We use cookies to ensure you get the best experience on our website
Home Explore Help
Register Sign In
0ct0pu5
/
ente
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: af2ccf7449
Branches Tags
ente
/
web
/
packages
/
accounts
/
utils
/
srp.ts

srp.ts 2.3 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263 
  1. import ComlinkCryptoWorker from "@ente/shared/crypto";
    2. 

  2. import { generateLoginSubKey } from "@ente/shared/crypto/helpers";
    3. 

  3. import { KeyAttributes } from "@ente/shared/user/types";
    4. 

  4. import { generateSRPSetupAttributes } from "../services/srp";
    5. 

  5. import { SRPSetupAttributes } from "../types/srp";
    6. 

  6. 

  7. export async function generateKeyAndSRPAttributes(passphrase: string): Promise<{
    8. 

  8.     keyAttributes: KeyAttributes;
    9. 

  9.     masterKey: string;
    10. 

  10.     srpSetupAttributes: SRPSetupAttributes;
    11. 

  11. }> {
    12. 

  12.     const cryptoWorker = await ComlinkCryptoWorker.getInstance();
    13. 

  13.     const masterKey = await cryptoWorker.generateEncryptionKey();
    14. 

  14.     const recoveryKey = await cryptoWorker.generateEncryptionKey();
    15. 

  15.     const kekSalt = await cryptoWorker.generateSaltToDeriveKey();
    16. 

  16.     const kek = await cryptoWorker.deriveSensitiveKey(passphrase, kekSalt);
    17. 

  17. 

  18.     const masterKeyEncryptedWithKek = await cryptoWorker.encryptToB64(
    19. 

  19.         masterKey,
    20. 

  20.         kek.key,
    21. 

  21.     );
    22. 

  22.     const masterKeyEncryptedWithRecoveryKey = await cryptoWorker.encryptToB64(
    23. 

  23.         masterKey,
    24. 

  24.         recoveryKey,
    25. 

  25.     );
    26. 

  26.     const recoveryKeyEncryptedWithMasterKey = await cryptoWorker.encryptToB64(
    27. 

  27.         recoveryKey,
    28. 

  28.         masterKey,
    29. 

  29.     );
    30. 

  30. 

  31.     const keyPair = await cryptoWorker.generateKeyPair();
    32. 

  32.     const encryptedKeyPairAttributes = await cryptoWorker.encryptToB64(
    33. 

  33.         keyPair.privateKey,
    34. 

  34.         masterKey,
    35. 

  35.     );
    36. 

  36. 

  37.     const loginSubKey = await generateLoginSubKey(kek.key);
    38. 

  38. 

  39.     const srpSetupAttributes = await generateSRPSetupAttributes(loginSubKey);
    40. 

  40. 

  41.     const keyAttributes: KeyAttributes = {
    42. 

  42.         kekSalt,
    43. 

  43.         encryptedKey: masterKeyEncryptedWithKek.encryptedData,
    44. 

  44.         keyDecryptionNonce: masterKeyEncryptedWithKek.nonce,
    45. 

  45.         publicKey: keyPair.publicKey,
    46. 

  46.         encryptedSecretKey: encryptedKeyPairAttributes.encryptedData,
    47. 

  47.         secretKeyDecryptionNonce: encryptedKeyPairAttributes.nonce,
    48. 

  48.         opsLimit: kek.opsLimit,
    49. 

  49.         memLimit: kek.memLimit,
    50. 

  50.         masterKeyEncryptedWithRecoveryKey:
    51. 

  51.             masterKeyEncryptedWithRecoveryKey.encryptedData,
    52. 

  52.         masterKeyDecryptionNonce: masterKeyEncryptedWithRecoveryKey.nonce,
    53. 

  53.         recoveryKeyEncryptedWithMasterKey:
    54. 

  54.             recoveryKeyEncryptedWithMasterKey.encryptedData,
    55. 

  55.         recoveryKeyDecryptionNonce: recoveryKeyEncryptedWithMasterKey.nonce,
    56. 

  56.     };
    57. 

  57. 

  58.     return {
    59. 

  59.         keyAttributes,
    60. 

  60.         masterKey,
    61. 

  61.         srpSetupAttributes,
    62. 

  62.     };
    63. 

  63. }
    64.

Contact | Legal | Takedown | Status
Self-hosted public services - About
NibbleSpot by 0ct0pu5