favalib 0.0.9 → 0.0.10

package/build/Command/commandConstructors.d.mts

@@ -2,12 +2,12 @@ import AddEntryCommand from './commands/AddEntryCommand.mjs';
 import AddSyncDeviceCommand from './commands/AddSyncDeviceCommand.mjs';
 import DeleteEntryCommand from './commands/DeleteEntryCommand.mjs';
 import UpdateEntryCommand from './commands/UpdateEntryCommand.mjs';
-import ChangeSyncDeviceMetaCommand from './commands/ChangeSyncDeviceMetaCommand.mjs';
+import ChangeSyncDeviceInfoCommand from './commands/ChangeDeviceInfoCommand.mjs';
 declare const commandConstructors: {
     AddEntry: typeof AddEntryCommand;
     DeleteEntry: typeof DeleteEntryCommand;
     UpdateEntry: typeof UpdateEntryCommand;
     AddSyncDevice: typeof AddSyncDeviceCommand;
-    ChangeSyncDeviceMeta: typeof ChangeSyncDeviceMetaCommand;
+    ChangeSyncDeviceInfo: typeof ChangeSyncDeviceInfoCommand;
 };
 export default commandConstructors;

package/build/Command/commandConstructors.mjs

@@ -2,12 +2,12 @@ import AddEntryCommand from './commands/AddEntryCommand.mjs';
 import AddSyncDeviceCommand from './commands/AddSyncDeviceCommand.mjs';
 import DeleteEntryCommand from './commands/DeleteEntryCommand.mjs';
 import UpdateEntryCommand from './commands/UpdateEntryCommand.mjs';
-import ChangeSyncDeviceMetaCommand from './commands/ChangeSyncDeviceMetaCommand.mjs';
+import ChangeSyncDeviceInfoCommand from './commands/ChangeDeviceInfoCommand.mjs';
 const commandConstructors = {
     AddEntry: AddEntryCommand,
     DeleteEntry: DeleteEntryCommand,
     UpdateEntry: UpdateEntryCommand,
     AddSyncDevice: AddSyncDeviceCommand,
-    ChangeSyncDeviceMeta: ChangeSyncDeviceMetaCommand,
+    ChangeSyncDeviceInfo: ChangeSyncDeviceInfoCommand,
 };
 export default commandConstructors;

package/build/Command/commands/AddSyncDeviceCommand.d.mts

@@ -1,10 +1,11 @@
 import type TwoFaLibMediator from '../../TwoFaLibMediator.mjs';
 import Command from '../BaseCommand.mjs';
-import type { DeviceId } from '../../interfaces/SyncTypes.mjs';
+import type { DeviceId, DeviceInfo } from '../../interfaces/SyncTypes.mjs';
 import type { PublicKey } from '../../interfaces/CryptoLib.mjs';
 export interface AddSyncDeviceData {
     deviceId: DeviceId;
     publicKey: PublicKey;
+    deviceInfo: DeviceInfo;
 }
 /**
  * Represents a command that when executed add an entry to the vault.

package/build/Command/commands/{ChangeSyncDeviceMetaCommand.d.mts → ChangeDeviceInfoCommand.d.mts}

@@ -1,25 +1,25 @@
 import type TwoFaLibMediator from '../../TwoFaLibMediator.mjs';
 import Command from '../BaseCommand.mjs';
 import type { DeviceFriendlyName, DeviceId, DeviceType } from '../../interfaces/SyncTypes.mjs';
-export interface ChangeSyncDeviceMetaData {
+export interface ChangeSyncDeviceInfoData {
     deviceId: DeviceId;
-    newMeta: {
-        deviceFriendlyName: DeviceFriendlyName;
+    newDeviceInfo: {
+        deviceFriendlyName?: DeviceFriendlyName;
         deviceType: DeviceType;
     };
 }
 /**
- * Represents a command that when executed changes the meta info of a sync device
+ * Represents a command that when executed changes the device info of a sync device
  */
-declare class ChangeSyncDeviceMetaCommand extends Command<ChangeSyncDeviceMetaData> {
+declare class ChangeDeviceInfoCommand extends Command<ChangeSyncDeviceInfoData> {
     /**
      * Creates a new ChangeSyncDeviceMetaCommand instance.
      * @inheritdoc
      * @param data - The id of the device to change and the new meta info
      */
-    constructor(data: ChangeSyncDeviceMetaData, id?: string, timestamp?: number, version?: string, fromRemote?: boolean);
+    constructor(data: ChangeSyncDeviceInfoData, id?: string, timestamp?: number, version?: string, fromRemote?: boolean);
     /**
-     * Executes the command to change the sync device metadata
+     * Executes the command to change the sync device info
      * @inheritdoc
      * @throws {InvalidCommandError} If the referenced sync device cannot be found
      */
@@ -28,5 +28,10 @@ declare class ChangeSyncDeviceMetaCommand extends Command<ChangeSyncDeviceMetaDa
      * @inheritdoc
      */
     createUndoCommand(): Command;
+    /**
+     * Validates the command data.
+     * @inheritdoc
+     */
+    validate(mediator: TwoFaLibMediator): boolean;
 }
-export default ChangeSyncDeviceMetaCommand;
+export default ChangeDeviceInfoCommand;

