fix: extension

taturosati · Jun 15, 2024 · fa7caa6 · fa7caa6
1 parent eaa0ef9
commit fa7caa6
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 32 deletions.
diff --git a/Readme.md b/Readme.md
@@ -32,6 +32,8 @@
   - `git clone https://github.com/srosati/passphrasex`
 - Build
   - Install just (https://github.com/casey/just)
+  - Install wasm-pack (https://rustwasm.github.io/wasm-pack/installer/)
+  - Install tailwindcss (https://tailwindcss.com/docs/installation)
   - Go into extension directory `cd passphrasex/extension`
   - Run `just build`
 - Go to chrome://extensions

diff --git a/extension/background-script/src/app.rs b/extension/background-script/src/app.rs
@@ -4,7 +4,6 @@ use anyhow::anyhow;
 use messages::{next_request_id, Credential, RequestId};
 use passphrasex_common::api::Api;
 use passphrasex_common::crypto::asymmetric::KeyPair;
-use passphrasex_common::crypto::symmetric::{decrypt_data, hash};
 use passphrasex_common::model::password::Password;
 use passphrasex_common::model::CredentialsMap;
 use std::collections::HashMap;
@@ -92,17 +91,9 @@ impl App {
         device_password: String,
     ) -> anyhow::Result<()> {
         let pk = sk.public_key.ok_or(anyhow!("No pk found"))?;
-        let salt = sk.salt.ok_or(anyhow!("No salt found"))?;
-        let pass_hash = hash(&device_password, &salt)?;
-
         let sk = sk.secret_key.ok_or(anyhow!("No sk found"))?;
-        let sk = hex::decode(sk).map_err(|err| anyhow!("Unable to decode sk: {:?}", err))?;
-        let sk = decrypt_data(&pass_hash.cipher, sk)?;
-
-        let mut content: [u8; 32] = [0; 32];
-        content.copy_from_slice(&sk[..32]);
 
-        let key_pair = KeyPair::from_sk(content);
+        let key_pair = KeyPair::try_from_sk(sk.as_slice(), device_password.as_str())?;
         if key_pair.get_pk() != pk {
             return Err(anyhow!("Invalid key pair"));
         }
@@ -153,7 +144,7 @@ impl App {
             AppData::Unlocked(app_data) => match app_data.credentials_map.get(&site) {
                 Some(passwords) => match username {
                     Some(username) => {
-                        let id = app_data.key_pair.hash(&format!("{}{}", site, username))?;
+                        let id = app_data.key_pair.hash(&format!("{}{}", site, username));
                         let credential = passwords.get(&id).ok_or(anyhow!("Password not found"))?;
                         let credential = credential.decrypt(&app_data.key_pair);
                         Ok((credential.username, credential.password))
@@ -212,7 +203,7 @@ impl App {
                     return Err(anyhow!("Username & site cannot be empty"));
                 }
 
-                let password_id = app_data.key_pair.hash(&format!("{}{}", site, username))?;
+                let password_id = app_data.key_pair.hash(&format!("{}{}", site, username));
                 let user_id = app_data.key_pair.get_pk();
 
                 let password = Password {

diff --git a/extension/background-script/src/storage.rs b/extension/background-script/src/storage.rs
@@ -4,7 +4,6 @@ use gloo_utils::format::JsValueSerdeExt;
 use js_sys::Object;
 use passphrasex_common::api::Api;
 use passphrasex_common::crypto::asymmetric::{KeyPair, SeedPhrase};
-use passphrasex_common::crypto::symmetric::{encrypt_data, generate_salt, hash};
 use passphrasex_common::model::password::Password;
 use passphrasex_common::model::CredentialsMap;
 use serde::{Deserialize, Serialize};
@@ -19,8 +18,7 @@ pub static CREDENTIALS_KEYS: [&str; 1] = ["credentials"];
 #[derive(Debug, Serialize, Deserialize, Clone)]
 pub struct StorageSecretKey {
     pub public_key: Option<String>,
-    pub secret_key: Option<String>,
-    pub salt: Option<String>,
+    pub secret_key: Option<Vec<u8>>,
 }
 
 impl TryInto<Object> for StorageSecretKey {
@@ -35,33 +33,26 @@ impl TryInto<Object> for StorageSecretKey {
 impl StorageSecretKey {
     pub fn new(
         public_key: Option<String>,
-        secret_key: Option<String>,
-        salt: Option<String>,
+        secret_key: Option<Vec<u8>>,
     ) -> Self {
         Self {
             public_key,
             secret_key,
-            salt,
         }
     }
 
     pub async fn generate(device_password: String) -> anyhow::Result<(Self, String, KeyPair)> {
-        let salt = generate_salt()?;
-        let pass_hash = hash(&device_password, &salt)?;
-
         let seed_phrase = SeedPhrase::new();
         let key_pair = KeyPair::try_new(seed_phrase.clone())?;
 
-        let enc_sk = encrypt_data(&pass_hash.cipher, key_pair.private_key.as_bytes())?;
-        let secret_key = hex::encode(enc_sk.as_slice());
-
+        let secret_key = key_pair.get_sk(&device_password);
         let public_key = key_pair.get_pk();
 
         let api = Api::new(key_pair.clone());
         api.create_user(public_key.clone()).await?;
 
         Ok((
-            Self::new(Some(public_key), Some(secret_key), Some(salt)),
+            Self::new(Some(public_key), Some(secret_key)),
             seed_phrase.get_phrase(),
             key_pair,
         ))
@@ -71,19 +62,14 @@ impl StorageSecretKey {
         seed_phrase: String,
         device_password: String,
     ) -> anyhow::Result<(Self, KeyPair)> {
-        let salt = generate_salt()?;
-        let pass_hash = hash(&device_password, &salt)?;
-
         let seed_phrase = SeedPhrase::from(seed_phrase);
         let key_pair = KeyPair::try_new(seed_phrase)?;
 
-        let enc_sk = encrypt_data(&pass_hash.cipher, key_pair.private_key.as_bytes())?;
-        let secret_key = hex::encode(enc_sk.as_slice());
-
+        let secret_key = key_pair.get_sk(&device_password);
         let public_key = key_pair.get_pk();
 
         Ok((
-            Self::new(Some(public_key), Some(secret_key), Some(salt)),
+            Self::new(Some(public_key), Some(secret_key)),
             key_pair,
         ))
     }