@lifeready/core 1.1.14 → 1.1.16
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/bundles/lifeready-core.umd.js +99 -103
- package/bundles/lifeready-core.umd.js.map +1 -1
- package/bundles/lifeready-core.umd.min.js +1 -1
- package/bundles/lifeready-core.umd.min.js.map +1 -1
- package/esm2015/lib/auth/life-ready-auth.service.js +4 -1
- package/esm2015/lib/key/key-factory.service.js +21 -32
- package/esm2015/lib/key/key.types.js +1 -1
- package/esm2015/lib/lbop/lbop.service.js +3 -3
- package/esm2015/lib/password/password.service.js +7 -7
- package/esm2015/lib/register/register.service.js +1 -1
- package/esm2015/lib/time/time.service.js +2 -2
- package/esm2015/lib/tp-password-reset/tp-password-reset-user.service.js +1 -1
- package/esm2015/lib/web-crypto/web-crypto.service.js +3 -3
- package/fesm2015/lifeready-core.js +34 -42
- package/fesm2015/lifeready-core.js.map +1 -1
- package/lib/auth/life-ready-auth.service.d.ts +6 -5
- package/lib/key/key-factory.service.d.ts +3 -3
- package/lib/key/key.types.d.ts +3 -3
- package/lib/lbop/lbop.service.d.ts +11 -3
- package/lib/password/password.service.d.ts +4 -4
- package/lib/register/register.service.d.ts +1 -1
- package/lib/tp-password-reset/tp-password-reset-user.service.d.ts +1 -1
- package/lib/web-crypto/web-crypto.service.d.ts +1 -1
- package/lifeready-core.metadata.json +1 -1
- package/package.json +1 -1
|
@@ -627,7 +627,7 @@
|
|
|
627
627
|
handleApolloError(res.errors);
|
|
628
628
|
serverTime = parseInt(res.data.serverTime.timestamp, 10);
|
|
629
629
|
roundtrip = end - start;
|
|
630
|
-
this.offsetMs = serverTime - (start + roundtrip / 2);
|
|
630
|
+
this.offsetMs = Math.round(serverTime - (start + roundtrip / 2));
|
|
631
631
|
if (!this.VERIFY_ENABLED) return [3 /*break*/, 3];
|
|
632
632
|
return [4 /*yield*/, this.verifyCognito()];
|
|
633
633
|
case 2:
|
|
@@ -953,7 +953,7 @@
|
|
|
953
953
|
|
|
954
954
|
var WebCryptoService = /** @class */ (function () {
|
|
955
955
|
function WebCryptoService() {
|
|
956
|
-
this.
|
|
956
|
+
this.kcCrypto = window.crypto;
|
|
957
957
|
}
|
|
958
958
|
WebCryptoService.prototype.toHex = function (buffer) {
|
|
959
959
|
// Ref: https://developer.mozilla.org/en-US/docs/Web/API/SubtleCrypto/digest
|
|
@@ -969,7 +969,7 @@
|
|
|
969
969
|
case 0:
|
|
970
970
|
encoder = new TextEncoder();
|
|
971
971
|
data = encoder.encode(message);
|
|
972
|
-
return [4 /*yield*/, this.
