web/cryptpad
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

export a constant for the number of required bytes at login time

Browse Source 
allocate bytes for blockSeed when changing passwords
This commit is contained in:
ansuz 2018-06-22 11:37:48 +02:00
parent da35d94f73
commit 85bcaa51f7
2 changed files with 14 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
customize.dist/login.js
View File

@ -21,10 +21,13 @@ define([
Feedback, LocalStore, Messages, nThen, Block) { Feedback, LocalStore, Messages, nThen, Block) {
var Exports = { var Exports = {
Cred: Cred, Cred: Cred,
// this is depended on by non-customizable files
// be careful when modifying login.js
requiredBytes: 192,
}; };
var Nacl = window.nacl; var Nacl = window.nacl;
var allocateBytes = function (bytes) { var allocateBytes = Exports.allocateBytes = function (bytes) {
var dispense = Cred.dispenser(bytes); var dispense = Cred.dispenser(bytes);
var opt = {}; var opt = {};
@ -44,10 +47,7 @@ define([
var edSeed = opt.edSeed = dispense(32); var edSeed = opt.edSeed = dispense(32);
// 32 more bytes to seed an additional signing key // 32 more bytes to seed an additional signing key
opt.blockSignSeed = dispense(32); opt.blockSeed = dispense(64);
// 32 more bytes for a symmetric key for block encryption
opt.blockSymmetric = dispense(32);
// derive a private key from the ed seed // derive a private key from the ed seed
var signingKeypair = Nacl.sign.keyPair.fromSeed(new Uint8Array(edSeed)); var signingKeypair = Nacl.sign.keyPair.fromSeed(new Uint8Array(edSeed));
@ -121,7 +121,7 @@ define([
var RT; var RT;
nThen(function (waitFor) { nThen(function (waitFor) {
Cred.deriveFromPassphrase(uname, passwd, 192, waitFor(function (bytes) { Cred.deriveFromPassphrase(uname, passwd, Exports.requiredBytes, waitFor(function (bytes) {
// run scrypt to derive the user's keys // run scrypt to derive the user's keys
res.opt = allocateBytes(bytes); res.opt = allocateBytes(bytes);
})); }));

13
www/common/cryptpad-common.js
View File

@ -717,14 +717,16 @@ define([
throw new Error("XXX"); throw new Error("XXX");
var blockHash = LocalStore.getBlockHash(); var blockHash = LocalStore.getBlockHash();
var Cred, Block; var Cred, Block, Login;
Nthen(function (waitFor) { Nthen(function (waitFor) {
require([ require([
'/customize/credential.js', '/customize/credential.js',
'/common/outer/login-block.js' '/common/outer/login-block.js',
], waitFor(function (_Cred, _Block) { '/customize/login.js'
], waitFor(function (_Cred, _Block, _Login) {
Cred = _Cred; Cred = _Cred;
Block = _Block; Block = _Block;
Login = _Login;
})); }));
}).nThen(function (waitFor) { }).nThen(function (waitFor) {
// Check if our drive is already owned // Check if our drive is already owned
@ -761,8 +763,9 @@ define([
})); }));
}).nThen(function (waitFor) { }).nThen(function (waitFor) {
// Drive content copied: get the new block location // Drive content copied: get the new block location
Cred.deriveFromPassphrase(accountName, newPassword, 192, waitFor(function (bytes) { Cred.deriveFromPassphrase(accountName, newPassword, Login.requiredBytes, waitFor(function (bytes) {
newBlockSeed = null; // XXX var allocated = Login.allocateBytes(bytes);
newBlockSeed = allocated.blockSeed;
})); }));
}).nThen(function (waitFor) { }).nThen(function (waitFor) {
// Write the new login block // Write the new login block