diff --git a/src/services/encryption/open_id_encryption.ts b/src/services/encryption/open_id_encryption.ts index 350b9bdba..b68a85d23 100644 --- a/src/services/encryption/open_id_encryption.ts +++ b/src/services/encryption/open_id_encryption.ts @@ -6,140 +6,140 @@ import sqlInit from "../sql_init.js"; import OpenIDError from "../../errors/mfa_error.js"; function saveUser(subjectIdentifier: string, name: string, email: string) { - if (isUserSaved()) return false; + if (isUserSaved()) return false; - const verificationSalt = utils.randomSecureToken(32); - const derivedKeySalt = utils.randomSecureToken(32); + const verificationSalt = utils.randomSecureToken(32); + const derivedKeySalt = utils.randomSecureToken(32); - const verificationHash = myScryptService.getSubjectIdentifierVerificationHash( - subjectIdentifier, - verificationSalt - ); - if (verificationHash === undefined) { - throw new OpenIDError("Verification hash undefined!") - } + const verificationHash = myScryptService.getSubjectIdentifierVerificationHash( + subjectIdentifier, + verificationSalt + ); + if (verificationHash === undefined) { + throw new OpenIDError("Verification hash undefined!") + } - const userIDEncryptedDataKey = setDataKey( - subjectIdentifier, - utils.randomSecureToken(16), - verificationSalt - ); + const userIDEncryptedDataKey = setDataKey( + subjectIdentifier, + utils.randomSecureToken(16), + verificationSalt + ); - if (userIDEncryptedDataKey === undefined || userIDEncryptedDataKey === null) { - console.log("USERID ENCRYPTED DATA KEY NULL"); - return undefined; - } + if (userIDEncryptedDataKey === undefined || userIDEncryptedDataKey === null) { + console.log("USERID ENCRYPTED DATA KEY NULL"); + return undefined; + } - const data = { - tmpID: 0, - userIDVerificationHash: utils.toBase64(verificationHash), - salt: verificationSalt, - derivedKey: derivedKeySalt, - userIDEcnryptedDataKey: userIDEncryptedDataKey, - isSetup: "true", - username: name, - email: email - }; + const data = { + tmpID: 0, + userIDVerificationHash: utils.toBase64(verificationHash), + salt: verificationSalt, + derivedKey: derivedKeySalt, + userIDEcnryptedDataKey: userIDEncryptedDataKey, + isSetup: "true", + username: name, + email: email + }; - sql.upsert("user_data", "tmpID", data); - return true; + sql.upsert("user_data", "tmpID", data); + return true; } function isSubjectIdentifierSaved() { - const value = sql.getValue("SELECT userIDEcnryptedDataKey FROM user_data;"); - if (value === undefined || value === null || value === "") return false; - return true; + const value = sql.getValue("SELECT userIDEcnryptedDataKey FROM user_data;"); + if (value === undefined || value === null || value === "") return false; + return true; } function isUserSaved() { - const isSaved = sql.getValue("SELECT isSetup FROM user_data;"); - return isSaved === "true" ? true : false; + const isSaved = sql.getValue("SELECT isSetup FROM user_data;"); + return isSaved === "true" ? true : false; } function verifyOpenIDSubjectIdentifier(subjectIdentifier: string) { - if (!sqlInit.isDbInitialized()) { - throw new OpenIDError("Database not initialized!"); - } + if (!sqlInit.isDbInitialized()) { + throw new OpenIDError("Database not initialized!"); + } - if (isUserSaved()) { - return false; - } + if (isUserSaved()) { + return false; + } - const salt = sql.getValue("SELECT salt FROM user_data;"); - if (salt == undefined) { - console.log("Salt undefined"); - return undefined; - } + const salt = sql.getValue("SELECT salt FROM user_data;"); + if (salt == undefined) { + console.log("Salt undefined"); + return undefined; + } - const givenHash = myScryptService - .getSubjectIdentifierVerificationHash(subjectIdentifier) - ?.toString("base64"); - if (givenHash === undefined) { - console.log("Sub id hash undefined!"); - return undefined; - } + const givenHash = myScryptService + .getSubjectIdentifierVerificationHash(subjectIdentifier) + ?.toString("base64"); + if (givenHash === undefined) { + console.log("Sub id hash undefined!"); + return undefined; + } - const savedHash = sql.getValue( - "SELECT userIDVerificationHash FROM user_data" - ); - if (savedHash === undefined) { - console.log("verification hash undefined"); - return undefined; - } + const savedHash = sql.getValue( + "SELECT userIDVerificationHash FROM user_data" + ); + if (savedHash === undefined) { + console.log("verification hash undefined"); + return undefined; + } - console.log("Matches: " + givenHash === savedHash); - return givenHash === savedHash; + console.log("Matches: " + givenHash === savedHash); + return givenHash === savedHash; } function setDataKey( - subjectIdentifier: string, - plainTextDataKey: string | Buffer, - salt: string + subjectIdentifier: string, + plainTextDataKey: string | Buffer, + salt: string ) { - const subjectIdentifierDerivedKey = - myScryptService.getSubjectIdentifierDerivedKey(subjectIdentifier, salt); + const subjectIdentifierDerivedKey = + myScryptService.getSubjectIdentifierDerivedKey(subjectIdentifier, salt); - if (subjectIdentifierDerivedKey === undefined) { - console.log("SOMETHING WENT WRONG SAVING USER ID DERIVED KEY"); - return undefined; - } - const newEncryptedDataKey = dataEncryptionService.encrypt( - subjectIdentifierDerivedKey, - plainTextDataKey - ); + if (subjectIdentifierDerivedKey === undefined) { + console.log("SOMETHING WENT WRONG SAVING USER ID DERIVED KEY"); + return undefined; + } + const newEncryptedDataKey = dataEncryptionService.encrypt( + subjectIdentifierDerivedKey, + plainTextDataKey + ); - return newEncryptedDataKey; + return newEncryptedDataKey; } function getDataKey(subjectIdentifier: string) { - const subjectIdentifierDerivedKey = - myScryptService.getSubjectIdentifierDerivedKey(subjectIdentifier); + const subjectIdentifierDerivedKey = + myScryptService.getSubjectIdentifierDerivedKey(subjectIdentifier); - const encryptedDataKey = sql.getValue( - "SELECT userIDEcnryptedDataKey FROM user_data" - ); + const encryptedDataKey = sql.getValue( + "SELECT userIDEcnryptedDataKey FROM user_data" + ); - if (encryptedDataKey === undefined || encryptedDataKey === null) { - console.log("Encrypted data key empty!"); - return undefined; - } + if (encryptedDataKey === undefined || encryptedDataKey === null) { + console.log("Encrypted data key empty!"); + return undefined; + } - if (subjectIdentifierDerivedKey === undefined) { - console.log("SOMETHING WENT WRONG SAVING USER ID DERIVED KEY"); - return undefined; - } - const decryptedDataKey = dataEncryptionService.decrypt( - subjectIdentifierDerivedKey, - encryptedDataKey.toString() - ); + if (subjectIdentifierDerivedKey === undefined) { + console.log("SOMETHING WENT WRONG SAVING USER ID DERIVED KEY"); + return undefined; + } + const decryptedDataKey = dataEncryptionService.decrypt( + subjectIdentifierDerivedKey, + encryptedDataKey.toString() + ); - return decryptedDataKey; + return decryptedDataKey; } export default { - verifyOpenIDSubjectIdentifier, - getDataKey, - setDataKey, - saveUser, - isSubjectIdentifierSaved, + verifyOpenIDSubjectIdentifier, + getDataKey, + setDataKey, + saveUser, + isSubjectIdentifierSaved, }; diff --git a/src/services/encryption/password.ts b/src/services/encryption/password.ts index bbfe9577b..62046f47a 100644 --- a/src/services/encryption/password.ts +++ b/src/services/encryption/password.ts @@ -1,5 +1,3 @@ -"use strict"; - import sql from "../sql.js"; import optionService from "../options.js"; import myScryptService from "./my_scrypt.js"; diff --git a/src/services/encryption/recovery_codes.ts b/src/services/encryption/recovery_codes.ts index c03256a83..dde277741 100644 --- a/src/services/encryption/recovery_codes.ts +++ b/src/services/encryption/recovery_codes.ts @@ -23,6 +23,7 @@ function setRecoveryCodes(recoveryCodes: string) { }); return false; } + function getRecoveryCodes() { if (!isRecoveryCodeSet()) { return Array(8).fill("Keys not set") @@ -67,7 +68,7 @@ function verifyRecoveryCode(recoveryCodeGuess: string) { } function getUsedRecoveryCodes() { - if (!isRecoveryCodeSet()){ + if (!isRecoveryCodeSet()) { return Array(8).fill("Recovery code not set") }