mirror of https://github.com/logseq/logseq
feat(encryption): skip mnemonic generation and save keys directly to metadata.edn
parent
3a08f8bf72
commit
b9c716dff7
|
@ -56,9 +56,8 @@
|
|||
"cljs:build-electron": "clojure -A:cljs compile app electron"
|
||||
},
|
||||
"dependencies": {
|
||||
"chokidar": "^3.5.1",
|
||||
"@kanru/rage-wasm": "^0.1.4",
|
||||
"bip39": "^3.0.3",
|
||||
"chokidar": "^3.5.1",
|
||||
"codemirror": "^5.58.1",
|
||||
"diff": "5.0.0",
|
||||
"diff-match-patch": "^1.0.5",
|
||||
|
@ -79,4 +78,4 @@
|
|||
"url": "^0.11.0",
|
||||
"yargs-parser": "^20.2.4"
|
||||
}
|
||||
}
|
||||
}
|
|
@ -12,7 +12,7 @@
|
|||
(rum/local false ::reveal-secret-phrase?)
|
||||
[state repo-url close-fn]
|
||||
(let [reveal-secret-phrase? (get state ::reveal-secret-phrase?)
|
||||
secret-phrase (e/get-mnemonic repo-url)
|
||||
secret-phrase (e/get-key-pair repo-url)
|
||||
public-key (e/get-public-key repo-url)
|
||||
private-key (e/get-secret-key repo-url)]
|
||||
(rum/with-context [[t] i18n/*tongue-context*]
|
||||
|
@ -28,15 +28,13 @@
|
|||
{:on-click (fn []
|
||||
(when (not @reveal-secret-phrase?)
|
||||
(reset! reveal-secret-phrase? true)))}
|
||||
[:div.font-medium.text-gray-900 "Public Key:"]
|
||||
[:div public-key]
|
||||
(if @reveal-secret-phrase?
|
||||
[:div
|
||||
[:div.font-medium.text-gray-900 "Secret Phrase:"]
|
||||
[:div secret-phrase]
|
||||
[:div.font-medium.text-gray-900 "Public Key:"]
|
||||
[:div public-key]
|
||||
[:div.font-medium.text-gray-900 "Private Key:"]
|
||||
[:div.mt-1.font-medium.text-gray-900 "Private Key:"]
|
||||
[:div private-key]]
|
||||
"click to view the secret phrase")]]]
|
||||
[:div.text-gray-500 "click to view the private key"])]]]
|
||||
|
||||
[:div.mt-5.sm:mt-4.sm:flex.sm:flex-row-reverse
|
||||
[:span.mt-3.flex.w-full.rounded-md.shadow-sm.sm:mt-0.sm:w-auto
|
||||
|
@ -74,8 +72,8 @@
|
|||
:on-click (fn []
|
||||
(let [value @password]
|
||||
(when-not (string/blank? value)
|
||||
(when-let [mnemonic (e/generate-mnemonic-and-save! repo-url)]
|
||||
(let [db-encrypted-secret (e/encrypt-with-passphrase value mnemonic)]
|
||||
(when-let [keys (e/generate-key-pair-and-save! repo-url)]
|
||||
(let [db-encrypted-secret (e/encrypt-with-passphrase value keys)]
|
||||
(metadata-handler/set-db-encrypted-secret! db-encrypted-secret)))
|
||||
(close-fn true))))}
|
||||
"Submit"]]]])))
|
||||
|
@ -124,9 +122,7 @@
|
|||
[:div.sm:flex.sm:items-start
|
||||
[:div.mt-3.text-center.sm:mt-0.sm:text-left
|
||||
[:h3#modal-headline.text-lg.leading-6.font-medium.text-gray-900
|
||||
(if db-encrypted-secret
|
||||
"Enter your password"
|
||||
"Enter your secret phrase")]]]
|
||||
"Enter your password"]]]
|
||||
|
||||
[:input.form-input.block.w-full.sm:text-sm.sm:leading-5.my-2
|
||||
{:auto-focus true
|
||||
|
@ -142,9 +138,7 @@
|
|||
(let [value @secret]
|
||||
(when-not (string/blank? value) ; TODO: length or other checks
|
||||
(let [repo (state/get-current-repo)]
|
||||
(if db-encrypted-secret
|
||||
(e/save-mnemonic! repo (e/decrypt-with-passphrase value db-encrypted-secret))
|
||||
(e/save-mnemonic! repo value))
|
||||
(e/save-key-pair! repo (e/decrypt-with-passphrase value db-encrypted-secret))
|
||||
(close-fn true)))))}
|
||||
"Submit"]]]])))
|
||||
|
||||
|
|
|
@ -16,8 +16,7 @@
|
|||
:db/type {}
|
||||
:db/ident {:db/unique :db.unique/identity}
|
||||
:db/encrypted? {}
|
||||
:db/secret-phrase {}
|
||||
|
||||
:db/encryption-keys {}
|
||||
;; user
|
||||
:me/name {}
|
||||
:me/email {}
|
||||
|
|
|
@ -4,8 +4,7 @@
|
|||
[frontend.db :as db]
|
||||
[frontend.state :as state]
|
||||
[clojure.string :as str]
|
||||
["bip39" :as bip39]
|
||||
["buffer" :as buffer]
|
||||
[cljs.reader :as reader]
|
||||
["@kanru/rage-wasm" :as rage]
|
||||
[lambdaisland.glogi :as log]))
|
||||
|
||||
|
@ -21,40 +20,34 @@
|
|||
[repo-url]
|
||||
(db-utils/get-key-value repo-url :db/encrypted?))
