TerribleDev/ente
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Dec

Browse Source
This commit is contained in:
Manav Rathi
2024-08-17 16:38:51 +05:30
parent 93d48f6d6f
commit dbe98acbd7
1 changed files with 17 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
web/packages/new/photos/services/user-entity.ts
View File

@@ -1,5 +1,5 @@
import { sharedCryptoWorker } from "@/base/crypto";
import { decryptAssociatedDataB64 } from "@/base/crypto/ente";
import { decryptAssociatedDataB64, decryptBoxB64 } from "@/base/crypto/ente";
import { authenticatedRequestHeaders, ensureOk, HTTPError } from "@/base/http";
import { getKV, getKVN, setKV } from "@/base/kv";
import { apiURL } from "@/base/origins";
@@ -186,23 +186,16 @@ const userEntityDiff = async (
* See also, [Note: User entity keys].
*/
const getOrCreateEntityKeyB64 = async (type: EntityType) => {
const masterKeyB64 = await masterKeyB64FromSession();
const worker = await sharedCryptoWorker();
const decrypt = async ({ encryptedKey, header }: RemoteUserEntityKey) => {
return worker.decryptB64(encryptedKey, header, masterKeyB64);
};
// See if we already have it locally.
const saved = await savedRemoteUserEntityKey(type);
if (saved) return decrypt(saved);
if (saved) return decryptEntityKey(saved);
// See if remote already has it.
const existing = await getUserEntityKey(type);
if (existing) {
// Only save it if we can decrypt it to avoid corrupting our local state
// in unforeseen circumstances.
const result = await decrypt(existing);
const result = await decryptEntityKey(existing);
await saveRemoteUserEntityKey(type, existing);
return result;
}
@@ -241,6 +234,20 @@ const saveRemoteUserEntityKey = (
entityKey: RemoteUserEntityKey,
) => setKV(entityKeyKey(type), JSON.stringify(entityKey));
/**
* Decrypt an encrypted entity key using the user's master key.
*/
const decryptEntityKey = async ({
encryptedKey,
header,
}: RemoteUserEntityKey) =>
decryptBoxB64({
encryptedDataB64: encryptedKey,
// Remote calls it the header, but it really is the nonce.
nonceB64: header,
keyB64: await masterKeyB64FromSession(),
});
/**
* Fetch the encryption key for the given user entity {@link type} from remote.
*