From 05105ccc351bd1648d5260da77ab87afae0f8c9e Mon Sep 17 00:00:00 2001
From: Thomas Rittson <trittson@bitwarden.com>
Date: Tue, 11 Mar 2025 13:36:50 +1000
Subject: [PATCH] Draft implementation of Register with models

---
 .../src/auth/opaque/default-opaque.service.ts | 23 ++++++++++++++++---
 .../opaque/models/cipher-configuration.ts     | 13 +++++++++++
 .../models/registration-finish.request.ts     |  3 +++
 .../models/registration-start.request.ts      |  8 +++++++
 .../models/registration-start.response.ts     | 14 +++++++++++
 .../src/auth/opaque/opaque-api.service.ts     | 16 +++++++++----
 libs/common/src/types/guid.ts                 |  1 +
 7 files changed, 71 insertions(+), 7 deletions(-)
 create mode 100644 libs/common/src/auth/opaque/models/cipher-configuration.ts
 create mode 100644 libs/common/src/auth/opaque/models/registration-finish.request.ts
 create mode 100644 libs/common/src/auth/opaque/models/registration-start.request.ts
 create mode 100644 libs/common/src/auth/opaque/models/registration-start.response.ts

diff --git a/libs/common/src/auth/opaque/default-opaque.service.ts b/libs/common/src/auth/opaque/default-opaque.service.ts
index 2294cf038b5..1582cad4282 100644
--- a/libs/common/src/auth/opaque/default-opaque.service.ts
+++ b/libs/common/src/auth/opaque/default-opaque.service.ts
@@ -1,14 +1,31 @@
+import { KdfConfigService } from "../../../../key-management/src";
 import { UserKey } from "../../types/key";
 
+import { CipherConfiguration } from "./models/cipher-configuration";
+import { RegistrationFinishRequest } from "./models/registration-finish.request";
+import { RegistrationStartRequest } from "./models/registration-start.request";
 import { OpaqueApiService } from "./opaque-api.service";
 import { OpaqueService } from "./opaque.service";
 
 export class DefaultOpaqueService implements OpaqueService {
-  constructor(private opaqueApiService: OpaqueApiService) {}
+  constructor(
+    private opaqueApiService: OpaqueApiService,
+    private kdfConfigService: KdfConfigService,
+  ) {}
 
   async Register(masterPassword: string, userKey: UserKey) {
-    throw new Error("Not implemented");
-    await Promise.resolve();
+    const kdfConfig = await this.kdfConfigService.getKdfConfig(); // note: this doesn't take a UserId but probably should
+
+    const registrationStart = ""; // SDK call: kdfConfig => ClientRegistrationStartResult
+    const serverRegistrationStart = await this.opaqueApiService.RegistrationStart(
+      new RegistrationStartRequest(registrationStart, new CipherConfiguration(kdfConfig)),
+    );
+
+    const registrationFinish = ""; // SDK call: (serverRegistrationStart.serverRegistrationStartResult, userKey) => ClientRegistrationFinishResult
+    await this.opaqueApiService.RegistrationFinish(
+      serverRegistrationStart.credentialId,
+      new RegistrationFinishRequest(registrationFinish),
+    );
   }
 
