mirror of
https://github.com/ente-io/ente.git
synced 2025-05-24 20:19:17 +00:00
004dd3bd0c
Something in the previous arrangement was causing webpack to not pack worker/worker.ts as a web worker.
64 lines
2.3 KiB
TypeScript
64 lines
2.3 KiB
TypeScript
import { sharedCryptoWorker } from "@/base/crypto";
|
|
import { generateLoginSubKey } from "@ente/shared/crypto/helpers";
|
|
import type { KeyAttributes } from "@ente/shared/user/types";
|
|
import { generateSRPSetupAttributes } from "../services/srp";
|
|
import type { SRPSetupAttributes } from "../types/srp";
|
|
|
|
export async function generateKeyAndSRPAttributes(passphrase: string): Promise<{
|
|
keyAttributes: KeyAttributes;
|
|
masterKey: string;
|
|
srpSetupAttributes: SRPSetupAttributes;
|
|
}> {
|
|
const cryptoWorker = await sharedCryptoWorker();
|
|
const masterKey = await cryptoWorker.generateEncryptionKey();
|
|
const recoveryKey = await cryptoWorker.generateEncryptionKey();
|
|
const kekSalt = await cryptoWorker.generateSaltToDeriveKey();
|
|
const kek = await cryptoWorker.deriveSensitiveKey(passphrase, kekSalt);
|
|
|
|
const masterKeyEncryptedWithKek = await cryptoWorker.encryptToB64(
|
|
masterKey,
|
|
kek.key,
|
|
);
|
|
const masterKeyEncryptedWithRecoveryKey = await cryptoWorker.encryptToB64(
|
|
masterKey,
|
|
recoveryKey,
|
|
);
|
|
const recoveryKeyEncryptedWithMasterKey = await cryptoWorker.encryptToB64(
|
|
recoveryKey,
|
|
masterKey,
|
|
);
|
|
|
|
const keyPair = await cryptoWorker.generateKeyPair();
|
|
const encryptedKeyPairAttributes = await cryptoWorker.encryptToB64(
|
|
keyPair.privateKey,
|
|
masterKey,
|
|
);
|
|
|
|
const loginSubKey = await generateLoginSubKey(kek.key);
|
|
|
|
const srpSetupAttributes = await generateSRPSetupAttributes(loginSubKey);
|
|
|
|
const keyAttributes: KeyAttributes = {
|
|
kekSalt,
|
|
encryptedKey: masterKeyEncryptedWithKek.encryptedData,
|
|
keyDecryptionNonce: masterKeyEncryptedWithKek.nonce,
|
|
publicKey: keyPair.publicKey,
|
|
encryptedSecretKey: encryptedKeyPairAttributes.encryptedData,
|
|
secretKeyDecryptionNonce: encryptedKeyPairAttributes.nonce,
|
|
opsLimit: kek.opsLimit,
|
|
memLimit: kek.memLimit,
|
|
masterKeyEncryptedWithRecoveryKey:
|
|
masterKeyEncryptedWithRecoveryKey.encryptedData,
|
|
masterKeyDecryptionNonce: masterKeyEncryptedWithRecoveryKey.nonce,
|
|
recoveryKeyEncryptedWithMasterKey:
|
|
recoveryKeyEncryptedWithMasterKey.encryptedData,
|
|
recoveryKeyDecryptionNonce: recoveryKeyEncryptedWithMasterKey.nonce,
|
|
};
|
|
|
|
return {
|
|
keyAttributes,
|
|
masterKey,
|
|
srpSetupAttributes,
|
|
};
|
|
}
|