|
|
972
|
+
return [4 /*yield*/, this.kcCrypto.subtle.digest(algorithm, data)];
|
|
973
973
|
case 1:
|
|
974
974
|
hash = _a.sent();
|
|
975
975
|
return [2 /*return*/, this.toHex(hash)];
|
|
@@ -986,25 +986,6 @@
|
|
|
986
986
|
},] }
|
|
987
987
|
];
|
|
988
988
|
|
|
989
|
-
function sha256(message) {
|
|
990
|
-
return __awaiter(this, void 0, void 0, function () {
|
|
991
|
-
var msgBuffer, hashBuffer, hashArray, hashHex;
|
|
992
|
-
return __generator(this, function (_a) {
|
|
993
|
-
switch (_a.label) {
|
|
994
|
-
case 0:
|
|
995
|
-
msgBuffer = new TextEncoder().encode(message);
|
|
996
|
-
return [4 /*yield*/, crypto.subtle.digest('SHA-256', msgBuffer)];
|
|
997
|
-
case 1:
|
|
998
|
-
hashBuffer = _a.sent();
|
|
999
|
-
hashArray = Array.from(new Uint8Array(hashBuffer));
|
|
1000
|
-
hashHex = hashArray
|
|
1001
|
-
.map(function (b) { return ('00' + b.toString(16)).slice(-2); })
|
|
1002
|
-
.join('');
|
|
1003
|
-
return [2 /*return*/, hashHex];
|
|
1004
|
-
}
|
|
1005
|
-
});
|
|
1006
|
-
});
|
|
1007
|
-
}
|
|
1008
989
|
var KeyFactoryService = /** @class */ (function () {
|
|
1009
990
|
function KeyFactoryService(webCryptoService) {
|
|
1010
991
|
this.webCryptoService = webCryptoService;
|
|
@@ -1023,7 +1004,7 @@
|
|
|
1023
1004
|
this.DEFAULT_PASS_IDP_PBKDF_ITER = this.MIN_PASS_IDP_PBKDF_ITER;
|
|
1024
1005
|
this.DEFAULT_PASS_KEY_PBKDF_ITER = this.MIN_PASS_KEY_PBKDF_ITER;
|
|
1025
1006
|
this.DEFAULT_LBOP_KEY_PBKDF_ITER = this.MIN_LBOP_KEY_PBKDF_ITER;
|
|
1026
|
-
this.
|
|
1007
|
+
this.kcCrypto = this.webCryptoService.kcCrypto;
|
|
1027
1008
|
}
|
|
1028
1009
|
KeyFactoryService.asKey = function (key, form, extras) {
|
|
1029
1010
|
// <AZ> Using a single global key store did not seem to improve speed.
|
|
@@ -1036,7 +1017,7 @@
|
|
|
1036
1017
|
}
|
|
1037
1018
|
var validChars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789';
|
|
1038
1019
|
var array = new Uint32Array(digits);
|
|
1039
|
-
this.
|
|
1020
|
+
this.kcCrypto.getRandomValues(array);
|
|
1040
1021
|
array = array.map(function (x) { return validChars.charCodeAt(x % validChars.length); });
|
|
1041
1022
|
return String.fromCharCode.apply(null, array);
|
|
1042
1023
|
};
|
|
@@ -1051,7 +1032,7 @@
|
|
|
1051
1032
|
throw new LrBadArgumentException('chooseN <= 0');
|
|
1052
1033
|
}
|
|
1053
1034
|
var values = new Uint32Array(chooseN);
|
|
1054
|
-
this.
|
|
1035
|
+
this.kcCrypto.getRandomValues(values);
|
|
1055
1036
|
var ret = [];
|
|
1056
1037
|
values.forEach(function (v) { return ret.push(array[v % array.length]); });
|
|
1057
1038
|
return ret;
|
|
@@ -1064,7 +1045,7 @@
|
|
|
1064
1045
|
var key, jwk;
|
|
1065
1046
|
return __generator(this, function (_a) {
|
|
1066
1047
|
switch (_a.label) {
|
|
1067
|
-
case 0: return [4 /*yield*/, this.
|
|
1048
|
+
case 0: return [4 /*yield*/, this.kcCrypto.subtle.generateKey({
|
|
1068
1049
|
name: 'AES-GCM',
|
|
1069
1050
|
length: 256,
|
|
1070
1051
|
}, true, // whether the key is extractable (i.e. can be used in exportKey)
|
|
@@ -1072,7 +1053,7 @@
|
|
|
1072
1053
|
)];
|
|
1073
1054
|
case 1:
|
|
1074
1055
|
key = _a.sent();
|
|
1075
|
-
return [4 /*yield*/, this.
|
|
1056
|
+
return [4 /*yield*/, this.kcCrypto.subtle.exportKey('jwk', key)];
|
|
1076
1057
|
case 2:
|
|
1077
1058
|
jwk = _a.sent();
|
|
1078
1059
|
// Removing the fields not needed by node-jose
|
|
@@ -1088,13 +1069,13 @@
|
|
|
1088
1069
|
var key, jwk;
|
|
1089
1070
|
return __generator(this, function (_a) {
|
|
1090
1071
|
switch (_a.label) {
|
|
1091
|
-
case 0: return [4 /*yield*/, this.
