func (e *Kex2Provisionee) pushLKSServerHalf() error {
// make new lks
ppstream := libkb.NewPassphraseStream(e.pps.PassphraseStream)
ppstream.SetGeneration(libkb.PassphraseGeneration(e.pps.Generation))
e.lks = libkb.NewLKSec(ppstream, e.uid, e.G())
e.lks.GenerateServerHalf()
// make client half recovery
chrKID := e.dh.GetKID()
chrText, err := e.lks.EncryptClientHalfRecovery(e.dh)
if err != nil {
return err
}
err = libkb.PostDeviceLKS(e, e.device.ID, e.device.Type, e.lks.GetServerHalf(), e.lks.Generation(), chrText, chrKID)
if err != nil {
return err
}
// Sync the LKS stuff back from the server, so that subsequent
// attempts to use public key login will work.
/*
err = e.G().LoginState().RunSecretSyncer(e.uid)
if err != nil {
return err
}
*/
return nil
}
func (e *Kex2Provisionee) pushLKSServerHalf() error {
// make new lks
ppstream := libkb.NewPassphraseStream(e.pps.PassphraseStream)
ppstream.SetGeneration(libkb.PassphraseGeneration(e.pps.Generation))
e.lks = libkb.NewLKSec(ppstream, e.uid, e.G())
e.lks.GenerateServerHalf()
// make client half recovery
chrKID := e.dh.GetKID()
chrText, err := e.lks.EncryptClientHalfRecovery(e.dh)
if err != nil {
return err
}
err = libkb.PostDeviceLKS(e, e.device.ID, e.device.Type, e.lks.GetServerHalf(), e.lks.Generation(), chrText, chrKID)
if err != nil {
return err
}
// Sync the LKS stuff back from the server, so that subsequent
// attempts to use public key login will work.
err = e.ctx.LoginContext.RunSecretSyncer(e.uid)
if err != nil {
return err
}
// Cache the passphrase stream. Note that we don't have the triplesec
// portion of the stream cache, and that the only bytes in ppstream
// are the lksec portion (no pwhash, eddsa, dh). Currently passes
// all tests with this situation and code that uses those portions
// looks to be ok.
e.ctx.LoginContext.CreateStreamCache(nil, ppstream)
return nil
}
func (e *DeviceKeygen) pushLKS(ctx *Context) {
if e.pushErr != nil {
return
}
if e.args.Lks == nil {
e.pushErr = fmt.Errorf("no local key security set")
return
}
serverHalf := e.args.Lks.GetServerHalf()
if len(serverHalf) == 0 {
e.pushErr = fmt.Errorf("LKS server half is empty, and should not be")
return
}
var chr string
var chrk keybase1.KID
if chr, chrk, e.pushErr = e.generateClientHalfRecovery(); e.pushErr != nil {
return
}
// send it to api server
var sr libkb.SessionReader
if ctx.LoginContext != nil {
sr = ctx.LoginContext.LocalSession()
}
e.pushErr = libkb.PostDeviceLKS(sr, e.args.DeviceID, e.args.DeviceType, serverHalf, e.args.Lks.Generation(), chr, chrk)
if e.pushErr != nil {
return
}
// Sync the LKS stuff back from the server, so that subsequent
// attempts to use public key login will work.
if ctx.LoginContext != nil {
e.pushErr = ctx.LoginContext.RunSecretSyncer(e.args.Me.GetUID())
} else {
e.pushErr = e.G().LoginState().RunSecretSyncer(e.args.Me.GetUID())
}
}
func (e *PaperKeyGen) push(ctx *Context) error {
if e.arg.SkipPush {
return nil
}
// Create a new paper key device. Need the passphrase prefix
// for the paper device name. This is the first two words in
// the passphrase. There is sufficient entropy to cover this...
backupDev, err := libkb.NewPaperDevice(e.arg.Passphrase.Prefix())
if err != nil {
return err
}
// create lks halves for this device. Note that they aren't used for
// local, encrypted storage of the paper keys, but just for recovery
// purposes.
foundStream := false
var ppgen libkb.PassphraseGeneration
var clientHalf []byte
if ctx.LoginContext != nil {
stream := ctx.LoginContext.PassphraseStreamCache().PassphraseStream()
if stream != nil {
foundStream = true
ppgen = stream.Generation()
clientHalf = stream.LksClientHalf()
}
} else {
e.G().LoginState().Account(func(a *libkb.Account) {
stream := a.PassphraseStream()
if stream == nil {
return
}
foundStream = true
ppgen = stream.Generation()
clientHalf = stream.LksClientHalf()
}, "BackupKeygen - push")
}
// stream was nil, so we must have loaded lks from the secret
// store.
if !foundStream {
clientHalf, ppgen, err = e.getClientHalfFromSecretStore()
if err != nil {
return err
}
}
backupLks := libkb.NewLKSecWithClientHalf(clientHalf, ppgen, e.arg.Me.GetUID(), e.G())
// Set the server half to be empty, as we don't need it.
backupLks.SetServerHalf(make([]byte, len(clientHalf)))
ctext, err := backupLks.EncryptClientHalfRecovery(e.encKey)
if err != nil {
return err
}
// post them to the server.
var sr libkb.SessionReader
if ctx.LoginContext != nil {
sr = ctx.LoginContext.LocalSession()
}
if err := libkb.PostDeviceLKS(sr, backupDev.ID, libkb.DeviceTypePaper, backupLks.GetServerHalf(), backupLks.Generation(), ctext, e.encKey.GetKID()); err != nil {
return err
}
// push the paper signing key
sigDel := libkb.Delegator{
NewKey: e.sigKey,
DelegationType: libkb.SibkeyType,
Expire: libkb.NaclEdDSAExpireIn,
ExistingKey: e.arg.SigningKey,
Me: e.arg.Me,
Device: backupDev,
Contextified: libkb.NewContextified(e.G()),
}
// push the paper encryption key
sigEnc := libkb.Delegator{
NewKey: e.encKey,
DelegationType: libkb.SubkeyType,
Expire: libkb.NaclDHExpireIn,
ExistingKey: e.sigKey,
Me: e.arg.Me,
Device: backupDev,
Contextified: libkb.NewContextified(e.G()),
}
return libkb.DelegatorAggregator(ctx.LoginContext, []libkb.Delegator{sigDel, sigEnc})
}