Merge pull request #343 from Infisical/mfa

MFA
Infisical · Feb 21, 2023 · c38ccdb · c38ccdb
2 parents 0b356e0 + baaa924
commit c38ccdb
Show file tree

Hide file tree

Showing 8 changed files with 66 additions and 17 deletions.
diff --git a/frontend/src/components/signup/UserInfoStep.tsx b/frontend/src/components/signup/UserInfoStep.tsx
@@ -166,9 +166,6 @@ export default function UserInfoStep({
               SecurityClient.setToken(response.token);
 
               saveTokenToLocalStorage({
-                protectedKey,
-                protectedKeyIV,
-                protectedKeyTag,
                 publicKey,
                 encryptedPrivateKey,
                 iv: encryptedPrivateKeyIV,

diff --git a/frontend/src/components/utilities/attemptLogin.ts b/frontend/src/components/utilities/attemptLogin.ts
@@ -97,9 +97,6 @@ const attemptLogin = async (
             });
 
             saveTokenToLocalStorage({
-              protectedKey,
-              protectedKeyIV,
-              protectedKeyTag,
               publicKey,
               encryptedPrivateKey,
               iv,

diff --git a/frontend/src/components/utilities/attemptLoginMfa.ts b/frontend/src/components/utilities/attemptLoginMfa.ts
@@ -70,9 +70,6 @@ const attemptLoginMfa = async ({
                 });
 
                 saveTokenToLocalStorage({
-                    protectedKey,
-                    protectedKeyIV,
-                    protectedKeyTag,
                     publicKey,
                     encryptedPrivateKey,
                     iv,

diff --git a/frontend/src/components/utilities/cryptography/changePassword.ts b/frontend/src/components/utilities/cryptography/changePassword.ts
@@ -117,9 +117,6 @@ const changePassword = async (
                 });
 
                 saveTokenToLocalStorage({
-                  protectedKey,
-                  protectedKeyIV,
-                  protectedKeyTag,
                   encryptedPrivateKey,
                   iv: encryptedPrivateKeyIV,
                   tag: encryptedPrivateKeyTag

diff --git a/frontend/src/helpers/key.ts b/frontend/src/helpers/key.ts
@@ -82,4 +82,6 @@ let privateKey;
     return privateKey;
 }
 
-export { decryptPrivateKeyHelper };
+export {
+    decryptPrivateKeyHelper
+};
diff --git a/frontend/src/pages/signupinvite.tsx b/frontend/src/pages/signupinvite.tsx
@@ -152,9 +152,6 @@ export default function SignupInvite() {
               SecurityClient.setToken(jwtToken);
 
               saveTokenToLocalStorage({
-                  protectedKey,
-                  protectedKeyIV,
-                  protectedKeyTag,
                   publicKey,
                   encryptedPrivateKey,
                   iv: encryptedPrivateKeyIV,

diff --git a/frontend/src/services/KeyService.ts b/frontend/src/services/KeyService.ts
@@ -1,9 +1,21 @@
-import { decryptPrivateKeyHelper } from '@app/helpers/key';
+import {
+    decryptAssymmetric,
+    encryptAssymmetric} from '@app/components/utilities/cryptography/crypto';
+import { 
+    decryptPrivateKeyHelper
+} from '@app/helpers/key';
 
 /**
  * Class to handle key actions
+ * TODO: in future, all private key-related encryption operations 
+ * must pass through this class
  */
 class KeyService {
+    private static privateKey: string = '';
+
+    static setPrivateKey(privateKey: string) {
+        KeyService.privateKey = privateKey;
+    }
 
     /** Return the user's decrypted private key
      * @param {Object} obj
@@ -51,6 +63,49 @@ class KeyService {
             protectedKeyTag
         });
     }
+
+    /**
+     * Return [plaintext] encrypted by the user's private key
+     * @param {Object} obj
+     * @param {String} obj.plaintext - plaintext to encrypt
+     */
+    static encryptWithPrivateKey({
+        plaintext,
+        publicKey,
+    }: {
+        plaintext: string;
+        publicKey: string;
+    }) {
+        return encryptAssymmetric({
+            plaintext,
+            publicKey,
+            privateKey: KeyService.privateKey
+        });
+    }
+
+    /**
+     * Return [ciphertext] decrypted by the user's private key
+     * @param {Object} obj
+     * @param {String} obj.ciphertext - ciphertext to decrypt
+     * @param {String} obj.ciphertext - iv of ciphertext
+     * @param {String} obj.ciphertext - tag of ciphertext
+     */
+    static decryptWithPrivateKey({
+        ciphertext,
+        nonce,
+        publicKey
+    }: {
+        ciphertext: string;
+        nonce: string;
+        publicKey: string;
+    }) {
+        return decryptAssymmetric({
+            ciphertext,
+            nonce,
+            publicKey,
+            privateKey: KeyService.privateKey
+        });
+    }
 }
 
 export default KeyService;
diff --git a/frontend/src/services/index.ts b/frontend/src/services/index.ts
@@ -0,0 +1,7 @@
+import KeyService from './KeyService';
+import ProjectService from './ProjectService';
+
+export {
+    KeyService,
+    ProjectService
+}