|
|
1072
|
+
case 0: return [4 /*yield*/, this.kcCrypto.subtle.generateKey({
|
|
1092
1073
|
name: 'HMAC',
|
|
1093
1074
|
hash: { name: 'SHA-512' },
|
|
1094
1075
|
}, true, ['sign', 'verify'])];
|
|
1095
1076
|
case 1:
|
|
1096
1077
|
key = _a.sent();
|
|
1097
|
-
return [4 /*yield*/, this.
|
|
1078
|
+
return [4 /*yield*/, this.kcCrypto.subtle.exportKey('jwk', key)];
|
|
1098
1079
|
case 2:
|
|
1099
1080
|
jwk = _a.sent();
|
|
1100
1081
|
// Removing the fields not needed by node-jose
|
|
@@ -1110,7 +1091,7 @@
|
|
|
1110
1091
|
var key, jwk;
|
|
1111
1092
|
return __generator(this, function (_a) {
|
|
1112
1093
|
switch (_a.label) {
|
|
1113
|
-
case 0: return [4 /*yield*/, this.
|
|
1094
|
+
case 0: return [4 /*yield*/, this.kcCrypto.subtle.generateKey({
|
|
1114
1095
|
name: 'RSA-OAEP',
|
|
1115
1096
|
modulusLength: 2048,
|
|
1116
1097
|
// As per suggestion: https://developer.mozilla.org/en-US/docs/Web/API/RsaHashedKeyGenParams
|
|
@@ -1121,7 +1102,7 @@
|
|
|
1121
1102
|
)];
|
|
1122
1103
|
case 1:
|
|
1123
1104
|
key = _a.sent();
|
|
1124
|
-
return [4 /*yield*/, this.
|
|
1105
|
+
return [4 /*yield*/, this.kcCrypto.subtle.exportKey('jwk', key.privateKey)];
|
|
1125
1106
|
case 2:
|
|
1126
1107
|
jwk = _a.sent();
|
|
1127
1108
|
// Removing the fields not needed by node-jose
|
|
@@ -1137,7 +1118,7 @@
|
|
|
1137
1118
|
var key, jwk;
|
|
1138
1119
|
return __generator(this, function (_a) {
|
|
1139
1120
|
switch (_a.label) {
|
|
1140
|
-
case 0: return [4 /*yield*/, this.
|
|
1121
|
+
case 0: return [4 /*yield*/, this.kcCrypto.subtle.generateKey({
|
|
1141
1122
|
name: 'RSASSA-PKCS1-v1_5',
|
|
1142
1123
|
modulusLength: 2048,
|
|
1143
1124
|
// As per suggestion: https://developer.mozilla.org/en-US/docs/Web/API/RsaHashedKeyGenParams
|
|
@@ -1148,7 +1129,7 @@
|
|
|
1148
1129
|
)];
|
|
1149
1130
|
case 1:
|
|
1150
1131
|
key = _a.sent();
|
|
1151
|
-
return [4 /*yield*/, this.
|
|
1132
|
+
return [4 /*yield*/, this.kcCrypto.subtle.exportKey('jwk', key.privateKey)];
|
|
1152
1133
|
case 2:
|
|
1153
1134
|
jwk = _a.sent();
|
|
1154
1135
|
// Removing the fields not needed by node-jose
|
|
@@ -1159,33 +1140,37 @@
|
|
|
1159
1140
|
});
|
|
1160
1141
|
});
|
|
1161
1142
|
};
|
|
1143
|
+
KeyFactoryService.prototype.importPassword = function (plainPassword) {
|
|
1144
|
+
return __awaiter(this, void 0, void 0, function () {
|
|
1145
|
+
var enc;
|
|
1146
|
+
return __generator(this, function (_a) {
|
|
1147
|
+
enc = new TextEncoder();
|
|
1148
|
+
return [2 /*return*/, this.kcCrypto.subtle.importKey('raw', enc.encode(plainPassword), 'PBKDF2', false, ['deriveKey'])];
|
|
1149
|
+
});
|
|
1150
|
+
});
|
|
1151
|
+
};
|
|
1162
1152
|
KeyFactoryService.prototype.deriveKey = function (_a) {
|
|
1163
1153
|
var password = _a.password, salt = _a.salt, iterations = _a.iterations, kid = _a.kid;
|
|
1164
1154
|
