set private key when logging in

2024-11-06 09:20:43 +01:00 · 2017-02-21 00:29:15 -05:00 · 2017-02-21 00:29:15 -05:00 · cf144aa2c1
commit cf144aa2c1
parent 086d924f06
2 changed files with 27 additions and 10 deletions
--- a/src/app/services/authService.js
+++ b/src/app/services/authService.js
@ -33,6 +33,9 @@ angular
                tokenService.setToken(response.access_token);
                tokenService.setRefreshToken(response.refresh_token);
                cryptoService.setKey(key);
+                if (response.EncryptedPrivateKey) {
+                    cryptoService.setPrivateKey(response.EncryptedPrivateKey, key);
+                }
                deferred.resolve();
            }, function (error) {
                if (error.status === 400 && error.data.TwoFactorProviders && error.data.TwoFactorProviders.length) {
--- a/src/app/services/cryptoService.js
+++ b/src/app/services/cryptoService.js
@ -12,9 +12,15 @@ angular
            $sessionStorage.key = forge.util.encode64(key);
        };

-        _service.setPrivateKey = function (privateKey) {
-            _privateKey = privateKey;
-            $sessionStorage.privateKey = forge.util.encode64(privateKey);
+        _service.setPrivateKey = function (privateKeyCt, key) {
+            try {
+                var privateKey = _service.decrypt(privateKeyCt, key, 'raw');
+                _privateKey = privateKey;
+                $sessionStorage.privateKey = forge.util.encode64(privateKey);
+            }
+            catch (e) {
+                console.log('Cannot set private key. Decryption failed.');
+            }
        };

        _service.getKey = function (b64) {
@ -121,7 +127,7 @@ angular
            return forge.util.encode64(hashBits);
        };

-        _service.encrypt = function (plainValue, key, encoding) {
+        _service.encrypt = function (plainValue, key, plainValueEncoding) {
            if (!_service.getKey() && !key) {
                throw 'Encryption key unavailable.';
            }
@ -135,8 +141,8 @@ angular
                encKey = key || _service.getKey();
            }

-            encoding = encoding || 'utf8';
-            var buffer = forge.util.createBuffer(plainValue, encoding);
+            plainValueEncoding = plainValueEncoding || 'utf8';
+            var buffer = forge.util.createBuffer(plainValue, plainValueEncoding);
            var ivBytes = forge.random.getBytesSync(16);
            var cipher = forge.cipher.createCipher('AES-CBC', encKey);
            cipher.start({ iv: ivBytes });
@ -157,9 +163,9 @@ angular
            return cipherString;
        };

-        _service.decrypt = function (encValue, outputEncoding) {
-            if (!_service.getKey()) {
-                throw 'AES encryption unavailable.';
+        _service.decrypt = function (encValue, key, outputEncoding) {
+            if (!_service.getKey() && !key) {
+                throw 'Encryption key unavailable.';
            }

            var encPieces = encValue.split('|');
@ -179,8 +185,16 @@ angular
                }
            }

+            var encKey;
+            if (computedMac) {
+                encKey = _service.getEncKey(key);
+            }
+            else {
+                encKey = key || _service.getKey();
+            }
+
            var ctBuffer = forge.util.createBuffer(ctBytes);
-            var decipher = forge.cipher.createDecipher('AES-CBC', computedMac ? _service.getEncKey() : _service.getKey());
+            var decipher = forge.cipher.createDecipher('AES-CBC', encKey);
            decipher.start({ iv: ivBytes });
            decipher.update(ctBuffer);
            decipher.finish();