nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-05-22 20:11:04 -05:00
Code
bitwarden/src/Api/Auth/Controllers/OpaqueKeyExchangeController.cs
Bernd Schoolmann 377dad6852
Add basic opaque usage
2025-03-12 13:40:04 +01:00

64 lines
2.5 KiB
C#
Raw Blame History

using Bit.Api.Auth.Models.Request.Opaque;
using Bit.Api.Auth.Models.Response.Opaque;
using Bit.Core.Services;
using Bitwarden.OPAQUE;
using Microsoft.AspNetCore.Mvc;
namespace Bit.Api.Auth.Controllers;
[Route("opaque")]
public class OpaqueKeyExchangeController : Controller
{
private readonly IUserService _userService;
private readonly BitwardenOpaque _bitwardenOpaque;
private CipherConfiguration _cipherConfiguration = new CipherConfiguration();
public OpaqueKeyExchangeController(
IUserService userService
)
{
_userService = userService;
_bitwardenOpaque = new BitwardenOpaque();
_cipherConfiguration.KeGroup = KeGroup.Ristretto255;
_cipherConfiguration.OprfCS = OprfCS.Ristretto255;
_cipherConfiguration.KeyExchange = KeyExchange.TripleDH;
_cipherConfiguration.KSF = new Argon2id(3, 256 * 1024, 4);
}
[HttpGet("~/opaque/start-registration")]
public async Task<RegisterStartResponse> StartRegistration(RegisterStartRequest request)
{
var user = await _userService.GetUserByPrincipalAsync(User);
var registrationRequest = _bitwardenOpaque.StartServerRegistration(_cipherConfiguration, System.Convert.FromBase64String(request.ClientRegistrationStartResult), user.Id.ToString());
var message = registrationRequest.Item1;
var serverSetup = registrationRequest.Item2;
// persist server setup
var sessionId = Guid.NewGuid();
SessionStore.RegisterSessions.Add(sessionId, new RegisterSession() { SessionId = sessionId, ServerSetup = serverSetup, cipherConfiguration = _cipherConfiguration });
return new RegisterStartResponse(sessionId, System.Convert.ToBase64String(message));
}
[HttpGet("~/opaque/finish-registration")]
public async Task<String> FinishRegistration(RegisterFinishRequest request)
{
var registrationFinish = _bitwardenOpaque.FinishServerRegistration(_cipherConfiguration, System.Convert.FromBase64String(request.ClientRegisterFinishResult));
Console.WriteLine("Registration Finish: " + registrationFinish);
return "Registration Finish";
}
}
public class RegisterSession
{
public Guid SessionId { get; set; }
public byte[] ServerSetup { get; set; }
public CipherConfiguration cipherConfiguration { get; set; }
}
public class SessionStore()
{
public static Dictionary<Guid, RegisterSession> RegisterSessions = new Dictionary<Guid, RegisterSession>();
public static Dictionary<Guid, byte[]> LoginSessions = new Dictionary<Guid, byte[]>();
}
View Git Blame Copy Permalink