@metamask-previews/keyring-controller 22.0.2-preview-4e3fd4c0 → 22.0.2-preview-c6e5eb7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +0 -8
- package/dist/KeyringController.cjs +7 -37
- package/dist/KeyringController.cjs.map +1 -1
- package/dist/KeyringController.d.cts +4 -11
- package/dist/KeyringController.d.cts.map +1 -1
- package/dist/KeyringController.d.mts +4 -11
- package/dist/KeyringController.d.mts.map +1 -1
- package/dist/KeyringController.mjs +7 -37
- package/dist/KeyringController.mjs.map +1 -1
- package/package.json +1 -1
package/CHANGELOG.md
CHANGED
|
@@ -7,14 +7,6 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
|
|
7
7
|
|
|
8
8
|
## [Unreleased]
|
|
9
9
|
|
|
10
|
-
### Added
|
|
11
|
-
|
|
12
|
-
- Add method `exportEncryptionKey` ([#5984](https://github.com/MetaMask/core/pull/5984))
|
|
13
|
-
|
|
14
|
-
### Changed
|
|
15
|
-
|
|
16
|
-
- Make salt optional with method `submitEncryptionKey` ([#5984](https://github.com/MetaMask/core/pull/5984))
|
|
17
|
-
|
|
18
10
|
## [22.0.2]
|
|
19
11
|
|
|
20
12
|
### Fixed
|
|
@@ -858,12 +858,11 @@ class KeyringController extends base_controller_1.BaseController {
|
|
|
858
858
|
});
|
|
859
859
|
}
|
|
860
860
|
/**
|
|
861
|
-
* Attempts to decrypt the current vault and load its keyrings,
|
|
862
|
-
* given encryption key and salt.
|
|
863
|
-
* consistency with the vault salt.
|
|
861
|
+
* Attempts to decrypt the current vault and load its keyrings,
|
|
862
|
+
* using the given encryption key and salt.
|
|
864
863
|
*
|
|
865
864
|
* @param encryptionKey - Key to unlock the keychain.
|
|
866
|
-
* @param encryptionSalt -
|
|
865
|
+
* @param encryptionSalt - Salt to unlock the keychain.
|
|
867
866
|
* @returns Promise resolving when the operation completes.
|
|
868
867
|
*/
|
|
869
868
|
async submitEncryptionKey(encryptionKey, encryptionSalt) {
|
|
@@ -887,35 +886,6 @@ class KeyringController extends base_controller_1.BaseController {
|
|
|
887
886
|
console.error('Failed to update vault during login:', error);
|
|
888
887
|
}
|
|
889
888
|
}
|
|
890
|
-
/**
|
|
891
|
-
* Exports the vault encryption key.
|
|
892
|
-
*
|
|
893
|
-
* @returns The vault encryption key.
|
|
894
|
-
*/
|
|
895
|
-
async exportEncryptionKey() {
|
|
896
|
-
__classPrivateFieldGet(this, _KeyringController_instances, "m", _KeyringController_assertIsUnlocked).call(this);
|
|
897
|
-
// There is a case where the controller is unlocked but the encryption key
|
|
898
|
-
// is not set, even when #cacheEncryptionKey is true. This happens when
|
|
899
|
-
// calling changePassword with the existing password. In this case, the
|
|
900
|
-
// encryption key is deleted, but the state is not recreated, because the
|
|
901
|
-
// session state does not change in this case, and #updateVault is not
|
|
902
|
-
// called in #persistOrRollback.
|
|
903
|
-
if (!this.state.encryptionKey) {
|
|
904
|
-
assertIsExportableKeyEncryptor(__classPrivateFieldGet(this, _KeyringController_encryptor, "f"));
|
|
905
|
-
assertIsValidPassword(__classPrivateFieldGet(this, _KeyringController_password, "f"));
|
|
906
|
-
const result = await __classPrivateFieldGet(this, _KeyringController_encryptor, "f").decryptWithDetail(__classPrivateFieldGet(this, _KeyringController_password, "f"),
|
|
907
|
-
// Ignoring undefined. Assuming vault is set when unlocked.
|
|
908
|
-
this.state.vault);
|
|
909
|
-
if (__classPrivateFieldGet(this, _KeyringController_cacheEncryptionKey, "f")) {
|
|
910
|
-
this.update((state) => {
|
|
911
|
-
state.encryptionKey = result.exportedKeyString;
|
|
912
|
-
state.encryptionSalt = result.salt;
|
|
913
|
-
});
|
|
914
|
-
}
|
|
915
|
-
return result.exportedKeyString;
|
|
916
|
-
}
|
|
917
|
-
return this.state.encryptionKey;
|
|
918
|
-
}
|
|
919
889
|
/**
|
|
920
890
|
* Attempts to decrypt the current vault and load its keyrings,
|
|
921
891
|
* using the given password.
|
|
@@ -1414,12 +1384,9 @@ async function _KeyringController_unlockKeyrings(password, encryptionKey, encryp
|
|
|
1414
1384
|
}
|
|
1415
1385
|
else {
|
|
1416
1386
|
const parsedEncryptedVault = JSON.parse(encryptedVault);
|
|
1417
|
-
if (encryptionSalt
|
|
1387
|
+
if (encryptionSalt !== parsedEncryptedVault.salt) {
|
|
1418
1388
|
throw new Error(constants_1.KeyringControllerError.ExpiredCredentials);
|
|
1419
1389
|
}
|
|
1420
|
-
else {
|
|
1421
|
-
encryptionSalt = parsedEncryptedVault.salt;
|
|
1422
|
-
}
|
|
1423
1390
|
if (typeof encryptionKey !== 'string') {
|
|
1424
1391
|
throw new TypeError(constants_1.KeyringControllerError.WrongPasswordType);
|
|
1425
1392
|
}
|
|
@@ -1428,6 +1395,9 @@ async function _KeyringController_unlockKeyrings(password, encryptionKey, encryp
|
|
|
1428
1395
|
// This call is required on the first call because encryptionKey
|
|
1429
1396
|
// is not yet inside the memStore
|
|
1430
1397
|
updatedState.encryptionKey = encryptionKey;
|
|
1398
|
+
// we can safely assume that encryptionSalt is defined here
|
|
1399
|
+
// because we compare it with the salt from the vault
|
|
1400
|
+
// eslint-disable-next-line @typescript-eslint/no-non-null-assertion
|
|
1431
1401
|
updatedState.encryptionSalt = encryptionSalt;
|
|
1432
1402
|
}
|
|
1433
1403
|
}
|