search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Cleanup - unused files / unused exports / duplicate exports
[ProtonMail-WebClient.git] / packages / shared / lib / keys / password.ts
blob8ea11f1339896db9afa0fd249809fdcb9d4093c3
1 import { updatePrivateKeyRoute } from '@proton/shared/lib/api/keys';
2 import type { Api, DecryptedKey, User } from '@proton/shared/lib/interfaces';
3 import { getUpdateKeysPayload } from '@proton/shared/lib/keys/changePassword';
4 import type { DeviceSecretData } from '@proton/shared/lib/keys/device';
5 import { encryptAuthDeviceSecret } from '@proton/shared/lib/keys/device';
6 import { generateKeySaltAndPassphrase } from '@proton/shared/lib/keys/keys';
7 import { srpVerify } from '@proton/shared/lib/srp';
8
9 export const changeSSOUserKeysPasswordHelper = async ({
10     newBackupPassword,
11     deviceSecretData,
12     api,
13     userKeys,
14 }: {
15     api: Api;
16     user: User;
17     userKeys: DecryptedKey[];
18     deviceSecretData: DeviceSecretData;
19     newBackupPassword: string;
20 }) => {
21     const { passphrase: keyPassword, salt: keySalt } = await generateKeySaltAndPassphrase(newBackupPassword);
22
23     const updateKeysPayload = await getUpdateKeysPayload({
24         addressesKeys: [], // Assuming always migrated keys
25         userKeys,
26         organizationKey: undefined,
27         keyPassword,
28         keySalt,
29         forceMigratedAddressKeys: true,
30     });
31
32     const encryptedSecret = await encryptAuthDeviceSecret({
33         keyPassword,
34         deviceSecretData,
35     });
36
37     await srpVerify({
38         api,
39         credentials: {
40             password: newBackupPassword,
41         },
42         config: updatePrivateKeyRoute({ ...updateKeysPayload, EncryptedSecret: encryptedSecret }),
43     });
44
45     return { keyPassword, encryptedSecret };
46 };
Official AngularJS web client for the ProtonMail secure email service.