return __awaiter(this, void 0, void 0, function () {
|
|
1165
|
-
var
|
|
1155
|
+
var passKey, passKeyJson, jwk;
|
|
1166
1156
|
return __generator(this, function (_a) {
|
|
1167
1157
|
switch (_a.label) {
|
|
1168
|
-
case 0:
|
|
1169
|
-
|
|
1170
|
-
|
|
1158
|
+
case 0: return [4 /*yield*/, this.kcCrypto.subtle.deriveKey({
|
|
1159
|
+
name: 'PBKDF2',
|
|
1160
|
+
salt: new TextEncoder().encode(salt),
|
|
1161
|
+
iterations: iterations,
|
|
1162
|
+
hash: 'SHA-256',
|
|
1163
|
+
}, password, { name: 'AES-GCM', length: 256 }, true, ['encrypt', 'decrypt'])];
|
|
1171
1164
|
case 1:
|
|
1172
|
-
rawKey = _a.sent();
|
|
1173
|
-
return [4 /*yield*/, crypto.subtle.deriveKey({
|
|
1174
|
-
name: 'PBKDF2',
|
|
1175
|
-
salt: new TextEncoder().encode(salt),
|
|
1176
|
-
iterations: iterations,
|
|
1177
|
-
hash: 'SHA-256',
|
|
1178
|
-
}, rawKey, { name: 'AES-GCM', length: 256 }, true, ['encrypt', 'decrypt'])];
|
|
1179
|
-
case 2:
|
|
1180
1165
|
passKey = _a.sent();
|
|
1181
|
-
return [4 /*yield*/,
|
|
1182
|
-
case
|
|
1166
|
+
return [4 /*yield*/, this.kcCrypto.subtle.exportKey('jwk', passKey)];
|
|
1167
|
+
case 2:
|
|
1183
1168
|
passKeyJson = _a.sent();
|
|
1184
1169
|
if (kid) {
|
|
1185
1170
|
passKeyJson.kid = kid;
|
|
1186
1171
|
}
|
|
1187
1172
|
return [4 /*yield*/, KeyFactoryService.asKey(passKeyJson)];
|
|
1188
|
-
case
|
|
1173
|
+
case 3:
|
|
1189
1174
|
jwk = _a.sent();
|
|
1190
1175
|
return [2 /*return*/, { jwk: jwk }];
|
|
1191
1176
|
}
|
|
@@ -5049,30 +5034,30 @@
|
|
|
5049
5034
|
this.idleService = idleService;
|
|
5050
5035
|
this.CLIENT_NONCE_LENGTH = 32;
|
|
5051
5036
|
}
|
|
5052
|
-
PasswordService.prototype.checkPassword = function (
|
|
5037
|
+
PasswordService.prototype.checkPassword = function (plainPassword) {
|
|
5053
5038
|
return __awaiter(this, void 0, void 0, function () {
|
|
5054
5039
|
var years, _a;
|
|
5055
5040
|
return __generator(this, function (_b) {
|
|
5056
5041
|
switch (_b.label) {
|
|
5057
5042
|
case 0:
|
|
5058
|
-
years = this.passwordStrength(
|
|
5043
|
+
years = this.passwordStrength(plainPassword).years;
|
|
5059
5044
|
_a = {
|
|
5060
|
-
length:
|
|
5045
|
+
length: plainPassword.length,
|
|
5061
5046
|
timeToCrack: moment$1.duration({ years: years })
|
|
5062
5047
|
};
|
|
5063
|
-
return [4 /*yield*/, this.getExposureCount(
|
|
5048
|
+
return [4 /*yield*/, this.getExposureCount(plainPassword)];
|
|
5064
5049
|
case 1: return [2 /*return*/, (_a.passwordExposed = _b.sent(),
|
|
5065
5050
|
_a)];
|
|
5066
5051
|
}
|
|
5067
5052
|
});
|
|
5068
5053
|
});
|
|
5069
5054
|
};
|
|
5070
|
-
PasswordService.prototype.getExposureCount = function (
|
|
5055
|
+
PasswordService.prototype.getExposureCount = function (plainPassword) {
|
|
5071
5056
|
return __awaiter(this, void 0, void 0, function () {
|
|
5072
5057
|
var sha1Password, first5sha1, response, results;