package/build/Command/commands/ChangeDeviceInfoCommand.mjs

@@ -0,0 +1,78 @@
+import { InvalidCommandError, TwoFALibError } from '../../TwoFALibError.mjs';
+import Command from '../BaseCommand.mjs';
+/**
+ * Represents a command that when executed changes the device info of a sync device
+ */
+class ChangeDeviceInfoCommand extends Command {
+    /**
+     * Creates a new ChangeSyncDeviceMetaCommand instance.
+     * @inheritdoc
+     * @param data - The id of the device to change and the new meta info
+     */
+    constructor(data, id, timestamp, version, fromRemote = false) {
+        super('ChangeDeviceInfo', data, id, timestamp, version, fromRemote);
+    }
+    /**
+     * Executes the command to change the sync device info
+     * @inheritdoc
+     * @throws {InvalidCommandError} If the referenced sync device cannot be found
+     */
+    async execute(mediator) {
+        if (!this.validate(mediator)) {
+            throw new InvalidCommandError('Failed to validate ChangeDeviceInfo command');
+        }
+        const lib = mediator.getComponent('lib');
+        if (this.data.deviceId === lib.meta.deviceId) {
+            // we're changing our own friendly name
+            // eslint-disable-next-line @typescript-eslint/dot-notation
+            lib['favaMeta'].deviceFriendlyName =
+                this.data.newDeviceInfo.deviceFriendlyName;
+        }
+        const syncManager = mediator.getComponent('syncManager');
+        if (syncManager) {
+            // eslint-disable-next-line @typescript-eslint/dot-notation
+            const device = syncManager['syncDevices'].find((d) => d.deviceId === this.data.deviceId);
+            if (!device) {
+                throw new InvalidCommandError('Trying to change info of device that is not found');
+            }
+            device.deviceInfo = this.data.newDeviceInfo;
+        }
+        await mediator.getComponent('persistentStorageManager').save();
+    }
+    /**
+     * @inheritdoc
+     */
+    createUndoCommand() {
+        throw new TwoFALibError('Not implemented yet');
+    }
+    /**
+     * Validates the command data.
+     * @inheritdoc
+     */
+    validate(mediator) {
+        const lib = mediator.getComponent('lib');
+        if (this.fromRemote) {
+            // we can only validate this command locally
+            return true;
+        }
+        if (this.data.deviceId !== lib.meta.deviceId) {
+            // device ids are not identical
+            return false;
+        }
+        if (this.data.newDeviceInfo.deviceType !== lib.meta.deviceType) {
+            // Changing device type
+            return false;
+        }
+        const deviceFriendlyName = this.data.newDeviceInfo.deviceFriendlyName;
+        if (deviceFriendlyName !== undefined) {
+            if (deviceFriendlyName.length > 256) {
+                return false;
+            }
+            if (deviceFriendlyName.length < 1) {
+                return false;
+            }
+        }
+        return true;
+    }
+}
+export default ChangeDeviceInfoCommand;

package/build/TwoFaLib.d.mts

@@ -18,7 +18,7 @@ declare class TwoFaLib extends TypedEventTarget<TwoFaLibEventMapEvents> {
     static readonly version = "0.0.1";
     private readonly favaMeta;
     readonly deviceType: DeviceType;
-    deviceFriendlyName: DeviceFriendlyName;
+    deviceFriendlyName?: DeviceFriendlyName;
     private mediator;
     private readonly publicKey;
     private readonly privateKey;
@@ -28,7 +28,7 @@ declare class TwoFaLib extends TypedEventTarget<TwoFaLibEventMapEvents> {
      */
     get meta(): {
         deviceId: import("./interfaces/SyncTypes.mjs").DeviceId;
-        deviceFriendlyName: DeviceFriendlyName;
+        deviceFriendlyName: string | DeviceFriendlyName;
         deviceType: DeviceType;
     };
     /**
@@ -42,7 +42,7 @@ declare class TwoFaLib extends TypedEventTarget<TwoFaLibEventMapEvents> {
      * @param encryptedSymmetricKey - The encrypted symmetric key
      * @param salt - The salt used for key derivation.
      * @param publicKey - The public key of the device.
-     * @param favaMeta - Meta info containing at least a unique identifier for this device.
+     * @param favaMeta - Meta info about this device containing at least a unique identifier for this device.
      * @param vault - The vault data (entries)
      * @param saveFunction - The function to save the data.
      * @param syncState - The state of the sync, includes the serverUrl
@@ -81,6 +81,11 @@ declare class TwoFaLib extends TypedEventTarget<TwoFaLibEventMapEvents> {
      * @param force - Force setting the sync server url, even if no connection can be made
      */
     setSyncServerUrl(serverUrl: string, force?: boolean): Promise<void>;
+    /**
+     * Set a friendly name for this vault (used in syncing)
+     * @param deviceFriendlyName Human readable name for the device
+     */
+    setDeviceFriendlyName(deviceFriendlyName: DeviceFriendlyName): Promise<void>;
     /**
      * Dispatches a library event.
      * @param eventType - The type of the event to dispatch, uses the TwoFaLibEvent enum.

