enable/disable e2e encryption
This commit is contained in:
@@ -1,6 +1,8 @@
|
||||
import { doc, getDoc } from 'firebase/firestore'
|
||||
import { doc, getDoc, setDoc } from 'firebase/firestore'
|
||||
import { user, db } from '@/composables/useFirebase'
|
||||
import { decrypt, encrypt, calculateClientKey } from '@/utils/crypto'
|
||||
import { decrypt, encrypt, calculateClientKey, generateEncryptionKey } from '@/utils/crypto'
|
||||
import { preferredNotesSource } from '@/composables/useSettings'
|
||||
import { activeNotesSource, syncNotesToFirebase, baseNotes } from '@/composables/useNotes'
|
||||
|
||||
function getClientKeysFromLocalStorage(): { [uid: string]: string } {
|
||||
try {
|
||||
@@ -42,20 +44,38 @@ export const verifyClientKey = (clientKey: ClientKey) => {
|
||||
}
|
||||
}
|
||||
|
||||
const encryptedEncryptionKey = ref<EncryptedEncryptionKey>()
|
||||
const removeClientKey = () => {
|
||||
if (!user.value) return
|
||||
const clientKeys = structuredClone(getClientKeysFromLocalStorage())
|
||||
delete clientKeys[user.value?.uid]
|
||||
localStorage.setItem('clientKeys', JSON.stringify(clientKeys))
|
||||
}
|
||||
|
||||
const encryptedEncryptionKey = ref<EncryptedEncryptionKey | null>()
|
||||
|
||||
async function getEncryptedEncryptionKey(): Promise<EncryptedEncryptionKey | void> {
|
||||
if (!user.value || !db.value) return
|
||||
const data = (await getDoc(doc(db.value, 'encryptionKeys', user.value?.uid || ''))).data()
|
||||
const data = (await getDoc(doc(db.value, 'encryptionKeys', user.value.uid))).data()
|
||||
return data?.key
|
||||
}
|
||||
|
||||
async function setEncryptedEncryptionKey(
|
||||
encryptedEncryptionKey: EncryptedEncryptionKey | null
|
||||
): Promise<void> {
|
||||
if (!user.value || !db.value) return
|
||||
const docRef = doc(db.value, 'encryptionKeys', user.value.uid)
|
||||
await setDoc(docRef, { key: encryptedEncryptionKey })
|
||||
}
|
||||
|
||||
export const encryptionKey = ref<EncryptionKey | null>()
|
||||
|
||||
export async function getEncryptionKey() {
|
||||
encryptedEncryptionKey.value = (await getEncryptedEncryptionKey()) || undefined
|
||||
if (!encryptedEncryptionKey.value || !clientKey.value) return
|
||||
encryptionKey.value = decrypt(encryptedEncryptionKey.value, clientKey.value)
|
||||
if (!encryptedEncryptionKey.value || !clientKey.value) {
|
||||
encryptionKey.value = null
|
||||
} else {
|
||||
encryptionKey.value = decrypt(encryptedEncryptionKey.value, clientKey.value)
|
||||
}
|
||||
}
|
||||
|
||||
export const passphraseRequired = computed(() => {
|
||||
@@ -63,10 +83,15 @@ export const passphraseRequired = computed(() => {
|
||||
})
|
||||
|
||||
const decryptNote = (note: BaseNote, key: EncryptionKey) => {
|
||||
return {
|
||||
...note,
|
||||
title: decrypt(note.title, key),
|
||||
content: decrypt(note.content, key)
|
||||
try {
|
||||
return {
|
||||
...note,
|
||||
title: decrypt(note.title, key),
|
||||
content: decrypt(note.content, key)
|
||||
}
|
||||
} catch (error: any) {
|
||||
console.error(error)
|
||||
return note
|
||||
}
|
||||
}
|
||||
|
||||
@@ -91,3 +116,34 @@ export const encryptNotes = (notes: BaseNotes, encryptionKey: EncryptionKey) =>
|
||||
)
|
||||
return encryptedNotes
|
||||
}
|
||||
|
||||
export const verifyPassphrase = (passphrase: string) => {
|
||||
const calculatedClientKey = calculateClientKey(passphrase)
|
||||
return calculatedClientKey === clientKey.value
|
||||
}
|
||||
|
||||
export const disableEncryption = async (passphrase: string) => {
|
||||
if (!encryptionKey.value) return "Encryption key doesn't exist."
|
||||
if (!verifyPassphrase(passphrase)) return 'Passphrase is incorrect.'
