feat(INDA-383): daily stats.
[ProtonMail-WebClient.git] / packages / shared / lib / keys / password.ts
blob8ea11f1339896db9afa0fd249809fdcb9d4093c3
1 import { updatePrivateKeyRoute } from '@proton/shared/lib/api/keys';
2 import type { Api, DecryptedKey, User } from '@proton/shared/lib/interfaces';
3 import { getUpdateKeysPayload } from '@proton/shared/lib/keys/changePassword';
4 import type { DeviceSecretData } from '@proton/shared/lib/keys/device';
5 import { encryptAuthDeviceSecret } from '@proton/shared/lib/keys/device';
6 import { generateKeySaltAndPassphrase } from '@proton/shared/lib/keys/keys';
7 import { srpVerify } from '@proton/shared/lib/srp';
9 export const changeSSOUserKeysPasswordHelper = async ({
10     newBackupPassword,
11     deviceSecretData,
12     api,
13     userKeys,
14 }: {
15     api: Api;
16     user: User;
17     userKeys: DecryptedKey[];
18     deviceSecretData: DeviceSecretData;
19     newBackupPassword: string;
20 }) => {
21     const { passphrase: keyPassword, salt: keySalt } = await generateKeySaltAndPassphrase(newBackupPassword);
23     const updateKeysPayload = await getUpdateKeysPayload({
24         addressesKeys: [], // Assuming always migrated keys
25         userKeys,
26         organizationKey: undefined,
27         keyPassword,
28         keySalt,
29         forceMigratedAddressKeys: true,
30     });
32     const encryptedSecret = await encryptAuthDeviceSecret({
33         keyPassword,
34         deviceSecretData,
35     });
37     await srpVerify({
38         api,
39         credentials: {
40             password: newBackupPassword,
41         },
42         config: updatePrivateKeyRoute({ ...updateKeysPayload, EncryptedSecret: encryptedSecret }),
43     });
45     return { keyPassword, encryptedSecret };