From 3740010117df56c0ab8cfa97c983d9cf0143daf1 Mon Sep 17 00:00:00 2001 From: Florian Dold Date: Thu, 21 Oct 2021 18:51:19 +0200 Subject: anastasis: make recovery work, at least for security questions --- packages/anastasis-core/src/crypto.ts | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) (limited to 'packages/anastasis-core/src/crypto.ts') diff --git a/packages/anastasis-core/src/crypto.ts b/packages/anastasis-core/src/crypto.ts index 8df893f4b..da8338636 100644 --- a/packages/anastasis-core/src/crypto.ts +++ b/packages/anastasis-core/src/crypto.ts @@ -185,6 +185,7 @@ async function anastasisDecrypt( export const asOpaque = (x: string): OpaqueData => x; const asEncryptedKeyShare = (x: OpaqueData): EncryptedKeyShare => x as string; const asEncryptedTruth = (x: OpaqueData): EncryptedTruth => x as string; +const asKeyShare = (x: OpaqueData): KeyShare => x as string; export async function encryptKeyshare( keyShare: KeyShare, @@ -198,6 +199,17 @@ export async function encryptKeyshare( ); } +export async function decryptKeyShare( + encKeyShare: EncryptedKeyShare, + userId: UserIdentifier, + answerSalt?: string, +): Promise { + const s = answerSalt ?? "eks"; + return asKeyShare( + await anastasisDecrypt(asOpaque(userId), asOpaque(encKeyShare), s), + ); +} + export async function encryptTruth( nonce: EncryptionNonce, truthEncKey: TruthKey, @@ -226,6 +238,20 @@ export interface CoreSecretEncResult { encMasterKeys: EncryptedMasterKey[]; } +export async function coreSecretRecover(args: { + encryptedMasterKey: OpaqueData; + policyKey: PolicyKey; + encryptedCoreSecret: OpaqueData; +}): Promise { + const masterKey = await anastasisDecrypt( + asOpaque(args.policyKey), + args.encryptedMasterKey, + "emk", + ); + console.log("recovered master key", masterKey); + return await anastasisDecrypt(masterKey, args.encryptedCoreSecret, "cse"); +} + export async function coreSecretEncrypt( policyKeys: PolicyKey[], coreSecret: OpaqueData, -- cgit v1.2.3