Skip to content
Snippets Groups Projects
Commit 860707f4 authored by Richard T. Carback III's avatar Richard T. Carback III
Browse files

Modify internal password generation to base it off the users password. This is... 

Modify internal password generation to base it off the users password. This is required, for now, for sync to work
parent f725f95d
No related branches found
No related tags found
3 merge requests!127Modify internal password generation to base it off the user's password,!124Update for single DB cipher object,!109Project/haven beta
Hide whitespace changes
Inline Side-by-side
Showing
with 21 additions and 7 deletions
storage/password.go
+ 21
7
View file @ 860707f4
...@@ -23,6 +23,7 @@ import ( ...@@ -23,6 +23,7 @@ import (
"github.com/pkg/errors" "github.com/pkg/errors"
jww "github.com/spf13/jwalterweatherman" jww "github.com/spf13/jwalterweatherman"
"gitlab.com/elixxir/crypto/hash"
"gitlab.com/elixxir/wasm-utils/exception" "gitlab.com/elixxir/wasm-utils/exception"
"gitlab.com/elixxir/wasm-utils/storage" "gitlab.com/elixxir/wasm-utils/storage"
"gitlab.com/elixxir/wasm-utils/utils" "gitlab.com/elixxir/wasm-utils/utils"
...@@ -40,6 +41,8 @@ const ( ...@@ -40,6 +41,8 @@ const (
// saltLen is the length of the salt. Recommended to be 16 bytes here: // saltLen is the length of the salt. Recommended to be 16 bytes here:
// https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-argon2-04#section-3.1 // https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-argon2-04#section-3.1
saltLen = 16 saltLen = 16
internalPasswordConstant = "XXInternalPassword"
) )
// Storage keys. // Storage keys.
...@@ -153,6 +156,9 @@ func getOrInit(externalPassword string) ([]byte, error) { ...@@ -153,6 +156,9 @@ func getOrInit(externalPassword string) ([]byte, error) {
// changeExternalPassword is the private function for ChangeExternalPassword // changeExternalPassword is the private function for ChangeExternalPassword
// that is used for testing. // that is used for testing.
func changeExternalPassword(oldExternalPassword, newExternalPassword string) error { func changeExternalPassword(oldExternalPassword, newExternalPassword string) error {
// NOTE: the following no longer works in synchronized environments, so
// disabled in produciton.
jww.FATAL.Panicf("cannot change password, unimplemented")
localStorage := storage.GetLocalStorage() localStorage := storage.GetLocalStorage()
internalPassword, err := getInternalPassword( internalPassword, err := getInternalPassword(
oldExternalPassword, localStorage) oldExternalPassword, localStorage)
...@@ -193,14 +199,22 @@ func initInternalPassword(externalPassword string, ...@@ -193,14 +199,22 @@ func initInternalPassword(externalPassword string,
params argonParams) ([]byte, error) { params argonParams) ([]byte, error) {
internalPassword := make([]byte, internalPasswordLen) internalPassword := make([]byte, internalPasswordLen)
// FIXME: The internal password is now just an expansion of
// the users password text. We couldn't preserve the following
// when doing cross-device sync.
h := hash.CMixHash.New()
h.Write([]byte(externalPassword))
h.Write(internalPassword)
copy(internalPassword, h.Sum(nil)[:internalPasswordLen])
// Generate internal password // Generate internal password
n, err := csprng.Read(internalPassword) // n, err := csprng.Read(internalPassword)
if err != nil { // if err != nil {
return nil, errors.Errorf(readInternalPasswordErr, err) // return nil, errors.Errorf(readInternalPasswordErr, err)
} else if n != internalPasswordLen { // } else if n != internalPasswordLen {
return nil, errors.Errorf( // return nil, errors.Errorf(
internalPasswordNumBytesErr, internalPasswordLen, n) // internalPasswordNumBytesErr, internalPasswordLen, n)
} // }
// Generate and store salt // Generate and store salt
salt, err := makeSalt(csprng) salt, err := makeSalt(csprng)
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment