLoginSubKey(
|
||||
const cryptoWorker = await ComlinkCryptoWorker.getInstance();
|
||||
|
||||
const kek = await cryptoWorker.deriveKey(
|
||||
passphrase,
|
||||
srpAttributes.kekSalt,
|
||||
srpAttributes.memLimit,
|
||||
srpAttributes.opsLimit
|
||||
srpAttributes.opsLimit,
|
||||
srpAttributes.memLimit
|
||||
);
|
||||
|
||||
const loginSubKey = await generateLoginSubKey(kek);
|
||||
const srpClient = await generateSRPClient(
|
||||
srpAttributes.srpSalt,
|
||||
srpAttributes.srpUserID,
|
||||
|
@ -640,7 +646,14 @@ export const loginViaSRP = async (
|
|||
srpAttributes.srpUserID,
|
||||
convertBufferToBase64(m1)
|
||||
);
|
||||
addLocalLog(() => `srp verify successful, ${verificationResponse}`);
|
||||
addLocalLog(
|
||||
() => `srp verify session successful, ${verificationResponse}`
|
||||
);
|
||||
|
||||
srpClient.checkM2(convertBase64ToBuffer(verificationResponse.srpM2));
|
||||
|
||||
addLocalLog(() => `srp server verify successful`);
|
||||
|
||||
return verificationResponse;
|
||||
} catch (e) {
|
||||
logError(e, 'srp verify failed');
|
||||
|
@ -651,7 +664,7 @@ export const loginViaSRP = async (
|
|||
export const createSRPSession = async (srpUserID: string, srpA: string) => {
|
||||
try {
|
||||
const resp = await HTTPService.post(
|
||||
`${ENDPOINT}/users/srp/exchange-ab`,
|
||||
`${ENDPOINT}/users/srp/create-session`,
|
||||
{
|
||||
srpUserID,
|
||||
srpA,
|
||||
|
@ -691,7 +704,7 @@ export const verifySRPSession = async (
|
|||
) => {
|
||||
try {
|
||||
const resp = await HTTPService.post(
|
||||
`${ENDPOINT}/users/srp/verify`,
|
||||
`${ENDPOINT}/users/srp/verify-session`,
|
||||
{
|
||||
sessionID,
|
||||
srpUserID,
|
||||
|
|
|
@ -59,6 +59,7 @@ export interface EmailVerificationResponse {
|
|||
encryptedToken?: string;
|
||||
token?: string;
|
||||
twoFactorSessionID: string;
|
||||
srpM2?: string;
|
||||
}
|
||||
|
||||
export interface TwoFactorVerificationResponse {
|
||||
|
@ -123,6 +124,10 @@ export interface SRPAttributes {
|
|||
kekSalt: string;
|
||||
}
|
||||
|
||||
export interface GetSRPAttributesResponse {
|
||||
attributes: SRPAttributes;
|
||||
}
|
||||
|
||||
export interface SRPSetupAttributes {
|
||||
srpSalt: string;
|
||||
srpVerifier: string;
|
||||
|
|
|
@ -19,9 +19,11 @@ const LOGIN_SUB_KEY_LENGTH = 32;
|
|||
const LOGIN_SUB_KEY_ID = 1;
|
||||
const LOGIN_SUB_KEY_CONTEXT = 'loginctx';
|
||||
|
||||
export async function generateKeyAttributes(
|
||||
passphrase: string
|
||||
): Promise<{ keyAttributes: KeyAttributes; masterKey: string }> {
|
||||
export async function generateKeyAndSRPAttributes(passphrase: string): Promise<{
|
||||
keyAttributes: KeyAttributes;
|
||||
masterKey: string;
|
||||
srpSetupAttributes: SRPSetupAttributes;
|
||||
}> {
|
||||
const cryptoWorker = await ComlinkCryptoWorker.getInstance();
|
||||
const masterKey = await cryptoWorker.generateEncryptionKey();
|
||||
const recoveryKey = await cryptoWorker.generateEncryptionKey();
|
||||
|
@ -47,6 +49,10 @@ export async function generateKeyAttributes(
|
|||
masterKey
|
||||
);
|
||||
|
||||
const loginSubKey = await generateLoginSubKey(kek.key);
|
||||
|
||||
const srpSetupAttributes = await generateSRPSetupAttributes(loginSubKey);
|
||||
|
||||
const keyAttributes: KeyAttributes = {
|
||||
kekSalt,
|
||||
encryptedKey: masterKeyEncryptedWithKek.encryptedData,
|
||||
|
@ -64,7 +70,11 @@ export async function generateKeyAttributes(
|
|||
recoveryKeyDecryptionNonce: recoveryKeyEncryptedWithMasterKey.nonce,
|
||||
};
|
||||
|
||||
return { keyAttributes, masterKey };
|
||||
return {
|
||||
keyAttributes,
|
||||
masterKey,
|
||||
srpSetupAttributes,
|
||||
};
|
||||
}
|
||||
|
||||
// We encrypt the masterKey, with an intermediate key derived from the
|
||||
|
@ -251,19 +261,8 @@ export const isWeakPassword = (password: string) => {
|
|||
return estimatePasswordStrength(password) === PasswordStrength.WEAK;
|
||||
};
|
||||
|
||||
export const generateLoginSubKey = async (
|
||||
password: string,
|
||||
kekSalt: string,
|
||||
memLimit: number,
|
||||
opsLimit: number
|
||||
) => {
|
||||
export const generateLoginSubKey = async (kek: string) => {
|
||||
const cryptoWorker = await ComlinkCryptoWorker.getInstance();
|
||||
const kek = await cryptoWorker.deriveKey(
|
||||
password,
|
||||
kekSalt,
|
||||
memLimit,
|
||||
opsLimit
|
||||
);
|
||||
const loginSubKey = await cryptoWorker.generateSubKey(
|
||||
kek,
|
||||
LOGIN_SUB_KEY_LENGTH,
|
||||
|
|
Loading…
Reference in a new issue