|
||||
|
||||
(defn get-mnemonic
|
||||
(defn get-key-pair
|
||||
[repo-url]
|
||||
(db-utils/get-key-value repo-url :db/secret-phrase))
|
||||
(db-utils/get-key-value repo-url :db/encryption-keys))
|
||||
|
||||
(defn save-mnemonic!
|
||||
[repo-url mnemonic]
|
||||
(db/set-key-value repo-url :db/secret-phrase (str/trim mnemonic))
|
||||
(db/set-key-value repo-url :db/encrypted? true))
|
||||
(defn save-key-pair!
|
||||
[repo-url keys]
|
||||
(let [keys (if (string? keys) (reader/read-string keys) keys)]
|
||||
(db/set-key-value repo-url :db/encryption-keys keys)
|
||||
(db/set-key-value repo-url :db/encrypted? true)))
|
||||
|
||||
(defn- generate-mnemonic
|
||||
(defn- generate-key-pair
|
||||
[]
|
||||
(bip39/generateMnemonic 256))
|
||||
(rage/keygen))
|
||||
|
||||
(defn generate-mnemonic-and-save!
|
||||
(defn generate-key-pair-and-save!
|
||||
[repo-url]
|
||||
(when-not (get-mnemonic repo-url)
|
||||
(let [mnemonic (generate-mnemonic)]
|
||||
(save-mnemonic! repo-url mnemonic)
|
||||
mnemonic)))
|
||||
|
||||
(defn- derive-key-from-mnemonic
|
||||
[mnemonic]
|
||||
(let [entropy (-> (bip39/mnemonicToEntropy mnemonic)
|
||||
(buffer/Buffer.from "hex"))
|
||||
keys (rage/keygen_from_random_bytes entropy)]
|
||||
keys))
|
||||
(when-not (get-key-pair repo-url)
|
||||
(let [keys (generate-key-pair)]
|
||||
(save-key-pair! repo-url keys)
|
||||
(pr-str keys))))
|
||||
|
||||
(defn get-public-key
|
||||
[repo-url]
|
||||
(second (derive-key-from-mnemonic (get-mnemonic repo-url))))
|
||||
(second (get-key-pair repo-url)))
|
||||
|
||||
(defn get-secret-key
|
||||
[repo-url]
|
||||
(first (derive-key-from-mnemonic (get-mnemonic repo-url))))
|
||||
(first (get-key-pair repo-url)))
|
||||
|
||||
(defn encrypt
|
||||
([content]
|
||||
|
|
17
yarn.lock
17
yarn.lock
|
@ -335,11 +335,6 @@
|
|||
resolved "https://registry.yarnpkg.com/@types/node/-/node-14.14.25.tgz#15967a7b577ff81383f9b888aa6705d43fbbae93"
|
||||
integrity sha512-EPpXLOVqDvisVxtlbvzfyqSsFeQxltFbluZNRndIb8tr9KiBnYNLzrc1N3pyKUCww2RNrfHDViqDWWE1LCJQtQ==
|
||||
|
||||
"@types/node@11.11.6":
|
||||
version "11.11.6"
|
||||
resolved "https://registry.yarnpkg.com/@types/node/-/node-11.11.6.tgz#df929d1bb2eee5afdda598a41930fe50b43eaa6a"
|
||||
integrity sha512-Exw4yUWMBXM3X+8oqzJNRqZSwUAaS4+7NdvHqQuFi/d+synz++xmX3QIf+BFqneW8N31R8Ky+sikfZUXq07ggQ==
|
||||
|
||||
"@types/node@^12.0.12":
|
||||
version "12.19.16"
|
||||
resolved "https://registry.yarnpkg.com/@types/node/-/node-12.19.16.tgz#15753af35cbef636182d8d8ca55b37c8583cecb3"
|
||||
|
@ -774,16 +769,6 @@ bindings@^1.5.0:
|
|||
dependencies:
|
||||
file-uri-to-path "1.0.0"
|
||||
|
||||
bip39@^3.0.3:
|
||||
version "3.0.3"
|
||||
resolved "https://registry.yarnpkg.com/bip39/-/bip39-3.0.3.tgz#4a8b79067d6ed2e74f9199ac994a2ab61b176760"
|
||||
integrity sha512-P0dKrz4g0V0BjXfx7d9QNkJ/Txcz/k+hM9TnjqjUaXtuOfAvxXSw2rJw8DX0e3ZPwnK/IgDxoRqf0bvoVCqbMg==
|
||||
dependencies:
|
||||
"@types/node" "11.11.6"
|
||||
create-hash "^1.1.0"
|
||||
pbkdf2 "^3.0.9"
|
||||
randombytes "^2.0.1"
|
||||
|
||||
bn.js@^4.0.0, bn.js@^4.1.0, bn.js@^4.11.9:
|
||||
version "4.11.9"
|
||||
resolved "https://registry.yarnpkg.com/bn.js/-/bn.js-4.11.9.tgz#26d556829458f9d1e81fc48952493d0ba3507828"
|
||||
|
@ -4483,7 +4468,7 @@ path@^0.12.7:
|
|||
process "^0.11.1"
|
||||
util "^0.10.3"
|
||||
|
||||
pbkdf2@^3.0.3, pbkdf2@^3.0.9:
|
||||
pbkdf2@^3.0.3:
|
||||
version "3.1.1"
|
||||
resolved "https://registry.yarnpkg.com/pbkdf2/-/pbkdf2-3.1.1.tgz#cb8724b0fada984596856d1a6ebafd3584654b94"
|
||||
integrity sha512-4Ejy1OPxi9f2tt1rRV7Go7zmfDQ+ZectEQz3VGUQhgq62HtIRPDyG/JtnwIxs6x3uNMwo2V7q1fMvKjb+Tnpqg==
|
||||
|
|
Loading…
Reference in New Issue