From 1477bf07a9306e8c4ceaf1c0dadd6c14c9f0bcc2 Mon Sep 17 00:00:00 2001 From: Sebastian Stenzel Date: Tue, 24 Aug 2021 13:59:51 +0200 Subject: [PATCH] use public key hash as device id --- .../keyloading/hub/ReceiveKeyController.java | 24 +++++++++---------- .../hub/RegisterDeviceController.java | 11 +++++---- 2 files changed, 18 insertions(+), 17 deletions(-) diff --git a/src/main/java/org/cryptomator/ui/keyloading/hub/ReceiveKeyController.java b/src/main/java/org/cryptomator/ui/keyloading/hub/ReceiveKeyController.java index 295aa9244..d14b59ced 100644 --- a/src/main/java/org/cryptomator/ui/keyloading/hub/ReceiveKeyController.java +++ b/src/main/java/org/cryptomator/ui/keyloading/hub/ReceiveKeyController.java @@ -1,12 +1,12 @@ package org.cryptomator.ui.keyloading.hub; import com.google.common.base.Preconditions; -import com.google.common.base.Strings; import com.google.common.io.BaseEncoding; -import com.google.gson.Gson; -import com.google.gson.JsonElement; import dagger.Lazy; +import org.cryptomator.common.settings.DeviceKey; import org.cryptomator.common.vaults.Vault; +import org.cryptomator.cryptolib.common.MessageDigestSupplier; +import org.cryptomator.cryptolib.common.P384KeyPair; import org.cryptomator.ui.common.ErrorComponent; import org.cryptomator.ui.common.FxController; import org.cryptomator.ui.common.FxmlFile; @@ -19,15 +19,9 @@ import org.slf4j.LoggerFactory; import javax.inject.Inject; import javax.inject.Named; -import javafx.application.Application; import javafx.application.Platform; -import javafx.beans.property.ObjectProperty; -import javafx.beans.property.SimpleObjectProperty; -import javafx.beans.property.SimpleStringProperty; -import javafx.beans.property.StringProperty; import javafx.fxml.FXML; import javafx.scene.Scene; -import javafx.scene.control.TextField; import javafx.stage.Stage; import javafx.stage.WindowEvent; import java.io.IOException; @@ -38,7 +32,6 @@ import java.net.URISyntaxException; import java.net.http.HttpClient; import java.net.http.HttpRequest; import java.net.http.HttpResponse; -import java.security.KeyPair; import java.util.Objects; import java.util.concurrent.ExecutorService; import java.util.concurrent.atomic.AtomicReference; @@ -50,6 +43,7 @@ public class ReceiveKeyController implements FxController { private static final String SCHEME_PREFIX = "hub+"; private final Stage window; + private final P384KeyPair keyPair; private final String bearerToken; private final AtomicReference eciesParamsRef; private final UserInteractionLock result; @@ -58,9 +52,11 @@ public class ReceiveKeyController implements FxController { private final URI vaultBaseUri; private final HttpClient httpClient; + @Inject - public ReceiveKeyController(@KeyLoading Vault vault, ExecutorService executor, @KeyLoading Stage window, @Named("bearerToken") AtomicReference tokenRef, AtomicReference eciesParamsRef, UserInteractionLock result, @FxmlScene(FxmlFile.HUB_REGISTER_DEVICE) Lazy registerDeviceScene, ErrorComponent.Builder errorComponent) { + public ReceiveKeyController(@KeyLoading Vault vault, ExecutorService executor, @KeyLoading Stage window, DeviceKey deviceKey, @Named("bearerToken") AtomicReference tokenRef, AtomicReference eciesParamsRef, UserInteractionLock result, @FxmlScene(FxmlFile.HUB_REGISTER_DEVICE) Lazy registerDeviceScene, ErrorComponent.Builder errorComponent) { this.window = window; + this.keyPair = Objects.requireNonNull(deviceKey.get()); this.bearerToken = Objects.requireNonNull(tokenRef.get()); this.eciesParamsRef = eciesParamsRef; this.result = result; @@ -73,7 +69,10 @@ public class ReceiveKeyController implements FxController { @FXML public void initialize() { - var keyUri = appendPath(vaultBaseUri, "/keys/desktop-app"); // TODO use actual device id + var deviceKey = keyPair.getPublic().getEncoded(); + var hashedKey = MessageDigestSupplier.SHA256.get().digest(deviceKey); + var deviceId = BaseEncoding.base16().encode(hashedKey); + var keyUri = appendPath(vaultBaseUri, "/keys/" + deviceId); var request = HttpRequest.newBuilder(keyUri) // .header("Authorization", "Bearer " + bearerToken) // .GET() // @@ -159,5 +158,4 @@ public class ReceiveKeyController implements FxController { throw new IllegalStateException("URI constructed from params known to be valid", e); } } - } diff --git a/src/main/java/org/cryptomator/ui/keyloading/hub/RegisterDeviceController.java b/src/main/java/org/cryptomator/ui/keyloading/hub/RegisterDeviceController.java index ba2c308c7..c4e33dbf5 100644 --- a/src/main/java/org/cryptomator/ui/keyloading/hub/RegisterDeviceController.java +++ b/src/main/java/org/cryptomator/ui/keyloading/hub/RegisterDeviceController.java @@ -2,6 +2,7 @@ package org.cryptomator.ui.keyloading.hub; import com.google.common.io.BaseEncoding; import org.cryptomator.common.settings.DeviceKey; +import org.cryptomator.cryptolib.common.MessageDigestSupplier; import org.cryptomator.cryptolib.common.P384KeyPair; import org.cryptomator.ui.common.FxController; import org.cryptomator.ui.common.UserInteractionLock; @@ -44,10 +45,12 @@ public class RegisterDeviceController implements FxController { @FXML public void browse() { - var deviceKey = BaseEncoding.base64Url().omitPadding().encode(keyPair.getPublic().getEncoded()); - var deviceId = "desktop-app"; // TODO use actual device id - var hash = computeVerificationHash(deviceId + deviceKey + verificationCode); - var url = hubConfig.deviceRegistrationUrl + "?device_key=" + deviceKey + "&device_id=" + deviceId + "&verification_hash=" + hash; + var deviceKey = keyPair.getPublic().getEncoded(); + var encodedKey = BaseEncoding.base64Url().omitPadding().encode(deviceKey); + var hashedKey = MessageDigestSupplier.SHA256.get().digest(deviceKey); + var deviceId = BaseEncoding.base16().encode(hashedKey); + var hash = computeVerificationHash(deviceId + encodedKey + verificationCode); + var url = hubConfig.deviceRegistrationUrl + "?device_key=" + encodedKey + "&device_id=" + deviceId + "&verification_hash=" + hash; application.getHostServices().showDocument(url); }