crypto adjustments for new account enc key

2017-05-31 10:25:25 -04:00 · 2017-05-31 10:25:25 -04:00 · 9aa2014e85
parent 9239588757
commit 9aa2014e85
3 changed files with 37 additions and 2 deletions
--- a/src/app/services/apiService.js
+++ b/src/app/services/apiService.js
@ -107,6 +107,7 @@
            postPasswordHint: { url: _apiUri + '/accounts/password-hint', method: 'POST', params: {} },
            putSecurityStamp: { url: _apiUri + '/accounts/security-stamp', method: 'POST', params: {} },
            putKeys: { url: _apiUri + '/accounts/keys', method: 'POST', params: {} },
+            putKey: { url: _apiUri + '/accounts/key', method: 'POST', params: {} },
            'import': { url: _apiUri + '/accounts/import', method: 'POST', params: {} },
            postDelete: { url: _apiUri + '/accounts/delete', method: 'POST', params: {} }
        });
--- a/src/app/services/authService.js
+++ b/src/app/services/authService.js
@ -35,6 +35,10 @@ angular
                tokenService.setRefreshToken(response.refresh_token);
                cryptoService.setKey(key);

+                if (response.Key) {
+                    cryptoService.setEncKey(response.Key, key);
+                }
+
                if (response.PrivateKey) {
                    cryptoService.setPrivateKey(response.PrivateKey, key);
                    return true;
--- a/src/app/services/cryptoService.js
+++ b/src/app/services/cryptoService.js
@ -4,6 +4,7 @@ angular
    .factory('cryptoService', function ($sessionStorage, constants, $q) {
        var _service = {},
            _key,
+            _encKey,
            _legacyEtmKey,
            _orgKeys,
            _privateKey,
@ -14,6 +15,17 @@ angular
            $sessionStorage.key = _key.keyB64;
        };

+        _service.setEncKey = function (encKeyCt, key) {
+            try {
+                var encKeyBytes = _service.decrypt(encKeyCt, key, 'raw');
+                $sessionStorage.encKey = forge.util.encode64(encKeyBytes);
+                _encKey = new SymmetricCryptoKey(encKeyBytes);
+            }
+            catch (e) {
+                console.log('Cannot set enc key. Decryption failed.');
+            }
+        };
+
        _service.setPrivateKey = function (privateKeyCt, key) {
            try {
                var privateKeyBytes = _service.decrypt(privateKeyCt, key, 'raw');
@ -95,6 +107,18 @@ angular
            return _key;
        };

+        _service.getEncKey = function () {
+            if (!_encKey && $sessionStorage.encKey) {
+                _encKey = new SymmetricCryptoKey($sessionStorage.encKey, true);
+            }
+
+            if (!_encKey) {
+                throw 'enc key unavailable';
+            }
+
+            return _encKey;
+        };
+
        _service.getPrivateKey = function (outputEncoding) {
            outputEncoding = outputEncoding || 'native';

@ -173,6 +197,11 @@ angular
            delete $sessionStorage.key;
        };

+        _service.clearEncKey = function () {
+            _encKey = null;
+            delete $sessionStorage.encKey;
+        };
+
        _service.clearKeyPair = function () {
            _privateKey = null;
            _publicKey = null;
@ -196,6 +225,7 @@ angular

        _service.clearKeys = function () {
            _service.clearKey();
+            _service.clearEncKey();
            _service.clearKeyPair();
            _service.clearOrgKeys();
        };
@ -254,7 +284,7 @@ angular
        };

        _service.encrypt = function (plainValue, key, plainValueEncoding) {
-            key = key || _service.getKey();
+            key = key || _service.getEncKey() || _service.getKey();

            if (!key) {
                throw 'Encryption key unavailable.';
@ -304,7 +334,7 @@ angular
        };

        _service.decrypt = function (encValue, key, outputEncoding) {
-            key = key || _service.getKey();
+            key = key || _service.getEncKey() || _service.getKey();

            var headerPieces = encValue.split('.'),
                encType,