712d564e9d
* feat(sync): encrypt opds_catalog credentials end-to-end (TS path) Wires encrypted-credential sync for opds_catalog via the CryptoSession shipped in PR 4a (#4084) plus a new publish/pull crypto middleware. TS-only — native still uses ephemeral storage (re-enter passphrase per launch); PR 4d wires the OS keychain. - ReplicaAdapter gains optional `encryptedFields: readonly string[]`. Adapters stay sync; the middleware handles the crypto round trip. - replicaCryptoMiddleware.ts: encryptPackedFields drops the named fields from the push when the session is locked (no plaintext leak); decryptRowFields drops them on pull failure (local plaintext preserved by the store merge). - replicaPublish / replicaPullAndApply invoke the middleware. - OPDS adapter declares encryptedFields = [username, password] and now pack/unpack them as plaintext. - passphraseGate.ts: ensurePassphraseUnlocked coalesces concurrent calls, prompts via the registered prompter with kind=setup|unlock, throws NO_PASSPHRASE on cancel. - PassphrasePromptModal mounted at the Providers root; registers itself as the gate prompter. - CryptoSession.forget() wipes server-side envelopes + salts. - Migration 010 + replica_keys_forget RPC; DELETE /api/sync/replica-keys + client wrapper. - SyncPassphraseSection on the user page: status / Set / Unlock / Lock / Forgot. - CatalogManager pre-save: ensurePassphraseUnlocked when credentials are present; user cancel saves locally without sync. Plan updated: PR 4 split documented as 4a/4b/4c/4d. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> * feat(sync): persist sync passphrase via OS keychain (Tauri) Replaces the EphemeralPassphraseStore stub on native with real OS-keychain storage so users don't re-enter their sync passphrase every launch. Web stays on the in-memory ephemeral store by design. Native bridge plugin gains 4 commands wired across all platforms: - Rust desktop (`keyring` crate): macOS Keychain on apple-native, Windows Credential Manager on windows-native, Linux libsecret/ Secret Service on sync-secret-service. Per-target features so each platform compiles only the backend it needs. - iOS Swift: Security framework Keychain (kSecClassGenericPassword, SecItemAdd / Copy / Delete). - Android Kotlin: androidx.security EncryptedSharedPreferences (AndroidKeystore-derived AES-GCM master key, AES256_SIV / AES256_GCM key/value encryption). TS layer: - TauriPassphraseStore wraps the bridge calls. set is fail-loud (surfaces keychain rejection); get is fail-soft (returns null on any error so the gate prompts). - createPassphraseStore returns ephemeral synchronously; upgradeToKeychainIfAvailable swaps the singleton to TauriPassphraseStore on Tauri after probing the bridge. CryptoSession resolves the store via createPassphraseStore() each touch so the swap is transparent. - CryptoSession.tryRestoreFromStore: silent unlock at boot. Stale- entry recovery clears the store when the account has no salt server-side. unlock/setup persist; forget also clears the store. - Providers boot effect: upgrade keychain → silent restore. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> * fix(sync): make encrypted-credential pull actually decrypt + UX polish PR 4c shipped the encrypt path but the pull side silently dropped ciphers when locked, the modal was busy with double-rings, and web re-prompted on every page refresh. This rolls up the post-test fixes + UX polish: Pull-side decrypt: - decryptRowFields takes an `onLocked` callback the orchestrator wires to the passphrase gate; encountering a cipher field with a locked session now triggers the lazy-prompt path instead of dropping the field. - replicaPullAndApply re-applies the unpacked row for metadata-only kinds even when a local copy exists, so the now-decrypted creds reach the store (the binary-kind skip-if-local optimization doesn't apply). - Cipher fingerprint comparison: capture the row's `cipher.c` for each encrypted field, compare against the local record's lastSeenCipher. Same → skip prompt + decrypt entirely. Different (rotation / value change on another device) → prompt to re-decrypt. Fingerprint persists via OPDSCatalog.lastSeenCipher. Web persistence: - SessionStoragePassphraseStore: passphrase survives page refresh within the same tab, dies on tab close. Replaces EphemeralPassphraseStore as the default on web. Avoids localStorage / IndexedDB to keep the tab-scoped trust boundary. UI: - Renamed PassphrasePromptModal → PassphrasePrompt; modernized: filled input style with single subtle focus border, btn-primary + btn-ghost replaced with leaner custom buttons. eink-bordered + btn-primary classes give the dialog correct e-paper rendering. - globals.css: suppress redundant outline/box-shadow on focused text inputs / textareas (the element's own border is the focus indicator). - AGENTS.md: documents the e-ink convention (`eink-bordered`, `btn-primary` for inverted CTAs, etc.) so future widgets ship with e-paper support. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
