1
0
mirror of https://github.com/bitwarden/browser.git synced 2024-11-27 12:36:14 +01:00

get fingerprint crypto method

This commit is contained in:
Kyle Spearrin 2018-11-07 22:54:56 -05:00
parent f355840f3c
commit ed07c8d01f
4 changed files with 43 additions and 1 deletions

7
package-lock.json generated
View File

@ -768,6 +768,11 @@
"callsite": "1.0.0"
}
},
"big-integer": {
"version": "1.6.36",
"resolved": "https://registry.npmjs.org/big-integer/-/big-integer-1.6.36.tgz",
"integrity": "sha512-t70bfa7HYEA1D9idDbmuv7YbsbVkQ+Hp+8KFSul4aE5e/i1bjCNIRYJZlA8Q8p0r9T8cF/RVvwUgRA//FydEyg=="
},
"binary-extensions": {
"version": "1.11.0",
"resolved": "https://registry.npmjs.org/binary-extensions/-/binary-extensions-1.11.0.tgz",
@ -776,7 +781,7 @@
},
"bl": {
"version": "1.2.2",
"resolved": "http://registry.npmjs.org/bl/-/bl-1.2.2.tgz",
"resolved": "https://registry.npmjs.org/bl/-/bl-1.2.2.tgz",
"integrity": "sha512-e8tQYnZodmebYDWGH7KMRvtzKXaJHx3BbilrgZCfvyLUYdKpK1t5PSPmpkny/SgiTSCnjfLW7v5rlONXVFkQEA==",
"requires": {
"readable-stream": "^2.3.5",

View File

@ -70,6 +70,7 @@
"@angular/upgrade": "6.1.7",
"@aspnet/signalr": "1.0.4",
"@aspnet/signalr-protocol-msgpack": "1.0.4",
"big-integer": "1.6.36",
"core-js": "2.5.7",
"electron-log": "2.2.14",
"electron-updater": "3.0.3",

View File

@ -16,6 +16,7 @@ export abstract class CryptoService {
getEncKey: () => Promise<SymmetricCryptoKey>;
getPublicKey: () => Promise<ArrayBuffer>;
getPrivateKey: () => Promise<ArrayBuffer>;
getFingerprint: () => Promise<string[]>;
getOrgKeys: () => Promise<Map<string, SymmetricCryptoKey>>;
getOrgKey: (orgId: string) => Promise<SymmetricCryptoKey>;
hasKey: () => Promise<boolean>;

View File

@ -1,3 +1,5 @@
import * as bigInt from 'big-integer';
import { EncryptionType } from '../enums/encryptionType';
import { KdfType } from '../enums/kdfType';
@ -14,6 +16,7 @@ import { ConstantsService } from './constants.service';
import { sequentialize } from '../misc/sequentialize';
import { Utils } from '../misc/utils';
import { EEFLongWordList } from '../misc/wordlist';
const Keys = {
key: 'key',
@ -163,6 +166,16 @@ export class CryptoService implements CryptoServiceAbstraction {
return this.privateKey;
}
async getFingerprint(): Promise<string[]> {
const publicKey = await this.getPublicKey();
if (publicKey === null) {
throw new Error('No public key available.');
}
const keyFingerprint = await this.cryptoFunctionService.hash(publicKey, 'sha256');
const userFingerprint = await this.hkdfExpand(keyFingerprint, Utils.fromUtf8ToArray('USER-ID'), 32);
return this.hashPhrase(userFingerprint.buffer);
}
@sequentialize(() => 'getOrgKeys')
async getOrgKeys(): Promise<Map<string, SymmetricCryptoKey>> {
if (this.orgKeys != null && this.orgKeys.size > 0) {
@ -675,6 +688,28 @@ export class CryptoService implements CryptoServiceAbstraction {
return okm;
}
private async hashPhrase(data: ArrayBuffer, minimumEntropy: number = 64) {
const wordListLength = EEFLongWordList.length;
const entropyPerWord = Math.log(wordListLength) / Math.log(2);
let numWords = Math.ceil(minimumEntropy / entropyPerWord);
const hashBuffer = await this.cryptoFunctionService.pbkdf2(data, '', 'sha256', 50000);
const hash = Array.from(new Uint8Array(hashBuffer));
const entropyAvailable = hash.length * 4;
if (numWords * entropyPerWord > entropyAvailable) {
throw new Error('Output entropy of hash function is too small');
}
const phrase: string[] = [];
let hashNumber = bigInt.fromArray(hash, 256);
while (numWords--) {
const remainder = hashNumber.mod(wordListLength);
hashNumber = hashNumber.divide(wordListLength);
phrase.push(EEFLongWordList[remainder as any]);
}
return phrase;
}
private async buildEncKey(key: SymmetricCryptoKey, encKey: ArrayBuffer = null)
: Promise<[SymmetricCryptoKey, CipherString]> {
let encKeyEnc: CipherString = null;