package/build/TwoFaLib.mjs

@@ -1,7 +1,7 @@
 import { TypedEventTarget } from 'typescript-event-target';
 import TwoFaLibMediator from './TwoFaLibMediator.mjs';
 import { TwoFaLibEvent } from './TwoFaLibEvent.mjs';
-import { InitializationError, SyncError } from './TwoFALibError.mjs';
+import { InitializationError, SyncError, TwoFALibError, } from './TwoFALibError.mjs';
 import SyncManager, { ConnectionStatus } from './subclasses/SyncManager.mjs';
 import LibraryLoader from './subclasses/LibraryLoader.mjs';
 import ExportImportManager from './subclasses/ExportImportManager.mjs';
@@ -10,6 +10,7 @@ import VaultDataManager from './subclasses/VaultDataManager.mjs';
 import VaultOperationsManager from './subclasses/VaultOperationsManager.mjs';
 import CommandManager from './subclasses/CommandManager.mjs';
 import StorageOperationsManager from './subclasses/StorageOperationsManager.mjs';
+import ChangeDeviceInfoCommand from './Command/commands/ChangeDeviceInfoCommand.mjs';
 /**
  * The Two-Factor Library, this is the main entry point.
  */
@@ -37,7 +38,7 @@ class TwoFaLib extends TypedEventTarget {
      * @param encryptedSymmetricKey - The encrypted symmetric key
      * @param salt - The salt used for key derivation.
      * @param publicKey - The public key of the device.
-     * @param favaMeta - Meta info containing at least a unique identifier for this device.
+     * @param favaMeta - Meta info about this device containing at least a unique identifier for this device.
      * @param vault - The vault data (entries)
      * @param saveFunction - The function to save the data.
      * @param syncState - The state of the sync, includes the serverUrl
@@ -47,7 +48,6 @@ class TwoFaLib extends TypedEventTarget {
      */
     constructor(deviceType, cryptoLib, passphraseExtraDict, privateKey, symmetricKey, encryptedPrivateKey, encryptedSymmetricKey, salt, publicKey, favaMeta, vault, saveFunction, syncState) {
         super();
-        this.deviceFriendlyName = '';
         if (!deviceType) {
             throw new InitializationError('Device type is required');
         }
@@ -85,13 +85,14 @@ class TwoFaLib extends TypedEventTarget {
             ],
             ['dispatchLibEvent', this.dispatchLibEvent.bind(this)],
             ['log', this.log.bind(this)],
+            ['lib', this],
         ]);
         if (vault) {
             this.mediator.getComponent('vaultDataManager').replaceVault(vault);
         }
         if (syncState?.serverUrl) {
             // Initiate the syncManager
-            this.mediator.registerComponent('syncManager', new SyncManager(this.mediator, this.publicKey, this.privateKey, this.meta, syncState, this.deviceType));
+            this.mediator.registerComponent('syncManager', new SyncManager(this.mediator, this.publicKey, this.privateKey, this.favaMeta, syncState, this.deviceType));
         }
         else {
             // If no syncmanager we're ready now, otherwise the syncmanager is responsible for emitting the ready event
@@ -161,7 +162,7 @@ class TwoFaLib extends TypedEventTarget {
             devices: [],
             commandSendQueue: [],
         };
-        const newSyncManager = new SyncManager(this.mediator, this.publicKey, this.privateKey, this.meta, newSyncState, this.deviceType);
+        const newSyncManager = new SyncManager(this.mediator, this.publicKey, this.privateKey, this.favaMeta, newSyncState, this.deviceType);
         const success = await new Promise((resolve) => {
             this.addEventListener(TwoFaLibEvent.ConnectionToSyncServerStatusChanged, (event) => {
                 if (event.detail.newStatus === ConnectionStatus.CONNECTED) {
@@ -192,6 +193,21 @@ class TwoFaLib extends TypedEventTarget {
         // save
         await this.persistentStorageManager.save();
     }
+    /**
+     * Set a friendly name for this vault (used in syncing)
+     * @param deviceFriendlyName Human readable name for the device
+     */
+    async setDeviceFriendlyName(deviceFriendlyName) {
+        const data = {
+            deviceId: this.favaMeta.deviceId,
+            newDeviceInfo: { deviceType: this.deviceType, deviceFriendlyName },
+        };
+        const command = ChangeDeviceInfoCommand.create(data);
+        if (!command.validate(this.mediator)) {
+            throw new TwoFALibError('Device friendly name has invalid length, max 256 characters');
+        }
+        await this.mediator.getComponent('commandManager').execute(command);
+    }
     /**
      * Dispatches a library event.
      * @param eventType - The type of the event to dispatch, uses the TwoFaLibEvent enum.

