From 383f8ea7dc4a264613cfe92b257878eb78438ce7 Mon Sep 17 00:00:00 2001 From: Dan Finlay Date: Thu, 20 Oct 2016 11:33:18 -0700 Subject: [PATCH] Linted & added salting to vault --- .eslintrc | 2 +- app/scripts/keyring-controller.js | 43 +++++++------------------------ app/scripts/lib/config-manager.js | 2 +- app/scripts/lib/encryptor.js | 16 ++++++++++++ ui/app/actions.js | 2 +- ui/app/app.js | 2 +- ui/app/new-keychain.js | 8 ++---- 7 files changed, 31 insertions(+), 44 deletions(-) diff --git a/.eslintrc b/.eslintrc index 95eab7337..1dff2324e 100644 --- a/.eslintrc +++ b/.eslintrc @@ -129,7 +129,7 @@ "one-var": [2, { "initialized": "never" }], "operator-linebreak": [1, "after", { "overrides": { "?": "before", ":": "before" } }], "padded-blocks": [1, "never"], - "quotes": [2, "single", "avoid-escape"], + "quotes": [2, "single", {"avoidEscape": true, "allowTemplateLiterals": true}], "semi": [2, "never"], "semi-spacing": [2, { "before": false, "after": true }], "space-before-blocks": [1, "always"], diff --git a/app/scripts/keyring-controller.js b/app/scripts/keyring-controller.js index 84601916f..f6b1e9358 100644 --- a/app/scripts/keyring-controller.js +++ b/app/scripts/keyring-controller.js @@ -12,37 +12,6 @@ module.exports = class KeyringController extends EventEmitter { this.keyChains = [] } - keyFromPassword(password, callback) { - deriveKeyFromPassword(password, callback); - } - - // Takes a pw and callback, returns a password-dervied key - getKeyForPassword(password, callback) { - let salt = this.configManager.getSalt() - - if (!salt) { - salt = generateSalt(32) - this.configManager.setSalt(salt) - } - - var logN = 14 - var r = 8 - var dkLen = 32 - var interruptStep = 200 - - var cb = function(derKey) { - try { - var ui8arr = (new Uint8Array(derKey)) - this.pwDerivedKey = ui8arr - callback(null, ui8arr) - } catch (err) { - callback(err) - } - } - - scrypt(password, salt, logN, r, dkLen, interruptStep, cb, null) - } - getState() { return { isInitialized: !!this.configManager.getVault(), @@ -66,11 +35,13 @@ module.exports = class KeyringController extends EventEmitter { } createNewVault(password, entropy, cb) { + const salt = generateNewSalt() + this.configManager.setSalt(salt) this.loadKey(password) .then((key) => { return encryptor.encryptWithKey(key, {}) }) - .then((encryptedString) => { + .then((encryptedString) => { this.configManager.setVault(encryptedString) cb(null, this.getState()) }) @@ -90,7 +61,8 @@ module.exports = class KeyringController extends EventEmitter { } loadKey(password) { - return encryptor.keyFromPassword(password) + const salt = this.configManager.getSalt() + return encryptor.keyFromPassword(password + salt) .then((key) => { this.key = key return key @@ -141,5 +113,8 @@ module.exports = class KeyringController extends EventEmitter { } function generateSalt (byteCount) { - return bitcore.crypto.Random.getRandomBuffer(byteCount || 32).toString('base64') + var view = new Uint8Array(32) + global.crypto.getRandomValues(view) + var b64encoded = btoa(String.fromCharCode.apply(null, view)) + return b64encoded } diff --git a/app/scripts/lib/config-manager.js b/app/scripts/lib/config-manager.js index d12304c46..ae4a84082 100644 --- a/app/scripts/lib/config-manager.js +++ b/app/scripts/lib/config-manager.js @@ -118,7 +118,7 @@ ConfigManager.prototype.setVault = function (encryptedString) { ConfigManager.prototype.getVault = function () { var data = this.getData() - return ('vault' in data) && data.vault + return ('vault' in data) && data.vault } ConfigManager.prototype.getKeychains = function () { diff --git a/app/scripts/lib/encryptor.js b/app/scripts/lib/encryptor.js index 91d6ed5ce..8a3b0b023 100644 --- a/app/scripts/lib/encryptor.js +++ b/app/scripts/lib/encryptor.js @@ -18,6 +18,10 @@ module.exports = { // Buffer <-> Hex string methods serializeBufferForStorage, serializeBufferFromStorage, + + // Buffer <-> base64 string methods + encodeBufferToBase64, + decodeBase64ToBuffer, } // Takes a Pojo, returns encrypted text. @@ -117,3 +121,15 @@ function unprefixedHex (num) { } return hex } + +function encodeBufferToBase64 (buf) { + var b64encoded = btoa(String.fromCharCode.apply(null, buf)) + return b64encoded +} + +function decodeBase64ToBuffer (base64) { + var u8_2 = new Uint8Array(atob(b64encoded).split("") + .map(function(c) { + return c.charCodeAt(0) + })) +} diff --git a/ui/app/actions.js b/ui/app/actions.js index d5a00833b..b70716214 100644 --- a/ui/app/actions.js +++ b/ui/app/actions.js @@ -340,7 +340,7 @@ function backToUnlockView () { function showNewKeychain () { return { - type: actions.SHOW_NEW_KEYCHAIN + type: actions.SHOW_NEW_KEYCHAIN, } } diff --git a/ui/app/app.js b/ui/app/app.js index cbe02b683..fb9b16a3a 100644 --- a/ui/app/app.js +++ b/ui/app/app.js @@ -8,7 +8,7 @@ const ReactCSSTransitionGroup = require('react-addons-css-transition-group') const DisclaimerScreen = require('./first-time/disclaimer') const InitializeMenuScreen = require('./first-time/init-menu') const CreateVaultScreen = require('./first-time/create-vault') -const NewKeychainScreen = require('./new-keychain') +const NewKeyChainScreen = require('./new-keychain') // unlock const UnlockScreen = require('./unlock') // accounts diff --git a/ui/app/new-keychain.js b/ui/app/new-keychain.js index d6fefd0c7..cc9633166 100644 --- a/ui/app/new-keychain.js +++ b/ui/app/new-keychain.js @@ -15,7 +15,7 @@ function NewKeychain () { } NewKeychain.prototype.render = function () { - const props = this.props + // const props = this.props return ( h('div', { @@ -23,11 +23,7 @@ NewKeychain.prototype.render = function () { background: 'blue', }, }, [ - h('h1',`Here's a list!!!!`), - h('button', - { - onClick: () => this.props.dispatch(actions.goHome()) - }) + h('h1', `Here's a list!!!!`), ]) ) }