reverted some rsa items

Keeper-Security · Jan 31, 2024 · d64a90f · d64a90f
1 parent 26db381
commit d64a90f
Show file tree

Hide file tree

Showing 3 changed files with 77 additions and 69 deletions.
diff --git a/keeperapi/src/browser/platform.ts b/keeperapi/src/browser/platform.ts
@@ -214,17 +214,17 @@ export const browserPlatform: Platform = class {
                                 await this.importKeyRSA(keyId, keyBytes, storage)
                                 break
                             // TODO: add something like this, need to find pub/priv key pair
-                            case 'ecc':
-                                // gonna figure this out
-                                try {
-                                    debugger
-                                    const privkey = keyBytes.slice(ECC_PUB_KEY_LENGTH)
-                                    const pubKey = keyBytes.slice(0, ECC_PUB_KEY_LENGTH)
-                                    await this.importKeyEC(keyId, privkey, pubKey, storage)
-                                } catch(e){
-                                    console.error('ecc error in unwrapKeys: ', e)
-                                }
-                                break
+                            // case 'ecc':
+                            //     // gonna figure this out
+                            //     try {
+                            //         debugger
+                            //         const privkey = keyBytes.slice(ECC_PUB_KEY_LENGTH)
+                            //         const pubKey = keyBytes.slice(0, ECC_PUB_KEY_LENGTH)
+                            //         await this.importKeyEC(keyId, privkey, pubKey, storage)
+                            //     } catch(e){
+                            //         console.error('ecc error in unwrapKeys: ', e)
+                            //     }
+                            //     break
                             default:
                                 throw new Error(`unable to import ${unwrappedType} key`)
                         }
@@ -275,23 +275,23 @@ export const browserPlatform: Platform = class {
                 await this.unwrapAesKey(key, keyId, unwrappingKeyId, encryptionType, storage, canExport)
                 break
             // TODO: add something like this, need to find pub/priv key pair
-            case 'ecc':
-                if (cryptoKeysCache['gcm'][keyId]) {
-                    return
-                }
-
-                try {
-                    debugger
-                    // maybe this priv key?
-                    // const eccPrivateKey = await this.loadKey(unwrappingKeyId, 'ecc', storage)
-                    const privkey = key.slice(ECC_PUB_KEY_LENGTH)
-                    const pubKey = key.slice(0, ECC_PUB_KEY_LENGTH)
+            // case 'ecc':
+            //     if (cryptoKeysCache['gcm'][keyId]) {
+            //         return
+            //     }
+
+            //     try {
+            //         debugger
+            //         // maybe this priv key?
+            //         // const eccPrivateKey = await this.loadKey(unwrappingKeyId, 'ecc', storage)
+            //         const privkey = key.slice(ECC_PUB_KEY_LENGTH)
+            //         const pubKey = key.slice(0, ECC_PUB_KEY_LENGTH)
 
-                    await this.unwrapECCKey(privkey, pubKey, keyId, unwrappingKeyId, encryptionType, storage)
-                } catch(e){
-                    console.error('ecc error in unwrapKey: ', e)
-                }
-                break
+            //         await this.unwrapECCKey(privkey, pubKey, keyId, unwrappingKeyId, encryptionType, storage)
+            //     } catch(e){
+            //         console.error('ecc error in unwrapKey: ', e)
+            //     }
+            //     break
             default:
                 throw new Error('Unable to unwrap key type ' + unwrappedKeyType)
         }

diff --git a/keeperapi/src/endpoint.ts b/keeperapi/src/endpoint.ts
@@ -288,17 +288,17 @@ export class KeeperEndpoint {
     // RSA TAGGED - done, add ecOnly check to only make ec keys if ec only is true
     public async getOnsitePublicKey(ecOnly:boolean): Promise<string> {
         if (!this.onsitePublicKey || !this.onsitePrivateKey) {
-            if(ecOnly){
-                const {privateKey, publicKey} = await platform.generateECKeyPair()
+            // if(ecOnly){
+            //     const {privateKey, publicKey} = await platform.generateECKeyPair()
 
