add signing keys to user object at login and register time

2017-03-15 18:57:13 +01:00
parent 8129b8cdc1
commit 0a6373852e
4 changed files with 30 additions and 3 deletions
--- a/www/common/login.js
+++ b/www/common/login.js
@@ -11,6 +11,7 @@ define([
        Cred: Cred,
    };

+    var Nacl = window.nacl;
    var allocateBytes = function (bytes) {
        var dispense = Cred.dispenser(bytes);

@@ -25,6 +26,12 @@ define([
        // 32 more for a signing key
        var edSeed = opt.edSeed = dispense(32);

+        // derive a private key from the ed seed
+        var signingKeypair = Nacl.sign.keyPair.fromSeed(new Uint8Array(edSeed));
+
+        opt.edPrivate = Nacl.util.encodeBase64(signingKeypair.secretKey);
+        opt.edPublic = Nacl.util.encodeBase64(signingKeypair.publicKey);
+
        var keys = opt.keys = Crypto.createEditCryptor(null, encryptionSeed);

        // 24 bytes of base64
@@ -98,6 +105,10 @@ define([
                res.userHash = opt.userHash;
                res.userName = uname;

+                // export their signing key
+                res.edPrivate = opt.edPrivate;
+                res.edPublic = opt.edPublic;
+
                // they tried to just log in but there's no such user
                if (!isRegister && isProxyEmpty(rt.proxy)) {
                    rt.network.disconnect(); // clean up after yourself