|
|
5073
5058
|
return __generator(this, function (_a) {
|
|
5074
5059
|
switch (_a.label) {
|
|
5075
|
-
case 0: return [4 /*yield*/, this.webCryptoService.stringDigest('SHA-1',
|
|
5060
|
+
case 0: return [4 /*yield*/, this.webCryptoService.stringDigest('SHA-1', plainPassword)];
|
|
5076
5061
|
case 1:
|
|
5077
5062
|
sha1Password = _a.sent();
|
|
5078
5063
|
first5sha1 = sha1Password.substring(0, 5);
|
|
@@ -6238,6 +6223,9 @@
|
|
|
6238
6223
|
});
|
|
6239
6224
|
});
|
|
6240
6225
|
};
|
|
6226
|
+
LifeReadyAuthService.prototype.importPassword = function (plainPassword) {
|
|
6227
|
+
return this.keyFactory.importPassword(plainPassword);
|
|
6228
|
+
};
|
|
6241
6229
|
LifeReadyAuthService.prototype.addLogoutListener = function (callback) {
|
|
6242
6230
|
this.logoutListeners.add(callback);
|
|
6243
6231
|
};
|
|
@@ -10460,16 +10448,16 @@
|
|
|
10460
10448
|
LbopService.prototype.create = function (_a) {
|
|
10461
10449
|
var name = _a.name;
|
|
10462
10450
|
return __awaiter(this, void 0, void 0, function () {
|
|
10463
|
-
var lbops, lbopString, _loop_1, this_1, state_1, lbopKeyParams, lbopKey, lbopKeyVerifier, wrappedLbopKeyVerifier, currentUser, masterKey, wrappedMasterKey, meta, cipherMeta, res;
|
|
10464
|
-
return __generator(this, function (
|
|
10465
|
-
switch (
|
|
10451
|
+
var lbops, lbopString, _loop_1, this_1, state_1, lbopKeyParams, lbopKey, _a, _b, _c, _d, _e, lbopKeyVerifier, wrappedLbopKeyVerifier, currentUser, masterKey, wrappedMasterKey, meta, cipherMeta, res;
|
|
10452
|
+
return __generator(this, function (_f) {
|
|
10453
|
+
switch (_f.label) {
|
|
10466
10454
|
case 0:
|
|
10467
10455
|
if (slip39.Slip39Helper.WORD_LIST.length !== 1024) {
|
|
10468
10456
|
throw new LrBadLogicException('Slip39Helper.WORD_LIST.length != 1024');
|
|
10469
10457
|
}
|
|
10470
10458
|
return [4 /*yield*/, this.list()];
|
|
10471
10459
|
case 1:
|
|
10472
|
-
lbops =
|
|
10460
|
+
lbops = _f.sent();
|
|
10473
10461
|
_loop_1 = function () {
|
|
10474
10462
|
lbopString = this_1.keyFactory
|
|
10475
10463
|
.randomChoices(slip39.Slip39Helper.WORD_LIST, this_1.LBOP_WORDS)
|
|
@@ -10488,29 +10476,33 @@
|
|
|
10488
10476
|
}
|
|
10489
10477
|
return [4 /*yield*/, this.keyFactory.createLbopKeyParams()];
|
|
10490
10478
|
case 2:
|
|
10491
|
-
lbopKeyParams =
|
|
10492
|
-
|
|
10493
|
-
|
|
10494
|
-
|
|
10495
|
-
return [4 /*yield*/, this.keyFactory.
|
|
10479
|
+
lbopKeyParams = _f.sent();
|
|
10480
|
+
_b = (_a = this.keyFactory).deriveLbopKey;
|
|
10481
|
+
_d = (_c = Object).assign;
|
|
10482
|
+
_e = {};
|
|
10483
|
+
return [4 /*yield*/, this.keyFactory.importPassword(lbopString)];
|
|
10484
|
+
case 3: return [4 /*yield*/, _b.apply(_a, [_d.apply(_c, [(_e.password = _f.sent(), _e), lbopKeyParams])])];
|
|
10496
10485
|
case 4:
|
|
10497
|
-
|
|
10498
|
-
return [4 /*yield*/, this.
