Bug fix.
- Remove unsafe keystore. - Refactor functionality from unsafe keystore into mutable keystore.
This commit is contained in:
Spencer Ofwiti
@@ -1,5 +1,4 @@
|
||||
export * from '@app/_helpers/custom.validator';
|
||||
export * from '@app/_helpers/error.interceptor';
|
||||
export * from '@app/_helpers/custom-error-state-matcher';
|
||||
export * from '@app/_helpers/unsafe-key-store';
|
||||
export * from '@app/_helpers/pgp-key-store';
|
||||
|
||||
@@ -1,31 +1,35 @@
|
||||
const openpgp = require('openpgp');
|
||||
const keyring = new openpgp.Keyring();
|
||||
import { KeyStore } from '@src/assets/js/cic-meta/auth';
|
||||
|
||||
interface MutableKeyStore{
|
||||
loadKeyring: () => Promise<void>;
|
||||
importKeyPair: (publicKey: any, privateKey: any) => Promise<void>;
|
||||
importPublicKey: (publicKey: any) => Promise<void>;
|
||||
importPrivateKey: (privateKey: any) => Promise<void>;
|
||||
getPublicKeys: () => Array<any>;
|
||||
getTrustedKeys: () => Array<any>;
|
||||
getPrivateKeys: () => Array<any>;
|
||||
getPrivateKey: () => any;
|
||||
isValidKey: (key: any) => boolean;
|
||||
getFingerPrint: () => string;
|
||||
getKeyId: (key: any) => string;
|
||||
getKeysForId: (keyId: string) => Array<any>;
|
||||
getPublicKeyForId: (keyId: string) => any;
|
||||
getPrivateKeyForId: (keyId: string) => any;
|
||||
getPublicKeyForSubkeyId: (subkeyId: string) => any;
|
||||
getPublicKeysForAddress: (address: string) => Array<any>;
|
||||
removeKeysForId: (keyId: string) => Array<any>;
|
||||
removePublicKeyForId: (keyId: string) => any;
|
||||
removePublicKey: (publicKey: any) => any;
|
||||
clearKeysInKeyring: () => void;
|
||||
interface MutableKeyStore extends KeyStore {
|
||||
loadKeyring(): Promise<void>;
|
||||
importKeyPair(publicKey: any, privateKey: any): Promise<void>;
|
||||
importPublicKey(publicKey: any): Promise<void>;
|
||||
importPrivateKey(privateKey: any): Promise<void>;
|
||||
getPublicKeys(): Array<any>;
|
||||
getTrustedKeys(): Array<any>;
|
||||
getTrustedActiveKeys(): Array<any>;
|
||||
getEncryptKeys(): Array<any>;
|
||||
getPrivateKeys(): Array<any>;
|
||||
getPrivateKey(): any;
|
||||
isValidKey(key: any): boolean;
|
||||
getFingerprint(): string;
|
||||
getKeyId(key: any): string;
|
||||
getPrivateKeyId(): string;
|
||||
getKeysForId(keyId: string): Array<any>;
|
||||
getPublicKeyForId(keyId: string): any;
|
||||
getPrivateKeyForId(keyId: string): any;
|
||||
getPublicKeyForSubkeyId(subkeyId: string): any;
|
||||
getPublicKeysForAddress(address: string): Array<any>;
|
||||
removeKeysForId(keyId: string): Array<any>;
|
||||
removePublicKeyForId(keyId: string): any;
|
||||
removePublicKey(publicKey: any): any;
|
||||
clearKeysInKeyring(): void;
|
||||
sign(plainText: string): Promise<any>;
|
||||
}
|
||||
|
||||
class MutablePgpKeyStore implements MutableKeyStore{
|
||||
fingerprint: string;
|
||||
|
||||
async loadKeyring(): Promise<void> {
|
||||
await keyring.load();
|
||||
@@ -45,7 +49,6 @@ class MutablePgpKeyStore implements MutableKeyStore{
|
||||
|
||||
async importPrivateKey(privateKey: any): Promise<void> {
|
||||
await keyring.privateKeys.importKey(privateKey);
|
||||
