aboutsummaryrefslogtreecommitdiff
path: root/src/login
diff options
context:
space:
mode:
Diffstat (limited to 'src/login')
-rw-r--r--src/login/mod.rs14
-rw-r--r--src/login/static_provider.rs6
2 files changed, 16 insertions, 4 deletions
diff --git a/src/login/mod.rs b/src/login/mod.rs
index a9b9efe..f7a81c2 100644
--- a/src/login/mod.rs
+++ b/src/login/mod.rs
@@ -169,9 +169,20 @@ impl CryptoKeys {
}
pub async fn open(
- storage: &Builders,
password: &str,
+ root_blob: &str,
) -> Result<Self> {
+ let kdf_salt = &password_blob[..32];
+ let password_openned = try_open_encrypted_keys(kdf_salt, password, &password_blob[32..])?;
+
+ let keys = Self::deserialize(&password_openned)?;
+ if keys.public != expected_public {
+ bail!("Password public key doesn't match stored public key");
+ }
+
+ Ok(keys)
+
+ /*
let k2v = storage.row_store()?;
let (ident_salt, expected_public) = Self::load_salt_and_public(&k2v).await?;
@@ -208,6 +219,7 @@ impl CryptoKeys {
}
Ok(keys)
+ */
}
pub async fn open_without_password(
diff --git a/src/login/static_provider.rs b/src/login/static_provider.rs
index 0f6ab3a..7fadf2f 100644
--- a/src/login/static_provider.rs
+++ b/src/login/static_provider.rs
@@ -83,15 +83,15 @@ impl LoginProvider for StaticLoginProvider {
};
let keys = match &user.crypto_root { /*(&user.master_key, &user.secret_key) {*/
- CryptographyRoot::InPlace { master_key: m, secret_key: s } => {
+ CryptographyRoot::ClearText { master_key: m, secret_key: s } => {
let master_key =
Key::from_slice(&base64::decode(m)?).ok_or(anyhow!("Invalid master key"))?;
let secret_key = SecretKey::from_slice(&base64::decode(s)?)
.ok_or(anyhow!("Invalid secret key"))?;
CryptoKeys::open_without_password(&storage, &master_key, &secret_key).await?
}
- CryptographyRoot::PasswordProtected => {
- CryptoKeys::open(&storage, password).await?
+ CryptographyRoot::PasswordProtected { root_blob } => {
+ CryptoKeys::open(password, root_blob).await?
}
CryptographyRoot::Keyring => unimplemented!(),
};