|
||||
preferredNotesSource.value = 'firebase'
|
||||
if (activeNotesSource.value !== 'firebase') throw Error('Something went wrong.')
|
||||
await setEncryptedEncryptionKey(null)
|
||||
encryptedEncryptionKey.value = null
|
||||
encryptionKey.value = undefined
|
||||
removeClientKey()
|
||||
await syncNotesToFirebase(baseNotes.value)
|
||||
getEncryptionKey()
|
||||
}
|
||||
|
||||
export const enableEncryption = async (passphrase: string) => {
|
||||
preferredNotesSource.value = 'firebase'
|
||||
if (activeNotesSource.value !== 'firebase') throw Error('Something went wrong.')
|
||||
const candidateEncryptionKey = generateEncryptionKey()
|
||||
const candidateClientKey = calculateClientKey(passphrase)
|
||||
const candidateEncryptedEncryptionKey = encrypt(candidateEncryptionKey, candidateClientKey)
|
||||
await setEncryptedEncryptionKey(candidateEncryptedEncryptionKey)
|
||||
encryptedEncryptionKey.value = candidateEncryptedEncryptionKey
|
||||
encryptionKey.value = candidateEncryptionKey
|
||||
setClientKey(passphrase)
|
||||
syncNotesToFirebase(baseNotes.value)
|
||||
}
|
||||
|
||||
@@ -39,36 +39,42 @@ watchEffect(() => {
|
||||
activeNotesSource.value = getSource()
|
||||
})
|
||||
|
||||
const baseNotes = ref<BaseNotes>({})
|
||||
export const baseNotes = ref<BaseNotes>({})
|
||||
|
||||
const syncNotesLocal = (notes: BaseNotes) => {
|
||||
localStorage.setItem('notes', JSON.stringify(notes))
|
||||
}
|
||||
|
||||
export const syncNotesToFirebase = async (newNotes: BaseNotes, oldNotes?: BaseNotes) => {
|
||||
if (!db.value) throw Error("Database undefined, can't sync to Firebase")
|
||||
if (!user.value) throw Error("User undefined, can't sync to Firebase")
|
||||
const notes = encryptionKey.value
|
||||
? encryptNotes(baseNotes.value, encryptionKey.value)
|
||||
: baseNotes.value
|
||||
try {
|
||||
const docRef = doc(db.value, 'pages', user.value.uid)
|
||||
if (oldNotes) {
|
||||
const notesToDelete = Object.keys(oldNotes).filter((x) => !Object.keys(newNotes).includes(x))
|
||||
await Promise.all(
|
||||
notesToDelete.map((noteId: string) => {
|
||||
return updateDoc(docRef, { [noteId]: deleteField() })
|
||||
})
|
||||
)
|
||||
}
|
||||
await updateDoc(docRef, notes)
|
||||
} catch (error: any) {
|
||||
console.error(error)
|
||||
}
|
||||
}
|
||||
|
||||
watch(
|
||||
baseNotes,
|
||||
async (newBaseNotes, oldBaseNotes) => {
|
||||
if (!activeNotesSource.value || Object.keys(baseNotes.value).length === 0) return
|
||||
console.log()
|
||||
|
||||
if (activeNotesSource.value === 'local') {
|
||||
localStorage.setItem('notes', JSON.stringify(baseNotes.value))
|
||||
syncNotesLocal(baseNotes.value)
|
||||
} else if (activeNotesSource.value === 'firebase') {
|
||||
if (!db.value) throw Error("Database undefined, can't sync to Firebase")
|
||||
if (!user.value) throw Error("User undefined, can't sync to Firebase")
|
||||
const notes = encryptionKey.value
|
||||
? encryptNotes(baseNotes.value, encryptionKey.value)
|
||||
: baseNotes.value
|
||||
|
||||
const notesToDelete = Object.keys(oldBaseNotes).filter(
|
||||
(x) => !Object.keys(newBaseNotes).includes(x)
|
||||
)
|
||||
try {
|
||||
const docRef = doc(db.value, 'pages', user.value.uid)
|
||||
await Promise.all(
|
||||
notesToDelete.map((noteId: string) => {
|
||||
return updateDoc(docRef, { [noteId]: deleteField() })
|
||||
})
|
||||
)
|
||||
await updateDoc(docRef, notes)
|
||||
} catch (error: any) {
|
||||
console.error(error)
|
||||
}
|
||||
syncNotesToFirebase(newBaseNotes, oldBaseNotes)
|
||||
}
|
||||
},
|
||||
{ deep: true }
|
||||
|
||||
Reference in New Issue
Block a user