this.fingerprint = keyring.privateKeys.keys[0].keyPacket.fingerprint;
|
||||
}
|
||||
|
||||
getPublicKeys(): Array<any> {
|
||||
@@ -56,6 +59,14 @@ class MutablePgpKeyStore implements MutableKeyStore{
|
||||
return keyring.publicKeys.keys;
|
||||
}
|
||||
|
||||
getTrustedActiveKeys(): Array<any> {
|
||||
return keyring.publicKeys.keys;
|
||||
}
|
||||
|
||||
getEncryptKeys(): Array<any> {
|
||||
return [];
|
||||
}
|
||||
|
||||
getPrivateKeys(): Array<any> {
|
||||
return keyring.privateKeys.keys;
|
||||
}
|
||||
@@ -68,14 +79,18 @@ class MutablePgpKeyStore implements MutableKeyStore{
|
||||
return typeof key === openpgp.Key;
|
||||
}
|
||||
|
||||
getFingerPrint(): string {
|
||||
return this.fingerprint;
|
||||
getFingerprint(): string {
|
||||
return keyring.privateKeys.keys[0].keyPacket.fingerprint;
|
||||
}
|
||||
|
||||
getKeyId(key: any): string {
|
||||
return key.getKeyId().toHex();
|
||||
}
|
||||
|
||||
getPrivateKeyId(): string {
|
||||
return keyring.privateKeys.keys[0].getKeyId().toHex();
|
||||
}
|
||||
|
||||
getKeysForId(keyId: string): Array<any> {
|
||||
return keyring.getKeysForId(keyId);
|
||||
}
|
||||
@@ -112,6 +127,21 @@ class MutablePgpKeyStore implements MutableKeyStore{
|
||||
clearKeysInKeyring(): void {
|
||||
keyring.clear();
|
||||
}
|
||||
|
||||
async sign(plainText): Promise<any> {
|
||||
const privateKey = this.getPrivateKey();
|
||||
if (!privateKey.isDecrypted()) {
|
||||
const password = window.prompt('password');
|
||||
await privateKey.decrypt(password);
|
||||
}
|
||||
const opts = {
|
||||
message: openpgp.message.fromText(plainText),
|
||||
privateKeys: [privateKey],
|
||||
detached: true,
|
||||
};
|
||||
const signatureObject = await openpgp.sign(opts);
|
||||
return signatureObject.signature;
|
||||
}
|
||||
}
|
||||
|
||||
export {
|
||||
|
||||
@@ -1,7 +0,0 @@
|
||||
import { UnsafeKeyStore } from '@app/_helpers/unsafe-key-store';
|
||||
|
||||
describe('UnsafeKeyStore', () => {
|
||||
it('should create an instance', () => {
|
||||
expect(new UnsafeKeyStore()).toBeTruthy();
|
||||
});
|
||||
});
|
||||
@@ -1,33 +0,0 @@
|
||||
// import * as openpgp from '@src/assets/js/openpgp.min.js';
|
||||
const openpgp = require('@src/assets/js/openpgp.min.js');
|
||||
|
||||
export function UnsafeKeyStore(): void {
|
||||
this.key = undefined;
|
||||
}
|
||||
|
||||
UnsafeKeyStore.prototype.set = async function(privateKeyArmored): Promise<void> {
|
||||
this.key = (await openpgp.key.readArmored(privateKeyArmored)).keys[0];
|
||||
console.log('set pgp key', this.key.getKeyId().toHex());
|
||||
};
|
||||
|
||||
UnsafeKeyStore.prototype.fingerprint = function(): any {
|
||||
return this.key.keyPacket.fingerprint;
|
||||
};
|
||||
|
||||
UnsafeKeyStore.prototype.keyId = function(): any {
|
||||
return this.key.getKeyId();
|
||||
};
|
||||
|
||||
UnsafeKeyStore.prototype.sign = async function(plainText): Promise<any> {
|
||||
if (!this.key.isDecrypted()) {
|
||||
const password = window.prompt('password');
|
||||
await this.key.decrypt(password);
|
||||
}
|
||||
const opts = {
|
||||
message: openpgp.message.fromText(plainText),
|
||||
privateKeys: [this.key],
|
||||
detached: true,
|
||||