package/build/interfaces/CommandTypes.d.mts

@@ -2,7 +2,7 @@ import type { AddEntryData } from '../Command/commands/AddEntryCommand.mjs';
 import type { DeleteEntryData } from '../Command/commands/DeleteEntryCommand.mjs';
 import type { UpdateEntryData } from '../Command/commands/UpdateEntryCommand.mjs';
 import type { AddSyncDeviceData } from '../Command/commands/AddSyncDeviceCommand.mjs';
-import type { ChangeSyncDeviceMetaData } from '../Command/commands/ChangeSyncDeviceMetaCommand.mjs';
+import type { ChangeSyncDeviceInfoData } from '../Command/commands/ChangeDeviceInfoCommand.mjs';
 export type SyncCommand = ({
     type: 'AddEntry';
     data: AddEntryData;
@@ -16,9 +16,9 @@ export type SyncCommand = ({
     type: 'AddSyncDevice';
     data: AddSyncDeviceData;
 } | {
-    type: 'ChangeSyncDeviceMeta';
-    data: ChangeSyncDeviceMetaData;
+    type: 'ChangeSyncDeviceInfo';
+    data: ChangeSyncDeviceInfoData;
 }) & {
     id: string;
 };
-export type CommandData = AddEntryData | DeleteEntryData | UpdateEntryData | AddSyncDeviceData | ChangeSyncDeviceMetaData;
+export type CommandData = AddEntryData | DeleteEntryData | UpdateEntryData | AddSyncDeviceData | ChangeSyncDeviceInfoData;

package/build/interfaces/SyncTypes.d.mts

@@ -1,18 +1,20 @@
 import type { Tagged } from 'type-fest';
 import type { JPakeThreePass, Round1Result } from 'jpake-ts';
-import { PublicKey, SyncKey } from './CryptoLib.mjs';
+import type { PublicKey, SyncKey } from './CryptoLib.mjs';
+import type { Vault, VaultSyncState } from './Vault.mjs';
 export type DeviceId = Tagged<string, 'DeviceId'>;
 export type DeviceType = Tagged<string, 'DeviceType'>;
 export type DeviceFriendlyName = Tagged<string, 'DeviceFriendlyName'>;
+export interface DeviceInfo {
+    deviceType: DeviceType;
+    deviceFriendlyName?: DeviceFriendlyName;
+}
 export interface SyncDevice {
     deviceId: DeviceId;
     publicKey: PublicKey;
-    meta?: {
-        deviceType: DeviceType;
-        deviceFriendlyName: DeviceFriendlyName;
-    };
+    deviceInfo?: DeviceInfo;
 }
-export type PublicSyncDevice = Omit<SyncDevice, 'publicKey'>;
+export type PublicSyncDevice = Omit<SyncDevice, 'publicKey' | 'deviceInfo'> & Partial<SyncDevice['deviceInfo']>;
 export interface BaseAddDeviceFlow {
     jpak: JPakeThreePass;
     addDevicePassword: Uint8Array;
@@ -45,3 +47,10 @@ export interface InitiateAddDeviceFlowResult {
     timestamp: number;
     pass1Result: Record<keyof Round1Result, string>;
 }
+export interface VaultStateSend {
+    deviceId: DeviceId;
+    forDeviceId: DeviceId;
+    deviceFriendlyName?: DeviceFriendlyName;
+    vault: Vault;
+    sync: VaultSyncState;
+}

