diff --git a/backend/zkppSalt.js b/backend/zkppSalt.js index 225c54ca92..a0b40859df 100644 --- a/backend/zkppSalt.js +++ b/backend/zkppSalt.js @@ -303,14 +303,7 @@ export const updateContractSalt = async (contract: string, r: string, s: string, } try { - const argsObj = JSON.parse(Buffer.from(args).toString()) - - if (!Array.isArray(argsObj) || argsObj.length !== 3 || !argsObj.reduce((acc, cv) => acc && typeof cv === 'string', true)) { - console.error(`update: Error validating the encrypted arguments for contract ID ${contract} (${JSON.stringify({ r, s, hc })})`) - return false - } - - const [hashedPassword, authSalt, contractSalt] = argsObj + const hashedPassword = Buffer.from(args).toString() const recordId = await computeZkppSaltRecordId(contract) if (!recordId) { @@ -318,6 +311,9 @@ export const updateContractSalt = async (contract: string, r: string, s: string, return false } + const authSalt = Buffer.from(hashStringArray('AUTHSALT', c)).slice(0, 18).toString('base64') + const contractSalt = Buffer.from(hashStringArray('CONTRACTSALT', c)).slice(0, 18).toString('base64') + const token = encryptSaltUpdate( hashUpdateSecret, recordId, diff --git a/shared/zkpp.js b/shared/zkpp.js index 01ef82c164..28efbb46c4 100644 --- a/shared/zkpp.js +++ b/shared/zkpp.js @@ -137,27 +137,22 @@ export const buildRegisterSaltRequest = async (publicKey: string, secretKey: Uin } export const buildUpdateSaltRequestEa = async (password: string, c: Uint8Array): Promise<[string, string]> => { - // TODO: Derive S_A and S_C as follows: - // -> q -< random - // -> r -< SHA-512(SHA-512('SU') + SHA-512(q)) - // -> b -< SHA-512(r) // as it's now - // Then, - // -> S_T -< BASE64(SHA-512(SHA-512(T) + SHA-512(q))[0..18]) with T being + // Derive S_A and S_C as follows: + // -> S_T -< BASE64(SHA-512(SHA-512(T) + SHA-512(c))[0..18]) with T being // `AUTHSALT` or `CONTRACTSALT` // This way, we ensure both the server and the client contribute to the // salts' entropy. // When sending the encrypted data, the encrypted information would be - // `[hashedPassword, q]`, which needs to be verified server-side to verify + // `hashedPassword`, which needs to be verified server-side to verify // it matches p and would be used to derive S_A and S_C. - const [authSalt, contractSalt] = ['a', 'b'] + const authSalt = Buffer.from(hashStringArray('AUTHSALT', c)).slice(0, 18).toString('base64') + const contractSalt = Buffer.from(hashStringArray('CONTRACTSALT', c)).slice(0, 18).toString('base64') - const encryptionKey = nacl.hash(Buffer.concat([ - Buffer.from('SU'), Buffer.from(c) - ])).slice(0, nacl.secretbox.keyLength) + const encryptionKey = hashRawStringArray('SU', c).slice(0, nacl.secretbox.keyLength) const nonce = nacl.randomBytes(nacl.secretbox.nonceLength) const hashedPassword = await hashPassword(password, authSalt) - const encryptedArgsCiphertext = nacl.secretbox(Buffer.from(JSON.stringify([hashedPassword, authSalt, contractSalt])), nonce, encryptionKey) + const encryptedArgsCiphertext = nacl.secretbox(Buffer.from(hashedPassword), nonce, encryptionKey) const encryptedArgs = Buffer.concat([nonce, encryptedArgsCiphertext])