-                this.onsitePrivateKey = privateKey
-                this.onsitePublicKey = publicKey
-            } else {
-                const {privateKey, publicKey} = await platform.generateRSAKeyPair()
-
-                this.onsitePrivateKey = privateKey
-                this.onsitePublicKey = publicKey
-            }
+            //     this.onsitePrivateKey = privateKey
+            //     this.onsitePublicKey = publicKey
+            // } else {
+            // }
+            const {privateKey, publicKey} = await platform.generateRSAKeyPair()
+
+            this.onsitePrivateKey = privateKey
+            this.onsitePublicKey = publicKey
         }
 
         return webSafe64FromBytes(this.onsitePublicKey)

diff --git a/keeperapi/src/vaultx.ts b/keeperapi/src/vaultx.ts
@@ -292,31 +292,39 @@ export const processTeams = async (teams: NN<ITeam>[], storage: VaultStorage, de
             }
         }
 
-        switch (team.teamKeyType) {
-            case Records.RecordKeyType.ENCRYPTED_BY_DATA_KEY:
-                teamPrivateKeys[teamUid + '_priv'] = {
-                    data: team.teamPrivateKey,
-                    dataId: teamUid + '_priv',
-                    keyId: teamUid,
-                    encryptionType: 'cbc',
-                    unwrappedType: 'rsa',
-                }
-                break
-            // RSA TAGGED - this essentially changes the unwrapped type to ecc. make sure this is fine
-            case Records.RecordKeyType.ENCRYPTED_BY_PUBLIC_KEY_ECC:
-                teamPrivateKeys[teamUid + '_priv'] = {
-                    data: team.teamPrivateKey,
-                    dataId: teamUid + '_priv',
-                    keyId: 'pk_ecc',
-                    encryptionType: 'ecc',
-                    unwrappedType: 'aes',
-                }
-                break
-            default:
-                console.error(`Key ${team.teamKeyType} type for team folder private key ${teamUid} is not supported for team folder decryption`)
-                break
+        teamPrivateKeys[teamUid + '_priv'] = {
+            data: team.teamPrivateKey,
+            dataId: teamUid + '_priv',
+            keyId: teamUid,
+            encryptionType: 'cbc',
+            unwrappedType: 'rsa',
         }
 
+        // switch (team.teamKeyType) {
+        //     case Records.RecordKeyType.ENCRYPTED_BY_DATA_KEY:
+        //         teamPrivateKeys[teamUid + '_priv'] = {
+        //             data: team.teamPrivateKey,
+        //             dataId: teamUid + '_priv',
+        //             keyId: teamUid,
+        //             encryptionType: 'cbc',
+        //             unwrappedType: 'rsa',
+        //         }
+        //         break
+        //     // RSA TAGGED - this essentially changes the unwrapped type to ecc. make sure this is fine
+        //     case Records.RecordKeyType.ENCRYPTED_BY_PUBLIC_KEY_ECC:
+        //         teamPrivateKeys[teamUid + '_priv'] = {
+        //             data: team.teamPrivateKey,
+        //             dataId: teamUid + '_priv',
+        //             keyId: 'pk_ecc',
+        //             encryptionType: 'ecc',
+        //             unwrappedType: 'aes',
+        //         }
+        //         break
+        //     default:
+        //         console.error(`Key ${team.teamKeyType} type for team folder private key ${teamUid} is not supported for team folder decryption`)
+        //         break
+        // }
+
         // RSA TAGGED - fix is the switch case above. need to confirm the encryptionType and unwrappedType are correct
         // teamPrivateKeys[teamUid + '_priv'] = {
         //     data: team.teamPrivateKey,
@@ -354,15 +362,15 @@ export const processTeams = async (teams: NN<ITeam>[], storage: VaultStorage, de
                         unwrappedType: 'aes',
                     }
                     break
-                case Records.RecordKeyType.ENCRYPTED_BY_PUBLIC_KEY_ECC:
-                    teamSharedFolderKeys[folderUid] = {
-                        data: folderKey.sharedFolderKey,
-                        dataId: folderUid,
-                        keyId: 'pk_ecc',
-                        encryptionType: 'ecc',
-                        unwrappedType: 'aes',
-                    }
-                    break
+                // case Records.RecordKeyType.ENCRYPTED_BY_PUBLIC_KEY_ECC:
+                //     teamSharedFolderKeys[folderUid] = {
+                //         data: folderKey.sharedFolderKey,
+                //         dataId: folderUid,
+                //         keyId: 'pk_ecc',
+                //         encryptionType: 'ecc',
+                //         unwrappedType: 'aes',
+                //     }
+                //     break
                 default:
                     console.error(`Key ${folderKey.keyType} type for team folder key ${teamUid}/${folderUid} is not supported for team folder decryption`)
                     break