};
|
||||
const signatureObject = await openpgp.sign(opts);
|
||||
return signatureObject.signature;
|
||||
};
|
||||
@@ -1,12 +1,11 @@
|
||||
import { Injectable } from '@angular/core';
|
||||
import {MutableKeyStore, MutablePgpKeyStore, UnsafeKeyStore} from '@app/_helpers';
|
||||
import {MutableKeyStore, MutablePgpKeyStore} from '@app/_helpers';
|
||||
import { hobaParseChallengeHeader } from '@src/assets/js/hoba.js';
|
||||
import { signChallenge } from '@src/assets/js/hoba-pgp.js';
|
||||
import {environment} from '@src/environments/environment';
|
||||
import {HttpClient} from '@angular/common/http';
|
||||
|
||||
const origin = 'http://localhost:4444';
|
||||
const pgpKeyStore = new UnsafeKeyStore();
|
||||
|
||||
@Injectable({
|
||||
providedIn: 'root'
|
||||
@@ -53,7 +52,6 @@ export class AuthService {
|
||||
|
||||
sendResponse(hobaResponseEncoded): void {
|
||||
const xhr = new XMLHttpRequest();
|
||||
// xhr.responseType = 'arraybuffer';
|
||||
xhr.responseType = 'text';
|
||||
xhr.open('GET', origin + window.location.search.substring(1));
|
||||
xhr.setRequestHeader('Authorization', 'HOBA ' + hobaResponseEncoded);
|
||||
@@ -109,22 +107,21 @@ export class AuthService {
|
||||
|
||||
|
||||
async loginResponse(o): Promise<any> {
|
||||
const r = await signChallenge(o.challenge, o.realm, origin, pgpKeyStore);
|
||||
const r = await signChallenge(o.challenge, o.realm, origin, this.mutableKeyStore);
|
||||
this.sendResponse(r);
|
||||
}
|
||||
|
||||
loginView(): void {
|
||||
document.getElementById('one').style.display = 'none';
|
||||
document.getElementById('two').style.display = 'block';
|
||||
this.setState('click to log in with PGP key ' + pgpKeyStore.keyId().toHex());
|
||||
this.setState('click to log in with PGP key ' + this.mutableKeyStore.getPrivateKeyId());
|
||||
}
|
||||
|
||||
async setKey(privateKeyArmored): Promise<boolean> {
|
||||
console.log('settings pk' + privateKeyArmored);
|
||||
try {
|
||||
await pgpKeyStore.set(privateKeyArmored);
|
||||
localStorage.setItem(btoa('CICADA_PRIVATE_KEY'), privateKeyArmored);
|
||||
await this.mutableKeyStore.importPrivateKey(privateKeyArmored);
|
||||
localStorage.setItem(btoa('CICADA_PRIVATE_KEY'), privateKeyArmored);
|
||||
} catch (e) {
|
||||
console.error('failed setting key', e);
|
||||
return false;
|
||||
@@ -140,9 +137,7 @@ export class AuthService {
|
||||
|
||||
async getPublicKeys(): Promise<void> {
|
||||
this.http.get(`${environment.publicKeysUrl}/keys.asc`).subscribe(async res => {
|
||||
const armoredPublicKeys = res;
|
||||
await this.mutableKeyStore.loadKeyring();
|
||||
await this.mutableKeyStore.importPublicKey(armoredPublicKeys);
|
||||
await this.mutableKeyStore.importPublicKey(res);
|
||||
}, error => {
|
||||
console.error('There was an error!', error);
|
||||
});
|
||||
|
||||
@@ -10,6 +10,6 @@ export class AppComponent {
|
||||
title = 'cic-staff-client';
|
||||
|
||||
constructor(private authService: AuthService) {
|
||||
this.authService.getPublicKeys().then();
|
||||
this.authService.mutableKeyStore.loadKeyring().then(r => this.authService.getPublicKeys().then());
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user