122 lines
3.7 KiB
TypeScript
122 lines
3.7 KiB
TypeScript
import { afterEach, beforeEach, describe, expect, test, vi } from 'vitest';
|
|
import { CryptoSession } from '@/libs/crypto/session';
|
|
import {
|
|
ensurePassphraseUnlocked,
|
|
setPassphrasePrompter,
|
|
__resetPassphraseGateForTests,
|
|
} from '@/services/sync/passphraseGate';
|
|
import { isSyncError } from '@/libs/errors';
|
|
import type { ReplicaKeyRow } from '@/libs/replicaSyncClient';
|
|
|
|
const ITER = 1000;
|
|
const PBKDF2_ALG = 'pbkdf2-600k-sha256';
|
|
|
|
const bytesToBase64 = (bytes: Uint8Array): string => {
|
|
let s = '';
|
|
for (let i = 0; i < bytes.length; i++) s += String.fromCharCode(bytes[i]!);
|
|
return btoa(s);
|
|
};
|
|
|
|
const makeSaltRow = (saltId: string, createdAt: string): ReplicaKeyRow => {
|
|
const bytes = new Uint8Array(32);
|
|
for (let i = 0; i < 32; i++) bytes[i] = (i + saltId.length) & 0xff;
|
|
return { saltId, alg: PBKDF2_ALG, salt: bytesToBase64(bytes), createdAt };
|
|
};
|
|
|
|
class FakeClient {
|
|
rows: ReplicaKeyRow[] = [];
|
|
async listReplicaKeys(): Promise<ReplicaKeyRow[]> {
|
|
return [...this.rows];
|
|
}
|
|
async createReplicaKey(): Promise<ReplicaKeyRow> {
|
|
const row = makeSaltRow(`salt-${this.rows.length + 1}`, new Date().toISOString());
|
|
this.rows.push(row);
|
|
return row;
|
|
}
|
|
async forgetReplicaKeys(): Promise<void> {
|
|
this.rows = [];
|
|
}
|
|
}
|
|
|
|
describe('ensurePassphraseUnlocked', () => {
|
|
let client: FakeClient;
|
|
let session: CryptoSession;
|
|
|
|
beforeEach(() => {
|
|
client = new FakeClient();
|
|
session = new CryptoSession({ client, iterations: ITER });
|
|
});
|
|
|
|
afterEach(() => {
|
|
__resetPassphraseGateForTests();
|
|
});
|
|
|
|
test('no-op when session is already unlocked', async () => {
|
|
await session.setup('pw');
|
|
const prompter = vi.fn();
|
|
setPassphrasePrompter(prompter);
|
|
await ensurePassphraseUnlocked({ session, client });
|
|
expect(prompter).not.toHaveBeenCalled();
|
|
});
|
|
|
|
test('throws NO_PASSPHRASE when no prompter is registered', async () => {
|
|
let caught: unknown = null;
|
|
try {
|
|
await ensurePassphraseUnlocked({ session, client });
|
|
} catch (e) {
|
|
caught = e;
|
|
}
|
|
expect(isSyncError(caught) && caught.code).toBe('NO_PASSPHRASE');
|
|
});
|
|
|
|
test('prompts with kind=setup when account has no salt', async () => {
|
|
setPassphrasePrompter(async ({ kind }) => {
|
|
expect(kind).toBe('setup');
|
|
return 'pw';
|
|
});
|
|
await ensurePassphraseUnlocked({ session, client });
|
|
expect(session.isUnlocked()).toBe(true);
|
|
expect(client.rows).toHaveLength(1);
|
|
});
|
|
|
|
test('prompts with kind=unlock when account has a salt', async () => {
|
|
// Pre-seed via a different session so this one starts locked.
|
|
const seeder = new CryptoSession({ client, iterations: ITER });
|
|
await seeder.setup('pw');
|
|
|
|
setPassphrasePrompter(async ({ kind }) => {
|
|
expect(kind).toBe('unlock');
|
|
return 'pw';
|
|
});
|
|
await ensurePassphraseUnlocked({ session, client });
|
|
expect(session.isUnlocked()).toBe(true);
|
|
});
|
|
|
|
test('rejects with NO_PASSPHRASE when user cancels (returns null)', async () => {
|
|
setPassphrasePrompter(async () => null);
|
|
let caught: unknown = null;
|
|
try {
|
|
await ensurePassphraseUnlocked({ session, client });
|
|
} catch (e) {
|
|
caught = e;
|
|
}
|
|
expect(isSyncError(caught) && caught.code).toBe('NO_PASSPHRASE');
|
|
expect(session.isUnlocked()).toBe(false);
|
|
});
|
|
|
|
test('coalesces concurrent calls into a single prompt', async () => {
|
|
let calls = 0;
|
|
setPassphrasePrompter(async () => {
|
|
calls += 1;
|
|
return 'pw';
|
|
});
|
|
await Promise.all([
|
|
ensurePassphraseUnlocked({ session, client }),
|
|
ensurePassphraseUnlocked({ session, client }),
|
|
ensurePassphraseUnlocked({ session, client }),
|
|
]);
|
|
expect(calls).toBe(1);
|
|
expect(session.isUnlocked()).toBe(true);
|
|
});
|
|
});
|