From afc853f5f58f8fef27165b6ea82ca56c74f34357 Mon Sep 17 00:00:00 2001 From: Sebastian Stenzel Date: Fri, 13 Aug 2021 21:41:43 +0200 Subject: [PATCH] append device registration params to hub url --- .../hub/RegisterDeviceController.java | 31 ++++++++++++++++--- .../resources/fxml/hub_register_device.fxml | 9 +++++- 2 files changed, 34 insertions(+), 6 deletions(-) diff --git a/src/main/java/org/cryptomator/ui/keyloading/hub/RegisterDeviceController.java b/src/main/java/org/cryptomator/ui/keyloading/hub/RegisterDeviceController.java index 1110f3b15..68654a632 100644 --- a/src/main/java/org/cryptomator/ui/keyloading/hub/RegisterDeviceController.java +++ b/src/main/java/org/cryptomator/ui/keyloading/hub/RegisterDeviceController.java @@ -1,7 +1,6 @@ package org.cryptomator.ui.keyloading.hub; import com.google.common.io.BaseEncoding; -import org.cryptomator.common.vaults.Vault; import org.cryptomator.ui.common.FxController; import org.cryptomator.ui.common.UserInteractionLock; import org.cryptomator.ui.keyloading.KeyLoading; @@ -9,11 +8,14 @@ import org.cryptomator.ui.keyloading.KeyLoadingScoped; import javax.inject.Inject; import javafx.application.Application; -import javafx.event.Event; import javafx.fxml.FXML; import javafx.stage.Stage; import javafx.stage.WindowEvent; +import java.nio.charset.StandardCharsets; import java.security.KeyPair; +import java.security.MessageDigest; +import java.security.NoSuchAlgorithmException; +import java.security.SecureRandom; import java.util.Objects; import java.util.concurrent.atomic.AtomicReference; @@ -25,22 +27,25 @@ public class RegisterDeviceController implements FxController { private final HubConfig hubConfig; private final KeyPair keyPair; private final UserInteractionLock result; + private final String verificationCode; @Inject - public RegisterDeviceController(Application application, @KeyLoading Stage window, HubConfig hubConfig, AtomicReference keyPairRef, UserInteractionLock result) { + public RegisterDeviceController(Application application, SecureRandom csprng, @KeyLoading Stage window, HubConfig hubConfig, AtomicReference keyPairRef, UserInteractionLock result) { this.application = application; this.window = window; this.hubConfig = hubConfig; this.keyPair = Objects.requireNonNull(keyPairRef.get()); this.result = result; this.window.addEventHandler(WindowEvent.WINDOW_HIDING, this::windowClosed); + this.verificationCode = String.format("%06d", csprng.nextInt(1_000_000)); } @FXML public void browse() { var deviceKey = BaseEncoding.base64Url().omitPadding().encode(keyPair.getPublic().getEncoded()); - var url = hubConfig.deviceRegistrationUrl + "?device_key=" + deviceKey; - // TODO append further params (including hmac of shown verification code) + var deviceId = "desktop-app"; // TODO use actual device id + var hash = computeVerificationHash(deviceId + deviceKey + verificationCode); + var url = hubConfig.deviceRegistrationUrl + "?device_key=" + deviceKey + "&device_id=" + deviceId + "&verification_hash=" + hash; application.getHostServices().showDocument(url); } @@ -56,4 +61,20 @@ public class RegisterDeviceController implements FxController { } } + private static String computeVerificationHash(String input) { + try { + var digest = MessageDigest.getInstance("SHA-256"); + digest.update(StandardCharsets.UTF_8.encode(input)); + return BaseEncoding.base64Url().omitPadding().encode(digest.digest()); + } catch (NoSuchAlgorithmException e) { + throw new IllegalStateException("Every implementation of the Java platform is required to support SHA-256."); + } + } + + /* Getter */ + + public String getVerificationCode() { + return verificationCode; + } + } diff --git a/src/main/resources/fxml/hub_register_device.fxml b/src/main/resources/fxml/hub_register_device.fxml index 5daa3596e..41f49f9f1 100644 --- a/src/main/resources/fxml/hub_register_device.fxml +++ b/src/main/resources/fxml/hub_register_device.fxml @@ -8,6 +8,8 @@ + + - + + + + + +