move pbkdf2 to web crypto with shim fallback

2025-12-21 02:33:46 +00:00 · 2017-07-08 23:41:02 -04:00
parent b62950fa2b
commit bc8892a237
21 changed files with 284 additions and 192 deletions
--- a/src/app/accounts/accountsLoginController.js
+++ b/src/app/accounts/accountsLoginController.js
@@ -149,12 +149,12 @@ angular
                return;
            }

-            var key = cryptoService.makeKey(_masterPassword, _email);
-            var hash = cryptoService.hashPassword(_masterPassword, key);
-            apiService.twoFactor.sendEmailLogin({
-                email: _email,
-                masterPasswordHash: hash
-            }, function () {
+            return cryptoService.makeKeyAndHash(_email, _masterPassword).then(function (result) {
+                return apiService.twoFactor.sendEmailLogin({
+                    email: _email,
+                    masterPasswordHash: result.hash
+                }).$promise;
+            }).then(function () {
                if (doToast) {
                    toastr.success('Verification email sent to ' + $scope.twoFactorEmail + '.');
                }
--- a/src/app/accounts/accountsRecoverController.js
+++ b/src/app/accounts/accountsRecoverController.js
@@ -6,17 +6,16 @@ angular

        $scope.submit = function (model) {
            var email = model.email.toLowerCase();
-            var key = cryptoService.makeKey(model.masterPassword, email);

-            var request = {
-                email: email,
-                masterPasswordHash: cryptoService.hashPassword(model.masterPassword, key),
-                recoveryCode: model.code.replace(/\s/g, '').toLowerCase()
-            };
-
-            $scope.submitPromise = apiService.twoFactor.recover(request, function () {
+            $scope.submitPromise = cryptoService.makeKeyAndHash(model.email, model.masterPassword).then(function (result) {
+                return apiService.twoFactor.recover({
+                    email: email,
+                    masterPasswordHash: result.hash,
+                    recoveryCode: model.code.replace(/\s/g, '').toLowerCase()
+                }).$promise;
+            }).then(function () {
                $analytics.eventTrack('Recovered 2FA');
                $scope.success = true;
-            }).$promise;
+            });
        };
    });
--- a/src/app/accounts/accountsRegisterController.js
+++ b/src/app/accounts/accountsRegisterController.js
@@ -51,14 +51,17 @@ angular
            }

            var email = $scope.model.email.toLowerCase();
-            var key = cryptoService.makeKey($scope.model.masterPassword, email);
-            var encKey = cryptoService.makeEncKey(key);
+            var makeResult, encKey;

-            $scope.registerPromise = cryptoService.makeKeyPair(encKey.encKey).then(function (result) {
+            $scope.registerPromise = cryptoService.makeKeyAndHash(email, $scope.model.masterPassword).then(function (result) {
+                makeResult = result;
+                encKey = cryptoService.makeEncKey(result.key);
+                return cryptoService.makeKeyPair(encKey.encKey);
+            }).then(function (result) {
                var request = {
                    name: $scope.model.name,
                    email: email,
-                    masterPasswordHash: cryptoService.hashPassword($scope.model.masterPassword, key),
+                    masterPasswordHash: makeResult.hash,
                    masterPasswordHint: $scope.model.masterPasswordHint,
                    key: encKey.encKeyEnc,
                    keys: {