   async Login(masterPassword: string) {
diff --git a/libs/common/src/auth/opaque/models/cipher-configuration.ts b/libs/common/src/auth/opaque/models/cipher-configuration.ts
new file mode 100644
index 00000000000..7c6d07981d7
--- /dev/null
+++ b/libs/common/src/auth/opaque/models/cipher-configuration.ts
@@ -0,0 +1,13 @@
+import { KdfConfig } from "../../../../../key-management/src";
+
+export class CipherConfiguration {
+  opaqueVersion = 1; // TODO: what's the current version?
+  kdf: KdfConfig;
+  oprf = "ristretto-255";
+  ke = "ristretto-255";
+  keyExchange = "triple-diffie-helmen";
+
+  constructor(kdf: KdfConfig) {
+    this.kdf = kdf;
+  }
+}
diff --git a/libs/common/src/auth/opaque/models/registration-finish.request.ts b/libs/common/src/auth/opaque/models/registration-finish.request.ts
new file mode 100644
index 00000000000..49c57adc6c4
--- /dev/null
+++ b/libs/common/src/auth/opaque/models/registration-finish.request.ts
@@ -0,0 +1,3 @@
+export class RegistrationFinishRequest {
+  constructor(readonly clientRegistrationFinishResult: string) {}
+}
diff --git a/libs/common/src/auth/opaque/models/registration-start.request.ts b/libs/common/src/auth/opaque/models/registration-start.request.ts
new file mode 100644
index 00000000000..538855c9445
--- /dev/null
+++ b/libs/common/src/auth/opaque/models/registration-start.request.ts
@@ -0,0 +1,8 @@
+import { CipherConfiguration } from "./cipher-configuration";
+
+export class RegistrationStartRequest {
+  constructor(
+    readonly clientRegistrationStartResult: string,
+    readonly cipherConfiguration: CipherConfiguration,
+  ) {}
+}
diff --git a/libs/common/src/auth/opaque/models/registration-start.response.ts b/libs/common/src/auth/opaque/models/registration-start.response.ts
new file mode 100644
index 00000000000..1ba9d398091
--- /dev/null
+++ b/libs/common/src/auth/opaque/models/registration-start.response.ts
@@ -0,0 +1,14 @@
+import { BaseResponse } from "../../../models/response/base.response";
+import { OpaqueCredentialId } from "../../../types/guid";
+
+export class RegistrationStartResponse extends BaseResponse {
+  credentialId: OpaqueCredentialId;
+  serverRegistrationStartResult: string;
+
+  constructor(response: any) {
+    super(response);
+
+    this.credentialId = this.getResponseProperty("CredentialId");
+    this.serverRegistrationStartResult = this.getResponseProperty("ServerRegistrationStartResult");
+  }
+}
diff --git a/libs/common/src/auth/opaque/opaque-api.service.ts b/libs/common/src/auth/opaque/opaque-api.service.ts
index d9ca05ade42..46525e84a66 100644
--- a/libs/common/src/auth/opaque/opaque-api.service.ts
+++ b/libs/common/src/auth/opaque/opaque-api.service.ts
@@ -1,6 +1,14 @@
+import { OpaqueCredentialId } from "../../types/guid";
+import { RegistrationFinishRequest } from "./models/registration-finish.request";
+import { RegistrationStartRequest } from "./models/registration-start.request";
+import { RegistrationStartResponse } from "./models/registration-start.response";
+
 export abstract class OpaqueApiService {
-  abstract StartRegistration(): any;
-  abstract FinishRegistration(): any;
-  abstract StartLogin(): any;
-  abstract FinishLogin(): any;
+  abstract RegistrationStart(request: RegistrationStartRequest): Promise<RegistrationStartResponse>;
+  abstract RegistrationFinish(
+    credentialId: OpaqueCredentialId,
+    request: RegistrationFinishRequest,
+  ): Promise<void>;
+  abstract LoginStart(): any;
+  abstract LoginFinish(): any;
 }
diff --git a/libs/common/src/types/guid.ts b/libs/common/src/types/guid.ts
index 5ad498c115a..79ad7a7f898 100644
--- a/libs/common/src/types/guid.ts
+++ b/libs/common/src/types/guid.ts
@@ -11,3 +11,4 @@ export type CipherId = Opaque<string, "CipherId">;
 export type SendId = Opaque<string, "SendId">;
 export type IndexedEntityId = Opaque<string, "IndexedEntityId">;
 export type SecurityTaskId = Opaque<string, "SecurityTaskId">;
+export type OpaqueCredentialId = Opaque<string, "OpaqueCredentialId">;