|
|
10486
|
+
lbopKey = (_f.sent()).jwk;
|
|
10487
|
+
return [4 /*yield*/, this.keyFactory.createSignKey()];
|
|
10499
10488
|
case 5:
|
|
10500
|
-
|
|
10501
|
-
return [4 /*yield*/, this.
|
|
10489
|
+
lbopKeyVerifier = _f.sent();
|
|
10490
|
+
return [4 /*yield*/, this.encryptionService.encrypt(lbopKey, lbopKeyVerifier.toJSON(true))];
|
|
10502
10491
|
case 6:
|
|
10503
|
-
|
|
10504
|
-
return [4 /*yield*/, this.
|
|
10492
|
+
wrappedLbopKeyVerifier = _f.sent();
|
|
10493
|
+
return [4 /*yield*/, this.authService.getUser()];
|
|
10505
10494
|
case 7:
|
|
10506
|
-
|
|
10507
|
-
return [4 /*yield*/, this.
|
|
10495
|
+
currentUser = _f.sent();
|
|
10496
|
+
return [4 /*yield*/, this.keyGraph.getKey(currentUser.currentUserKey.masterKey.id)];
|
|
10508
10497
|
case 8:
|
|
10509
|
-
|
|
10498
|
+
masterKey = _f.sent();
|
|
10499
|
+
return [4 /*yield*/, this.encryptionService.encrypt(lbopKey, masterKey.jwk.toJSON(true))];
|
|
10500
|
+
case 9:
|
|
10501
|
+
wrappedMasterKey = _f.sent();
|
|
10510
10502
|
meta = Object.assign(Object.assign({}, (name && { name: name })), { partial: this.getPartial(lbopString) });
|
|
10511
10503
|
return [4 /*yield*/, this.encryptionService.encrypt(masterKey.jwk, meta)];
|
|
10512
|
-
case
|
|
10513
|
-
cipherMeta =
|
|
10504
|
+
case 10:
|
|
10505
|
+
cipherMeta = _f.sent();
|
|
10514
10506
|
return [4 /*yield*/, this.lrApollo.mutate({
|
|
10515
10507
|
mutation: CreateLbopQuery,
|
|
10516
10508
|
variables: {
|
|
@@ -10524,8 +10516,8 @@
|
|
|
10524
10516
|
},
|
|
10525
10517
|
},
|
|
10526
10518
|
})];
|
|
10527
|
-
case
|
|
10528
|
-
res =
|
|
10519
|
+
case 11:
|
|
10520
|
+
res = _f.sent();
|
|
10529
10521
|
return [2 /*return*/, Object.assign(Object.assign({}, res.createLbop.lbop), { lbopString: lbopString })];
|
|
10530
10522
|
}
|
|
10531
10523
|
});
|
|
@@ -10548,59 +10540,63 @@
|
|
|
10548
10540
|
// --------------------------------------------------------------------------------------------------------------------
|
|
10549
10541
|
LbopService.prototype.verifyLbops = function (challengeResult, lbopString) {
|
|
10550
10542
|
return __awaiter(this, void 0, void 0, function () {
|
|
10551
|
-
var clientNonce, _a, _b, lbop, lbopKey, lbopKeyVerifier, serverNonce, signedChallenge, error_1, e_1_1;
|
|
10552
|
-
var e_1,
|
|
10553
|
-
return __generator(this, function (
|
|
10554
|
-
switch (
|
|
10543
|
+
var clientNonce, _a, _b, lbop, lbopKey, _c, _d, _e, _f, _g, lbopKeyVerifier, serverNonce, signedChallenge, error_1, e_1_1;
|
|
10544
|
+
var e_1, _h;
|
|
10545
|
+
return __generator(this, function (_j) {
|
|
10546
|
+
switch (_j.label) {
|
|
10555
10547
|
case 0:
|
|
10556
10548
|
clientNonce = this.keyFactory.randomString(this.CLIENT_NONCE_LENGTH);
|
|
10557
|
-
|
|
10549
|
+
_j.label = 1;
|
|
10558