package/build/main.d.mts

@@ -3,11 +3,11 @@ import type Entry from './interfaces/Entry.mjs';
 import type { EntryId, NewEntry, EntryMeta, EntryType, TotpPayload, Token, EntryMetaWithToken } from './interfaces/Entry.mjs';
 import type CryptoLib from './interfaces/CryptoLib.mjs';
 import type { Encrypted, EncryptedPrivateKey, EncryptedSymmetricKey, EncryptedPublicKey, PrivateKey, SymmetricKey, PublicKey, Passphrase, Salt } from './interfaces/CryptoLib.mjs';
-import type { PublicSyncDevice, DeviceId, DeviceType, DeviceFriendlyName } from './interfaces/SyncTypes.mjs';
+import type { PublicSyncDevice, DeviceId, DeviceType, DeviceFriendlyName, DeviceInfo } from './interfaces/SyncTypes.mjs';
 import type { EncryptedVaultStateString, LockedRepresentationString } from './interfaces/Vault.mjs';
 import type { SaveFunction } from './interfaces/SaveFunction.mjs';
 import { TwoFALibError, InitializationError, AuthenticationError, EntryNotFoundError, TokenGenerationError } from './TwoFALibError.mjs';
 import { TwoFaLibEvent } from './TwoFaLibEvent.mjs';
 import { getTwoFaLibVaultCreationUtils } from './utils/creationUtils.mjs';
 export { TwoFaLib, TwoFALibError, getTwoFaLibVaultCreationUtils, InitializationError, AuthenticationError, EntryNotFoundError, TokenGenerationError, TwoFaLibEvent, };
-export type { Entry, EntryId, NewEntry, EntryMeta, EntryMetaWithToken, EntryType, TotpPayload, Token, EncryptedVaultStateString, LockedRepresentationString, CryptoLib, Encrypted, EncryptedPrivateKey, EncryptedPublicKey, EncryptedSymmetricKey, PrivateKey, SymmetricKey, PublicKey, Passphrase, Salt, DeviceId, DeviceType, DeviceFriendlyName, PublicSyncDevice, SaveFunction, };
+export type { Entry, EntryId, NewEntry, EntryMeta, EntryMetaWithToken, EntryType, TotpPayload, Token, EncryptedVaultStateString, LockedRepresentationString, CryptoLib, Encrypted, EncryptedPrivateKey, EncryptedPublicKey, EncryptedSymmetricKey, PrivateKey, SymmetricKey, PublicKey, Passphrase, Salt, DeviceId, DeviceType, DeviceFriendlyName, DeviceInfo, PublicSyncDevice, SaveFunction, };

package/build/subclasses/PersistentStorageManager.d.mts

@@ -3,7 +3,8 @@ import { EncryptedVaultStateString, LockedRepresentationString } from '../interf
 import type TwoFaLibMediator from '../TwoFaLibMediator.mjs';
 import type { FavaMeta } from '../interfaces/FavaMeta.mjs';
 import type { PassphraseExtraDict } from '../interfaces/PassphraseExtraDict.js';
-import { SaveFunction } from '../interfaces/SaveFunction.mjs';
+import type { SaveFunction } from '../interfaces/SaveFunction.mjs';
+import type { DeviceId } from '../interfaces/SyncTypes.mjs';
 /**
  * Manages all storage of data that should be persistent.
  */
@@ -39,9 +40,10 @@ declare class PersistentStorageManager {
      * Retrieves an encrypted representation of the library's current state.
      * This can be used for secure storage or transmission of the library's data.
      * @param key - The key to decrypt the locked representation with. If not provided the library's current symmetric key will be used.
+     * @param forDeviceId - If the vault is meant for a specific deviceId
      * @returns A promise that resolves with a string representation of the locked state.
      */
-    getEncryptedVaultState(key?: SymmetricKey): Promise<EncryptedVaultStateString>;
+    getEncryptedVaultState(key?: SymmetricKey, forDeviceId?: DeviceId): Promise<EncryptedVaultStateString>;
     /**
      * Creates a partially encrypted representation of all data, except for
      * the passphrase, that is needed to load the library. This can be used

package/build/subclasses/PersistentStorageManager.mjs

@@ -46,13 +46,15 @@ class PersistentStorageManager {
      * Retrieves an encrypted representation of the library's current state.
      * This can be used for secure storage or transmission of the library's data.
      * @param key - The key to decrypt the locked representation with. If not provided the library's current symmetric key will be used.
+     * @param forDeviceId - If the vault is meant for a specific deviceId
      * @returns A promise that resolves with a string representation of the locked state.
      */
-    async getEncryptedVaultState(key) {
+    async getEncryptedVaultState(key, forDeviceId) {
         const vault = this.vaultDataManager.getAllEntries();
         const vaultState = {
             vault,
             deviceId: this.favaMeta.deviceId,
+            forDeviceId,
             deviceFriendlyName: this.favaMeta.deviceFriendlyName,
             sync: {
                 // eslint-disable-next-line @typescript-eslint/dot-notation

