Draft implementation of Register with models

2026-02-10 13:40:06 +00:00 · 2025-03-11 13:36:50 +10:00
parent 1dd768e694
commit 05105ccc35
7 changed files with 71 additions and 7 deletions
--- a/libs/common/src/auth/opaque/default-opaque.service.ts
+++ b/libs/common/src/auth/opaque/default-opaque.service.ts
@@ -1,14 +1,31 @@
+import { KdfConfigService } from "../../../../key-management/src";
 import { UserKey } from "../../types/key";

+import { CipherConfiguration } from "./models/cipher-configuration";
+import { RegistrationFinishRequest } from "./models/registration-finish.request";
+import { RegistrationStartRequest } from "./models/registration-start.request";
 import { OpaqueApiService } from "./opaque-api.service";
 import { OpaqueService } from "./opaque.service";

 export class DefaultOpaqueService implements OpaqueService {
-  constructor(private opaqueApiService: OpaqueApiService) {}
+  constructor(
+    private opaqueApiService: OpaqueApiService,
+    private kdfConfigService: KdfConfigService,
+  ) {}

  async Register(masterPassword: string, userKey: UserKey) {
-    throw new Error("Not implemented");
-    await Promise.resolve();
+    const kdfConfig = await this.kdfConfigService.getKdfConfig(); // note: this doesn't take a UserId but probably should
+
+    const registrationStart = ""; // SDK call: kdfConfig => ClientRegistrationStartResult
+    const serverRegistrationStart = await this.opaqueApiService.RegistrationStart(
+      new RegistrationStartRequest(registrationStart, new CipherConfiguration(kdfConfig)),
+    );
+
+    const registrationFinish = ""; // SDK call: (serverRegistrationStart.serverRegistrationStartResult, userKey) => ClientRegistrationFinishResult
+    await this.opaqueApiService.RegistrationFinish(
+      serverRegistrationStart.credentialId,
+      new RegistrationFinishRequest(registrationFinish),
+    );
  }

  async Login(masterPassword: string) {
--- a/libs/common/src/auth/opaque/models/cipher-configuration.ts
+++ b/libs/common/src/auth/opaque/models/cipher-configuration.ts
@@ -0,0 +1,13 @@
+import { KdfConfig } from "../../../../../key-management/src";
+
+export class CipherConfiguration {
+  opaqueVersion = 1; // TODO: what's the current version?
+  kdf: KdfConfig;
+  oprf = "ristretto-255";
+  ke = "ristretto-255";
+  keyExchange = "triple-diffie-helmen";
+
+  constructor(kdf: KdfConfig) {
+    this.kdf = kdf;
+  }
+}
--- a/libs/common/src/auth/opaque/models/registration-finish.request.ts
+++ b/libs/common/src/auth/opaque/models/registration-finish.request.ts
@@ -0,0 +1,3 @@
+export class RegistrationFinishRequest {
+  constructor(readonly clientRegistrationFinishResult: string) {}
+}
--- a/libs/common/src/auth/opaque/models/registration-start.request.ts
+++ b/libs/common/src/auth/opaque/models/registration-start.request.ts
@@ -0,0 +1,8 @@
+import { CipherConfiguration } from "./cipher-configuration";
+
+export class RegistrationStartRequest {
+  constructor(
+    readonly clientRegistrationStartResult: string,
+    readonly cipherConfiguration: CipherConfiguration,
+  ) {}
+}
--- a/libs/common/src/auth/opaque/models/registration-start.response.ts
+++ b/libs/common/src/auth/opaque/models/registration-start.response.ts
@@ -0,0 +1,14 @@
+import { BaseResponse } from "../../../models/response/base.response";
+import { OpaqueCredentialId } from "../../../types/guid";
+
+export class RegistrationStartResponse extends BaseResponse {
+  credentialId: OpaqueCredentialId;
+  serverRegistrationStartResult: string;
+
+  constructor(response: any) {
+    super(response);
+
+    this.credentialId = this.getResponseProperty("CredentialId");
+    this.serverRegistrationStartResult = this.getResponseProperty("ServerRegistrationStartResult");
+  }
+}
--- a/libs/common/src/auth/opaque/opaque-api.service.ts
+++ b/libs/common/src/auth/opaque/opaque-api.service.ts
@@ -1,6 +1,14 @@
+import { OpaqueCredentialId } from "../../types/guid";
+import { RegistrationFinishRequest } from "./models/registration-finish.request";
+import { RegistrationStartRequest } from "./models/registration-start.request";
+import { RegistrationStartResponse } from "./models/registration-start.response";
+
 export abstract class OpaqueApiService {
-  abstract StartRegistration(): any;
-  abstract FinishRegistration(): any;
-  abstract StartLogin(): any;
-  abstract FinishLogin(): any;
+  abstract RegistrationStart(request: RegistrationStartRequest): Promise<RegistrationStartResponse>;
+  abstract RegistrationFinish(
+    credentialId: OpaqueCredentialId,
+    request: RegistrationFinishRequest,
+  ): Promise<void>;
+  abstract LoginStart(): any;
+  abstract LoginFinish(): any;
 }
--- a/libs/common/src/types/guid.ts
+++ b/libs/common/src/types/guid.ts
@@ -11,3 +11,4 @@ export type CipherId = Opaque<string, "CipherId">;
 export type SendId = Opaque<string, "SendId">;
 export type IndexedEntityId = Opaque<string, "IndexedEntityId">;
 export type SecurityTaskId = Opaque<string, "SecurityTaskId">;
+export type OpaqueCredentialId = Opaque<string, "OpaqueCredentialId">;