10550
|
case 1:
|
|
10559
|
-
|
|
10551
|
+
_j.trys.push([1, 11, 12, 13]);
|
|
10560
10552
|
_a = __values(challengeResult.lbops), _b = _a.next();
|
|
10561
|
-
|
|
10553
|
+
_j.label = 2;
|
|
10562
10554
|
case 2:
|
|
10563
|
-
if (!!_b.done) return [3 /*break*/,
|
|
10555
|
+
if (!!_b.done) return [3 /*break*/, 10];
|
|
10564
10556
|
lbop = _b.value;
|
|
10565
|
-
|
|
10566
|
-
|
|
10567
|
-
|
|
10568
|
-
|
|
10557
|
+
_d = (_c = this.keyFactory).deriveLbopKey;
|
|
10558
|
+
_f = (_e = Object).assign;
|
|
10559
|
+
_g = {};
|
|
10560
|
+
return [4 /*yield*/, this.keyFactory.importPassword(lbopString)];
|
|
10561
|
+
case 3: return [4 /*yield*/, _d.apply(_c, [_f.apply(_e, [(_g.password = _j.sent(), _g), lbop.lbopKeyParams])])];
|
|
10569
10562
|
case 4:
|
|
10570
|
-
|
|
10571
|
-
|
|
10563
|
+
lbopKey = (_j.sent()).jwk;
|
|
10564
|
+
_j.label = 5;
|
|
10572
10565
|
case 5:
|
|
10573
|
-
|
|
10566
|
+
_j.trys.push([5, 8, , 9]);
|
|
10567
|
+
return [4 /*yield*/, this.encryptionService.decrypt(lbopKey, lbop.wrappedLbopKeyVerifier)];
|
|
10568
|
+
case 6:
|
|
10569
|
+
lbopKeyVerifier = (_j.sent());
|
|
10574
10570
|
serverNonce = challengeResult.challenge.serverNonce;
|
|
10575
10571
|
return [4 /*yield*/, this.encryptionService.sign(lbopKeyVerifier, {
|
|
10576
10572
|
serverNonce: serverNonce,
|
|
10577
10573
|
clientNonce: clientNonce,
|
|
10578
10574
|
})];
|
|
10579
|
-
case
|
|
10580
|
-
signedChallenge =
|
|
10575
|
+
case 7:
|
|
10576
|
+
signedChallenge = _j.sent();
|
|
10581
10577
|
return [2 /*return*/, {
|
|
10582
10578
|
lbop: lbop,
|
|
10583
10579
|
signedChallenge: signedChallenge,
|
|
10584
10580
|
lbopKey: lbopKey,
|
|
10585
10581
|
}];
|
|
10586
|
-
case 7:
|
|
10587
|
-
error_1 = _d.sent();
|
|
10588
|
-
return [3 /*break*/, 8];
|
|
10589
10582
|
case 8:
|
|
10583
|
+
error_1 = _j.sent();
|
|
10584
|
+
return [3 /*break*/, 9];
|
|
10585
|
+
case 9:
|
|
10590
10586
|
_b = _a.next();
|
|
10591
10587
|
return [3 /*break*/, 2];
|
|
10592
|
-
case
|
|
10593
|
-
case 10:
|
|
10594
|
-
e_1_1 = _d.sent();
|
|
10595
|
-
e_1 = { error: e_1_1 };
|
|
10596
|
-
return [3 /*break*/, 12];
|
|
10588
|
+
case 10: return [3 /*break*/, 13];
|
|
10597
10589
|
case 11:
|
|
10590
|
+
e_1_1 = _j.sent();
|
|
10591
|
+
e_1 = { error: e_1_1 };
|
|
10592
|
+
return [3 /*break*/, 13];
|
|
10593
|
+
case 12:
|
|
10598
10594
|
try {
|
|
10599
|
-
if (_b && !_b.done && (
|
|
10595
|
+
if (_b && !_b.done && (_h = _a.return)) _h.call(_a);
|
|
10600
10596
|
}
|
|
10601
10597
|
finally { if (e_1) throw e_1.error; }
|
|
10602
10598
|
return [7 /*endfinally*/];
|
|
10603
|
-
case
|
|
10599
|
+
case 13: throw new LrException({
|
|
10604
10600
|
source: 'LBOP',
|
|
10605
10601
|
code: 'INVALID_PASSPHRASE',
|
|
10606
10602
|
message: 'Invalid passphrase.',
|