package/build/subclasses/SyncManager.d.mts

@@ -1,4 +1,4 @@
-import { SyncDevice, PublicSyncDevice, DeviceFriendlyName, DeviceType } from '../interfaces/SyncTypes.mjs';
+import { SyncDevice, PublicSyncDevice, DeviceType } from '../interfaces/SyncTypes.mjs';
 import type { PrivateKey, PublicKey } from '../interfaces/CryptoLib.mjs';
 import type Command from '../Command/BaseCommand.mjs';
 import type TwoFaLibMediator from '../TwoFaLibMediator.mjs';
@@ -32,7 +32,10 @@ declare class SyncManager {
     private terminateTimeout?;
     private connectionFailedTimeout?;
     private shouldReconnect;
+    private requestedResilver;
+    private requestedResilverTimeout?;
     private get deviceId();
+    private get deviceInfo();
     /**
      * Public getter for the command send queue.
      * @returns The command send queue.
@@ -136,8 +139,8 @@ declare class SyncManager {
     respondToAddDeviceFlow(initiatorData: string | Uint8Array | File, initiatorDataType: 'text' | 'qr'): Promise<void>;
     private finishAddDeviceFlowKeyExchangeInitiator;
     private finishAddDeviceFlowKeyExchangeResponder;
-    private sendFullVaultData;
-    private importInitialVaultState;
+    private sendFullVaultDataAndSetDeviceInfo;
+    private importInitialVault;
     private importVaultState;
     /**
      * Cancels the active add sync device flow.
@@ -169,19 +172,14 @@ declare class SyncManager {
     private resilver;
     /**
      * Add a sync device
-     * @param deviceInfo - The info about the device
+     * @param device - The device to add
      * @param saveAfter - Whether to save the new vault after adding it (set to false when adding multiple devices)
      */
-    addSyncDevice(deviceInfo: SyncDevice, saveAfter?: boolean): Promise<void>;
+    addSyncDevice(device: SyncDevice, saveAfter?: boolean): Promise<void>;
     /**
      * Requests a resilver of the vault
      */
-    requestResilver(): void;
-    /**
-     * Change the meta of the current device, allows setting a friendly name
-     * @param deviceFriendlyName Human readable name for the device
-     */
-    setDeviceFriendlyName(deviceFriendlyName: DeviceFriendlyName): Promise<void>;
+    requestResilver(): Promise<void>;
     /**
      * Function to call when the server connection should be closed
      */

