From 9aa2014e856fad0b206d4751ea2903d025bb0f9c Mon Sep 17 00:00:00 2001 From: Kyle Spearrin Date: Wed, 31 May 2017 10:25:25 -0400 Subject: [PATCH] crypto adjustments for new account enc key --- src/app/services/apiService.js | 1 + src/app/services/authService.js | 4 ++++ src/app/services/cryptoService.js | 34 +++++++++++++++++++++++++++++-- 3 files changed, 37 insertions(+), 2 deletions(-) diff --git a/src/app/services/apiService.js b/src/app/services/apiService.js index 8c0273fa6c..f32041b6e2 100644 --- a/src/app/services/apiService.js +++ b/src/app/services/apiService.js @@ -107,6 +107,7 @@ postPasswordHint: { url: _apiUri + '/accounts/password-hint', method: 'POST', params: {} }, putSecurityStamp: { url: _apiUri + '/accounts/security-stamp', method: 'POST', params: {} }, putKeys: { url: _apiUri + '/accounts/keys', method: 'POST', params: {} }, + putKey: { url: _apiUri + '/accounts/key', method: 'POST', params: {} }, 'import': { url: _apiUri + '/accounts/import', method: 'POST', params: {} }, postDelete: { url: _apiUri + '/accounts/delete', method: 'POST', params: {} } }); diff --git a/src/app/services/authService.js b/src/app/services/authService.js index 88b7374876..13aa291efc 100644 --- a/src/app/services/authService.js +++ b/src/app/services/authService.js @@ -35,6 +35,10 @@ angular tokenService.setRefreshToken(response.refresh_token); cryptoService.setKey(key); + if (response.Key) { + cryptoService.setEncKey(response.Key, key); + } + if (response.PrivateKey) { cryptoService.setPrivateKey(response.PrivateKey, key); return true; diff --git a/src/app/services/cryptoService.js b/src/app/services/cryptoService.js index 0c29a75fd0..f007c2b30e 100644 --- a/src/app/services/cryptoService.js +++ b/src/app/services/cryptoService.js @@ -4,6 +4,7 @@ angular .factory('cryptoService', function ($sessionStorage, constants, $q) { var _service = {}, _key, + _encKey, _legacyEtmKey, _orgKeys, _privateKey, @@ -14,6 +15,17 @@ angular $sessionStorage.key = _key.keyB64; }; + _service.setEncKey = function (encKeyCt, key) { + try { + var encKeyBytes = _service.decrypt(encKeyCt, key, 'raw'); + $sessionStorage.encKey = forge.util.encode64(encKeyBytes); + _encKey = new SymmetricCryptoKey(encKeyBytes); + } + catch (e) { + console.log('Cannot set enc key. Decryption failed.'); + } + }; + _service.setPrivateKey = function (privateKeyCt, key) { try { var privateKeyBytes = _service.decrypt(privateKeyCt, key, 'raw'); @@ -95,6 +107,18 @@ angular return _key; }; + _service.getEncKey = function () { + if (!_encKey && $sessionStorage.encKey) { + _encKey = new SymmetricCryptoKey($sessionStorage.encKey, true); + } + + if (!_encKey) { + throw 'enc key unavailable'; + } + + return _encKey; + }; + _service.getPrivateKey = function (outputEncoding) { outputEncoding = outputEncoding || 'native'; @@ -173,6 +197,11 @@ angular delete $sessionStorage.key; }; + _service.clearEncKey = function () { + _encKey = null; + delete $sessionStorage.encKey; + }; + _service.clearKeyPair = function () { _privateKey = null; _publicKey = null; @@ -196,6 +225,7 @@ angular _service.clearKeys = function () { _service.clearKey(); + _service.clearEncKey(); _service.clearKeyPair(); _service.clearOrgKeys(); }; @@ -254,7 +284,7 @@ angular }; _service.encrypt = function (plainValue, key, plainValueEncoding) { - key = key || _service.getKey(); + key = key || _service.getEncKey() || _service.getKey(); if (!key) { throw 'Encryption key unavailable.'; @@ -304,7 +334,7 @@ angular }; _service.decrypt = function (encValue, key, outputEncoding) { - key = key || _service.getKey(); + key = key || _service.getEncKey() || _service.getKey(); var headerPieces = encValue.split('.'), encType,