enc wip

package.json

@@ -26,6 +26,7 @@
   "devDependencies": {
     "@asika32764/vite-plugin-show-env": "^1.0.3",
     "@capacitor/cli": "5.7.2",
+    "@types/libsodium-wrappers": "^0.7.13",
     "@types/lodash-es": "^4.17.12",
     "@vitejs/plugin-legacy": "^5.0.0",
     "@vitejs/plugin-vue": "^4.0.0",
@@ -35,10 +36,12 @@
     "@windwalker-io/srp": "^1.0.0",
     "axios": "^1.6.7",
     "axios-url-template": "^1.0.3",
+    "bigint-toolkit": "^0.2.0",
     "cypress": "^13.5.0",
     "eslint": "^8.35.0",
     "eslint-plugin-vue": "^9.9.0",
     "jsdom": "^22.1.0",
+    "libsodium-wrappers": "^0.7.13",
     "lodash-es": "^4.17.21",
     "terser": "^5.4.0",
     "totp-generator": "^1.0.0",

src/service/encryption-service.ts

@@ -0,0 +1,30 @@
+import { concatUnit8 } from '@/utilities/arr';
+import { uint8ToHex } from 'bigint-toolkit';
+import sodium from 'libsodium-wrappers';
+
+export default new class EncryptionService {
+  encrypt(str: string, key: string) {
+    // const nonce = sodium.randombytes_buf(24);
+    // const salt = sodium.randombytes_buf(32);
+
+    const k = sodium.from_hex(key);
+
+    const nonce = sodium.randombytes_buf(sodium.crypto_secretbox_NONCEBYTES);
+    const salt = sodium.randombytes_buf(32);
+
+    const saltStr = new TextDecoder().decode(salt);
+
+    const encKey = sodium.crypto_generichash(32, saltStr + ':ENC', k);
+    const hmacKey = sodium.crypto_generichash(32, saltStr + ':AUTH', k);
+
+    const enc = sodium.crypto_secretbox_easy(str, nonce, encKey);
+
+    const hmac = sodium.crypto_generichash(
+      64,
+      concatUnit8(salt, nonce, enc),
+      hmacKey
+    );
+
+    return uint8ToHex(concatUnit8(salt, nonce, enc, hmac));
+  }
+}

src/utilities/arr.ts

@@ -0,0 +1,15 @@
+
+export function concatUnit8(...items: Uint8Array[]) {
+  const length = items.reduce(
+    (len, item) => len + item.length,
+    0
+  );
+
+  const result = new Uint8Array(length);
+
+  for (const item of items) {
+    result.set(item);
+  }
+
+  return result;
+}

src/views/auth/RegistrationPage.vue

@@ -2,6 +2,7 @@
 
 import logo from '@/assets/images/logo-sq-w.svg';
 import apiClient from '@/service/api-client';
+import encryptionService from '@/service/encryption-service';
 import { accessTokenStorage, refreshTokenStorage, userStorage } from '@/store/main-store';
 import { User } from '@/types';
 import {
@@ -14,7 +15,8 @@ import {
   toastController,
 } from '@ionic/vue';
 import useLoading from '@/utilities/loading';
-import { SRPClient } from '@windwalker-io/srp';
+import { SRPClient, SRPServer } from '@windwalker-io/srp';
+import { uint8ToHex } from 'bigint-toolkit';
 import { ref } from 'vue';
 
 const router = useIonRouter();
@@ -24,12 +26,17 @@ const { loading, run } = useLoading();
 
 async function register() {
   const client = SRPClient.create();
+  const server = SRPServer.create();
 
   const res = await run(async () => {
     const { salt, verifier } = await client.register(email.value, password.value);
-    const A = await client.generatePublic(await client.generateRandomSecret());
+    const { public: A, secret: a, hash: x } = await client.step1(email.value, password.value, salt);
+    const { public: B, secret: b } = await server.step1(email.value, salt, verifier);
+    const { preMasterSecret: S, proof: M1 } = await client.step2(email.value, salt, A, a, B, x);
 