package/build/subclasses/SyncManager.mjs

@@ -4,7 +4,6 @@ import { TwoFaLibEvent } from '../TwoFaLibEvent.mjs';
 import { decodeInitiatorData, jsonToUint8Array } from '../utils/syncUtils.mjs';
 import { InitializationError, SyncAddDeviceFlowConflictError, SyncError, SyncInWrongStateError, SyncNoServerConnectionError, TwoFALibError, } from '../TwoFALibError.mjs';
 import AddSyncDeviceCommand from '../Command/commands/AddSyncDeviceCommand.mjs';
-import ChangeSyncDeviceMetaCommand from '../Command/commands/ChangeSyncDeviceMetaCommand.mjs';
 const IN_TESTING = process.env.NODE_ENV === 'test';
 const IN_DEV = process.env.NODE_ENV === 'development';
 export var ConnectionStatus;
@@ -26,6 +25,12 @@ class SyncManager {
     get deviceId() {
         return this.favaMeta.deviceId;
     }
+    get deviceInfo() {
+        return {
+            deviceType: this.deviceType,
+            deviceFriendlyName: this.favaMeta.deviceFriendlyName,
+        };
+    }
     /**
      * Public getter for the command send queue.
      * @returns The command send queue.
@@ -42,7 +47,7 @@ class SyncManager {
             .filter((d) => d.deviceId !== this.deviceId)
             .map((d) => ({
             deviceId: d.deviceId,
-            meta: d.meta,
+            ...d.deviceInfo,
         }));
     }
     /**
@@ -65,6 +70,7 @@ class SyncManager {
         this.readyEventEmitted = false;
         this.commandSendQueue = [];
         this.shouldReconnect = true;
+        this.requestedResilver = false;
         const { serverUrl, devices, commandSendQueue } = syncState;
         if (!serverUrl.startsWith('wss://')) {
             if (!serverUrl.startsWith('ws://') && !(IN_DEV || IN_TESTING)) {
@@ -79,6 +85,7 @@ class SyncManager {
         void this.addSyncDevice({
             deviceId: this.favaMeta.deviceId,
             publicKey: this.publicKey,
+            deviceInfo: this.deviceInfo,
         }, false);
         // if not yet connected after 2 tries, emit ready event so we can continue
         this.connectionFailedTimeout = setTimeout(() => {
@@ -216,21 +223,27 @@ class SyncManager {
                 void this.finishAddDeviceFlowKeyExchangeResponder(pass3Result);
                 break;
             }
-            case 'publicKey': {
+            case 'publicKeyAndDeviceInfo': {
                 const { data } = message;
-                const { responderEncryptedPublicKey } = data;
-                void this.sendFullVaultData(responderEncryptedPublicKey);
+                const { responderEncryptedPublicKey, responderEncryptedDeviceInfo } = data;
+                void this.sendFullVaultDataAndSetDeviceInfo(responderEncryptedPublicKey, responderEncryptedDeviceInfo);
                 break;
             }
             case 'initialVault': {
                 const { data } = message;
                 const { encryptedVaultData } = data;
-                void this.importInitialVaultState(encryptedVaultData);
+                void this.importInitialVault(encryptedVaultData);
                 break;
             }
             case 'vault': {
+                if (!this.requestedResilver) {
+                    throw new SyncError('Got vault data while no resilver was requested, probably replay attack!');
+                }
                 const { data } = message;
-                const { encryptedVaultData, encryptedSymmetricKey, fromDeviceId } = data;
+                const { encryptedVaultData, encryptedSymmetricKey, fromDeviceId, forDeviceId, } = data;
+                if (forDeviceId !== this.deviceId) {
+                    throw new SyncError('Got vault data for the wrong device!');
+                }
                 void this.cryptoLib
                     .decrypt(this.privateKey, encryptedSymmetricKey)
                     .then((symmetricKey) => this.importVaultState(encryptedVaultData, symmetricKey, fromDeviceId));
@@ -422,14 +435,16 @@ class SyncManager {
             syncKey,
         };
         const responderEncryptedPublicKey = await this.cryptoLib.encryptSymmetric(syncKey, this.publicKey);
+        const responderEncryptedDeviceInfo = await this.cryptoLib.encryptSymmetric(syncKey, JSON.stringify(this.deviceInfo));
         // send our public key
-        this.sendToServer('publicKey', {
+        this.sendToServer('publicKeyAndDeviceInfo', {
             nonce: await this.getNonce(),
             responderEncryptedPublicKey,
+            responderEncryptedDeviceInfo,
             initiatorDeviceId: this.activeAddDeviceFlow.initiatorDeviceId,
         });
     }
-    async sendFullVaultData(responderEncryptedPublicKey) {
+    async sendFullVaultDataAndSetDeviceInfo(responderEncryptedPublicKey, responderEncryptedDeviceInfo) {
         if (!this.ws || !this.webSocketConnected) {
             throw new SyncNoServerConnectionError();
         }
@@ -442,8 +457,10 @@ class SyncManager {
         const syncKey = this.activeAddDeviceFlow.syncKey;
         // Decrypt the received public key
         const decryptedPublicKey = await this.cryptoLib.decryptSymmetric(syncKey, responderEncryptedPublicKey);
+        // decrypt the received device info
+        const responderDeviceInfo = JSON.parse(await this.cryptoLib.decryptSymmetric(syncKey, responderEncryptedDeviceInfo));
         // get the vault data (encrypted with the sync key)
-        const encryptedVaultData = await this.persistentStorageManager.getEncryptedVaultState(syncKey);
+        const encryptedVaultData = await this.persistentStorageManager.getEncryptedVaultState(syncKey, this.activeAddDeviceFlow.responderDeviceId);
         // Send the encrypted vault data to the server
         this.sendToServer('initialVault', {
             nonce: await this.getNonce(),
@@ -454,12 +471,13 @@ class SyncManager {
         const command = AddSyncDeviceCommand.create({
             deviceId: this.activeAddDeviceFlow.responderDeviceId,
             publicKey: decryptedPublicKey,
+            deviceInfo: responderDeviceInfo,
         });
         await this.commandManager.execute(command);
         // all done
         this.activeAddDeviceFlow = undefined;
     }
-    async importInitialVaultState(encryptedVaultState) {
+    async importInitialVault(encryptedVaultState) {
         if (this.activeAddDeviceFlow?.state !== 'responder:syncKeyCreated') {
             throw new SyncInWrongStateError(`Expected responder:syncKeyCreated, got ${this.activeAddDeviceFlow?.state}`);
         }
@@ -473,6 +491,9 @@ class SyncManager {
         if (vaultState.deviceId !== expectedDeviceId) {
             throw new SyncError(`DeviceId mismatch when importing, expected ${expectedDeviceId} got ${vaultState.deviceId}`);
         }
+        if (vaultState.forDeviceId !== this.deviceId) {
+            throw new SyncError(`For deviceId mismatch when importing, expected ${this.deviceId} got ${vaultState.forDeviceId}`);
+        }
         for (const device of vaultState.sync.devices) {
             await this.addSyncDevice(device, false);
         }
@@ -513,6 +534,7 @@ class SyncManager {
                 // skip ourselves
                 return;
             }
+            // unique symmetricKey per command
             const symmetricKey = await this.cryptoLib.createSymmetricKey();
             const encryptedSymmetricKey = await this.cryptoLib.encrypt(device.publicKey, symmetricKey);
             const encryptedCommand = await this.cryptoLib.encryptSymmetric(symmetricKey, JSON.stringify({
@@ -594,7 +616,7 @@ class SyncManager {
             }
             const symmetricKey = await this.cryptoLib.createSymmetricKey();
             const encryptedSymmetricKey = await this.cryptoLib.encrypt(device.publicKey, symmetricKey);
-            const encryptedVaultData = await this.persistentStorageManager.getEncryptedVaultState(symmetricKey);
+            const encryptedVaultData = await this.persistentStorageManager.getEncryptedVaultState(symmetricKey, device.deviceId);
             this.sendToServer('vault', {
                 forDeviceId: device.deviceId,
                 nonce: await this.getNonce(),
@@ -605,17 +627,17 @@ class SyncManager {
     }
     /**
      * Add a sync device
-     * @param deviceInfo - The info about the device
+     * @param device - The device to add
      * @param saveAfter - Whether to save the new vault after adding it (set to false when adding multiple devices)
      */
-    async addSyncDevice(deviceInfo, saveAfter = true) {
-        if (this.syncDevices.some((d) => d.deviceId === deviceInfo.deviceId)) {
+    async addSyncDevice(device, saveAfter = true) {
+        if (this.syncDevices.some((d) => d.deviceId === device.deviceId)) {
             // we already have this device
             return;
         }
-        this.log('info', `Adding syncdevice ${deviceInfo.deviceId} to ${this.deviceId}`);
+        this.log('info', `Adding syncdevice ${device.deviceId} to ${this.deviceId}`);
         this.syncDevices.push({
-            ...deviceInfo,
+            ...device,
         });
         if (saveAfter) {
             await this.persistentStorageManager.save();
@@ -624,29 +646,18 @@ class SyncManager {
     /**
      * Requests a resilver of the vault
      */
-    requestResilver() {
+    async requestResilver() {
         this.sendToServer('startResilver', {
             deviceIds: this.syncDevices.map((d) => d.deviceId),
+            nonce: await this.getNonce(),
         });
-    }
-    /**
-     * Change the meta of the current device, allows setting a friendly name
-     * @param deviceFriendlyName Human readable name for the device
-     */
-    async setDeviceFriendlyName(deviceFriendlyName) {
-        if (deviceFriendlyName.length > 256) {
-            throw new TwoFALibError('Device friendly name is too long, max 256 characters');
+        // Set requestedResilver to true for 60 seconds, after this we no longer
+        // accept vault data
+        this.requestedResilver = true;
+        if (this.requestedResilverTimeout) {
+            clearTimeout(this.requestedResilverTimeout);
         }
-        if (deviceFriendlyName.length < 1) {
-            throw new TwoFALibError('Device friendly name is too short, min 1 character');
-        }
-        this.favaMeta.deviceFriendlyName = deviceFriendlyName;
-        const newMeta = {
-            deviceId: this.deviceId,
-            newMeta: { deviceType: this.deviceType, deviceFriendlyName },
-        };
-        const command = ChangeSyncDeviceMetaCommand.create(newMeta);
-        await this.commandManager.execute(command);
+        this.requestedResilverTimeout = setTimeout(() => (this.requestedResilver = false), 60 * 1000);
     }
     /**
      * Function to call when the server connection should be closed

