Move

web/packages/accounts/pages/change-password.tsx

@@ -10,6 +10,7 @@ import { appHomeRoute, stashRedirect } from "ente-accounts/services/redirect";
 import {
     convertBase64ToBuffer,
     convertBufferToBase64,
+    generateLoginSubKey,
     generateSRPClient,
     generateSRPSetupAttributes,
 } from "ente-accounts/services/srp";
@@ -28,7 +29,6 @@ import { sharedCryptoWorker } from "ente-base/crypto";
 import type { DerivedKey } from "ente-base/crypto/types";
 import {
     generateAndSaveIntermediateKeyAttributes,
-    generateLoginSubKey,
     saveKeyInSessionStore,
 } from "ente-shared/crypto/helpers";
 import { getData, setData } from "ente-shared/storage/localStorage";

web/packages/accounts/pages/credentials.tsx

@@ -23,6 +23,7 @@ import {
 import { checkSessionValidity } from "ente-accounts/services/session";
 import {
     configureSRP,
+    generateLoginSubKey,
     generateSRPSetupAttributes,
     loginViaSRP,
 } from "ente-accounts/services/srp";
@@ -39,7 +40,6 @@ import log from "ente-base/log";
 import {
     decryptAndStoreToken,
     generateAndSaveIntermediateKeyAttributes,
-    generateLoginSubKey,
     saveKeyInSessionStore,
 } from "ente-shared/crypto/helpers";
 import { CustomError } from "ente-shared/error";

web/packages/accounts/services/srp.ts

@@ -1,7 +1,6 @@
 import type { KeyAttributes } from "ente-accounts/services/user";
 import { sharedCryptoWorker } from "ente-base/crypto";
 import log from "ente-base/log";
-import { generateLoginSubKey } from "ente-shared/crypto/helpers";
 import { getToken } from "ente-shared/storage/localStorage/helpers";
 import { SRP, SrpClient } from "fast-srp-hap";
 import { v4 as uuidv4 } from "uuid";
@@ -17,6 +16,29 @@ import type { UserVerificationResponse } from "./user";
 
 const SRP_PARAMS = SRP.params["4096"];
 
+const LOGIN_SUB_KEY_LENGTH = 32;
+const LOGIN_SUB_KEY_ID = 1;
+const LOGIN_SUB_KEY_CONTEXT = "loginctx";
+const LOGIN_SUB_KEY_BYTE_LENGTH = 16;
+
+export const generateLoginSubKey = async (kek: string) => {
+    const cryptoWorker = await sharedCryptoWorker();
+    const kekSubKeyString = await cryptoWorker.deriveSubKey(
+        kek,
+        LOGIN_SUB_KEY_LENGTH,
+        LOGIN_SUB_KEY_ID,
+        LOGIN_SUB_KEY_CONTEXT,
+    );
+    const kekSubKey = await cryptoWorker.fromB64(kekSubKeyString);
+
+    // use first 16 bytes of generated kekSubKey as loginSubKey
+    const loginSubKey = await cryptoWorker.toB64(
+        kekSubKey.slice(0, LOGIN_SUB_KEY_BYTE_LENGTH),
+    );
+
+    return loginSubKey;
+};
+
 export const configureSRP = async ({
     srpSalt,
     srpUserID,

web/packages/shared/crypto/helpers.ts

@@ -4,10 +4,6 @@ import { masterKeyFromSession } from "ente-base/session";
 import { getData, setData, setLSUser } from "ente-shared/storage/localStorage";
 import { type SessionKey, setKey } from "ente-shared/storage/sessionStorage";
 
-const LOGIN_SUB_KEY_LENGTH = 32;
-const LOGIN_SUB_KEY_ID = 1;
-const LOGIN_SUB_KEY_CONTEXT = "loginctx";
-const LOGIN_SUB_KEY_BYTE_LENGTH = 16;
 
 export async function decryptAndStoreToken(
     keyAttributes: KeyAttributes,
@@ -67,23 +63,6 @@ export async function generateAndSaveIntermediateKeyAttributes(
     return intermediateKeyAttributes;
 }
 
-export const generateLoginSubKey = async (kek: string) => {
-    const cryptoWorker = await sharedCryptoWorker();
-    const kekSubKeyString = await cryptoWorker.deriveSubKey(
-        kek,
-        LOGIN_SUB_KEY_LENGTH,
-        LOGIN_SUB_KEY_ID,
-        LOGIN_SUB_KEY_CONTEXT,
-    );
-    const kekSubKey = await cryptoWorker.fromB64(kekSubKeyString);
-
-    // use first 16 bytes of generated kekSubKey as loginSubKey
-    const loginSubKey = await cryptoWorker.toB64(
-        kekSubKey.slice(0, LOGIN_SUB_KEY_BYTE_LENGTH),
-    );
-
-    return loginSubKey;
-};
 
 export const saveKeyInSessionStore = async (
     keyType: SessionKey,