-    return await apiClient.post<{
+    const enc = encryptionService.encrypt(password.value, '724b092810ec86d7e35c9d067702b31ef90bc43a7b598626749914d6a3e033ed');
+
+    return apiClient.post<{
       data: {
         user: User;
         accessToken: string;
@@ -42,8 +49,9 @@ async function register() {
         salt: salt.toString(16),
         verifier: verifier.toString(16),
         A: A.toString(16),
+        enc,
       }
-    )
+    );
   });
 
   const data = res.data.data;

yarn.lock

@@ -1540,6 +1540,11 @@
   resolved "https://registry.yarnpkg.com/@types/json-schema/-/json-schema-7.0.15.tgz#596a1747233694d50f6ad8a7869fcb6f56cf5841"
   integrity sha512-5+fP8P8MFNC+AyZCDxrB2pkZFPGzqQWUzpSeuuVLvm8VMcorNYavBqoFcxK8bQz4Qsbn4oUEEem4wDLfcysGHA==
 
+"@types/libsodium-wrappers@^0.7.13":
+  version "0.7.13"
+  resolved "https://registry.yarnpkg.com/@types/libsodium-wrappers/-/libsodium-wrappers-0.7.13.tgz#769c4ea01de96bb297207586a70777ebf066dcb4"
+  integrity sha512-KeAKtlObirLJk/na6jHBFEdTDjDfFS6Vcr0eG2FjiHKn3Nw8axJFfIu0Y9TpwaauRldQBj/pZm/MHtK76r6OWg==
+
 "@types/lodash-es@^4.17.12":
   version "4.17.12"
   resolved "https://registry.yarnpkg.com/@types/lodash-es/-/lodash-es-4.17.12.tgz#65f6d1e5f80539aa7cfbfc962de5def0cf4f341b"
@@ -2142,6 +2147,11 @@ big-integer@1.6.x:
   resolved "https://registry.yarnpkg.com/big-integer/-/big-integer-1.6.52.tgz#60a887f3047614a8e1bffe5d7173490a97dc8c85"
   integrity sha512-QxD8cf2eVqJOOz63z6JIN9BzvVs/dlySa5HGSBH5xtR8dPteIRQnBxxKqkNTiT6jbDTF6jAfrd4oMcND9RGbQg==
 
+bigint-toolkit@^0.2.0:
+  version "0.2.0"
+  resolved "https://registry.yarnpkg.com/bigint-toolkit/-/bigint-toolkit-0.2.0.tgz#df2b1c5a86e233c4511ea99638d4de75f2ce5614"
+  integrity sha512-2edP99BzJSH9dKxiRfXApTdm3KHvzfOpxLiLSqwGNAnrTrRhSi8Fxi6+LsD9IbwsU0Mm37dTgiTFAAUsFvuWEQ==
+
 binary-extensions@^2.0.0:
   version "2.2.0"
   resolved "https://registry.yarnpkg.com/binary-extensions/-/binary-extensions-2.2.0.tgz#75f502eeaf9ffde42fc98829645be4ea76bd9e2d"
@@ -3647,6 +3657,18 @@ levn@^0.4.1:
     prelude-ls "^1.2.1"
     type-check "~0.4.0"
 
+libsodium-wrappers@^0.7.13:
+  version "0.7.13"
+  resolved "https://registry.yarnpkg.com/libsodium-wrappers/-/libsodium-wrappers-0.7.13.tgz#83299e06ee1466057ba0e64e532777d2929b90d3"
+  integrity sha512-kasvDsEi/r1fMzKouIDv7B8I6vNmknXwGiYodErGuESoFTohGSKZplFtVxZqHaoQ217AynyIFgnOVRitpHs0Qw==
+  dependencies:
+    libsodium "^0.7.13"
+
+libsodium@^0.7.13:
+  version "0.7.13"
+  resolved "https://registry.yarnpkg.com/libsodium/-/libsodium-0.7.13.tgz#230712ec0b7447c57b39489c48a4af01985fb393"
+  integrity sha512-mK8ju0fnrKXXfleL53vtp9xiPq5hKM0zbDQtcxQIsSmxNgSxqCj6R7Hl9PkrNe2j29T4yoDaF7DJLK9/i5iWUw==
+
 listr2@^3.8.3:
   version "3.14.0"
   resolved "https://registry.yarnpkg.com/listr2/-/listr2-3.14.0.tgz#23101cc62e1375fd5836b248276d1d2b51fdbe9e"