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "favalib",
-  "version": "0.0.9",
+  "version": "0.0.10",
   "description": "",
   "type": "module",
   "exports": {

package/build/Command/commands/ChangeSyncDeviceMetaCommand.mjs

@@ -1,37 +0,0 @@
-import { InvalidCommandError, TwoFALibError } from '../../TwoFALibError.mjs';
-import Command from '../BaseCommand.mjs';
-/**
- * Represents a command that when executed changes the meta info of a sync device
- */
-class ChangeSyncDeviceMetaCommand extends Command {
-    /**
-     * Creates a new ChangeSyncDeviceMetaCommand instance.
-     * @inheritdoc
-     * @param data - The id of the device to change and the new meta info
-     */
-    constructor(data, id, timestamp, version, fromRemote = false) {
-        super('ChangeSyncDeviceMeta', data, id, timestamp, version, fromRemote);
-    }
-    /**
-     * Executes the command to change the sync device metadata
-     * @inheritdoc
-     * @throws {InvalidCommandError} If the referenced sync device cannot be found
-     */
-    execute(mediator) {
-        const syncManager = mediator.getComponent('syncManager');
-        // eslint-disable-next-line @typescript-eslint/dot-notation
-        const device = syncManager['syncDevices'].find((d) => d.deviceId === this.data.deviceId);
-        if (!device) {
-            throw new InvalidCommandError('Trying to change meta of device that is not found');
-        }
-        device.meta = this.data.newMeta;
-        return Promise.resolve();
-    }
-    /**
-     * @inheritdoc
-     */
-    createUndoCommand() {
-        throw new TwoFALibError('Not implemented yet');
-    }
-}
-export default ChangeSyncDeviceMetaCommand;