Add basic API to perform SRP login

2023-09-07 21:53:14 +05:30 · 2023-09-07 21:53:14 +05:30 · f7a90ad1ad
commit f7a90ad1ad
parent 2dfea90c09
3 changed files with 17 additions and 13 deletions
--- a/internal/api/client.go
+++ b/internal/api/client.go
@ -1,6 +1,7 @@
 package api

 import (
+	"context"
 	"errors"

 	"github.com/go-resty/resty/v2"
@ -20,6 +21,10 @@ func NewClient() *Client {
 	}
 }

+func authReq(ctx context.Context, fn func(*resty.Request) (*resty.Response, error)) (*resty.Response, error) {
+	return fn(ctx.Value("auth").(*resty.Request))
+}
+
 // Error type for resty.Error{}
 type Error struct{}

--- a/internal/api/login_type.go
+++ b/internal/api/login_type.go
@ -20,19 +20,15 @@ type CreateSRPSessionResponse struct {

 // KeyAttributes stores the key related attributes for a user
 type KeyAttributes struct {
-	KEKSalt                           string `json:"kekSalt" binding:"required"`
-	KEKHash                           string `json:"kekHash"`
-	EncryptedKey                      string `json:"encryptedKey" binding:"required"`
-	KeyDecryptionNonce                string `json:"keyDecryptionNonce" binding:"required"`
-	PublicKey                         string `json:"publicKey" binding:"required"`
-	EncryptedSecretKey                string `json:"encryptedSecretKey" binding:"required"`
-	SecretKeyDecryptionNonce          string `json:"secretKeyDecryptionNonce" binding:"required"`
-	MemLimit                          int    `json:"memLimit" binding:"required"`
-	OpsLimit                          int    `json:"opsLimit" binding:"required"`
-	MasterKeyEncryptedWithRecoveryKey string `json:"masterKeyEncryptedWithRecoveryKey"`
-	MasterKeyDecryptionNonce          string `json:"masterKeyDecryptionNonce"`
-	RecoveryKeyEncryptedWithMasterKey string `json:"recoveryKeyEncryptedWithMasterKey"`
-	RecoveryKeyDecryptionNonce        string `json:"recoveryKeyDecryptionNonce"`
+	KEKSalt                  string `json:"kekSalt" binding:"required"`
+	KEKHash                  string `json:"kekHash"`
+	EncryptedKey             string `json:"encryptedKey" binding:"required"`
+	KeyDecryptionNonce       string `json:"keyDecryptionNonce" binding:"required"`
+	PublicKey                string `json:"publicKey" binding:"required"`
+	EncryptedSecretKey       string `json:"encryptedSecretKey" binding:"required"`
+	SecretKeyDecryptionNonce string `json:"secretKeyDecryptionNonce" binding:"required"`
+	MemLimit                 int    `json:"memLimit" binding:"required"`
+	OpsLimit                 int    `json:"opsLimit" binding:"required"`
 }

 type AuthorizationResponse struct {
--- a/internal/crypto/crypto.go
+++ b/internal/crypto/crypto.go
@ -75,6 +75,9 @@ func decryptChaCha20poly1305(data []byte, key []byte, nonce []byte) ([]byte, err
 	return decryptedData[:n], nil
 }

+// DeriveLoginKey derives a login key from the given key encryption key.
+// This loginKey act as user provided password during SRP authentication.
+// Parameters: keyEncKey: This is the keyEncryptionKey that is derived from the user's password.
 func DeriveLoginKey(keyEncKey []byte) []byte {
 	mainKey := sodium.MasterKey{Bytes: keyEncKey}
 	subKey := mainKey.Derive(loginSubKeyLen, loginSubKeyId, loginSubKeyContext).Bytes