@aws-amplify/auth
Version:
Auth category of aws-amplify
1 lines • 8.52 kB
Source Map (JSON)
{"version":3,"file":"AuthenticationHelper.mjs","sources":["../../../../../../../src/providers/cognito/utils/srp/AuthenticationHelper/AuthenticationHelper.ts"],"sourcesContent":["// Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.\n// SPDX-License-Identifier: Apache-2.0\nimport { AuthError } from '../../../../../errors/AuthError';\nimport { textEncoder } from '../../textEncoder';\nimport { BigInteger } from '../BigInteger';\nimport { calculateS, calculateU } from '../calculate';\nimport { getBytesFromHex } from '../getBytesFromHex';\nimport { getHashFromData } from '../getHashFromData';\nimport { getHashFromHex } from '../getHashFromHex';\nimport { getHexFromBytes } from '../getHexFromBytes';\nimport { getHkdfKey } from '../getHkdfKey';\nimport { getPaddedHex } from '../getPaddedHex';\nimport { getRandomBytes } from '../getRandomBytes';\nimport { getRandomString } from '../getRandomString';\n/** @class */\nexport default class AuthenticationHelper {\n constructor({ userPoolName, a, g, A, N, }) {\n this.encoder = textEncoder;\n this.userPoolName = userPoolName;\n this.a = a;\n this.g = g;\n this.A = A;\n this.N = N;\n this.k = new BigInteger(getHashFromHex(`${getPaddedHex(N)}${getPaddedHex(g)}`), 16);\n }\n /**\n * @returns {string} Generated random value included in password hash.\n */\n getRandomPassword() {\n if (!this.randomPassword) {\n throw new AuthError({\n name: 'EmptyBigIntegerRandomPassword',\n message: 'random password is empty',\n });\n }\n return this.randomPassword;\n }\n /**\n * @returns {string} Generated random value included in devices hash.\n */\n getSaltToHashDevices() {\n if (!this.saltToHashDevices) {\n throw new AuthError({\n name: 'EmptyBigIntegersaltToHashDevices',\n message: 'saltToHashDevices is empty',\n });\n }\n return this.saltToHashDevices;\n }\n /**\n * @returns {string} Value used to verify devices.\n */\n getVerifierDevices() {\n if (!this.verifierDevices) {\n throw new AuthError({\n name: 'EmptyBigIntegerVerifierDevices',\n message: 'verifyDevices is empty',\n });\n }\n return this.verifierDevices;\n }\n /**\n * Generate salts and compute verifier.\n *\n * @param {string} deviceGroupKey Devices to generate verifier for.\n * @param {string} username User to generate verifier for.\n *\n * @returns {Promise<void>}\n */\n async generateHashDevice(deviceGroupKey, username) {\n this.randomPassword = getRandomString();\n const combinedString = `${deviceGroupKey}${username}:${this.randomPassword}`;\n const hashedString = getHashFromData(combinedString);\n const hexRandom = getHexFromBytes(getRandomBytes(16));\n // The random hex will be unambiguously represented as a postive integer\n this.saltToHashDevices = getPaddedHex(new BigInteger(hexRandom, 16));\n return new Promise((resolve, reject) => {\n this.g.modPow(new BigInteger(getHashFromHex(this.saltToHashDevices + hashedString), 16), this.N, (err, result) => {\n if (err) {\n reject(err);\n return;\n }\n this.verifierDevices = getPaddedHex(result);\n resolve();\n });\n });\n }\n /**\n * Calculates the final HKDF key based on computed S value, computed U value and the key\n *\n * @param {String} username Username.\n * @param {String} password Password.\n * @param {AuthBigInteger} B Server B value.\n * @param {AuthBigInteger} salt Generated salt.\n */\n async getPasswordAuthenticationKey({ username, password, serverBValue, salt, }) {\n if (serverBValue.mod(this.N).equals(BigInteger.ZERO)) {\n throw new Error('B cannot be zero.');\n }\n const U = calculateU({\n A: this.A,\n B: serverBValue,\n });\n const usernamePassword = `${this.userPoolName}${username}:${password}`;\n const usernamePasswordHash = getHashFromData(usernamePassword);\n const x = new BigInteger(getHashFromHex(getPaddedHex(salt) + usernamePasswordHash), 16);\n const S = await calculateS({\n a: this.a,\n g: this.g,\n k: this.k,\n x,\n B: serverBValue,\n N: this.N,\n U,\n });\n const context = this.encoder.convert('Caldera Derived Key');\n const spacer = this.encoder.convert(String.fromCharCode(1));\n const info = new Uint8Array(context.byteLength + spacer.byteLength);\n info.set(context, 0);\n info.set(spacer, context.byteLength);\n const hkdfKey = getHkdfKey(getBytesFromHex(getPaddedHex(S)), getBytesFromHex(getPaddedHex(U)), info);\n return hkdfKey;\n }\n}\n"],"names":[],"mappings":";;;;;;;;;;;;;;AAAA;AACA;AAaA;AACe,MAAM,oBAAoB,CAAC;AAC1C,IAAI,WAAW,CAAC,EAAE,YAAY,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC,GAAG,EAAE;AAC/C,QAAQ,IAAI,CAAC,OAAO,GAAG,WAAW;AAClC,QAAQ,IAAI,CAAC,YAAY,GAAG,YAAY;AACxC,QAAQ,IAAI,CAAC,CAAC,GAAG,CAAC;AAClB,QAAQ,IAAI,CAAC,CAAC,GAAG,CAAC;AAClB,QAAQ,IAAI,CAAC,CAAC,GAAG,CAAC;AAClB,QAAQ,IAAI,CAAC,CAAC,GAAG,CAAC;AAClB,QAAQ,IAAI,CAAC,CAAC,GAAG,IAAI,UAAU,CAAC,cAAc,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC;AAC3F;AACA;AACA;AACA;AACA,IAAI,iBAAiB,GAAG;AACxB,QAAQ,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE;AAClC,YAAY,MAAM,IAAI,SAAS,CAAC;AAChC,gBAAgB,IAAI,EAAE,+BAA+B;AACrD,gBAAgB,OAAO,EAAE,0BAA0B;AACnD,aAAa,CAAC;AACd;AACA,QAAQ,OAAO,IAAI,CAAC,cAAc;AAClC;AACA;AACA;AACA;AACA,IAAI,oBAAoB,GAAG;AAC3B,QAAQ,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE;AACrC,YAAY,MAAM,IAAI,SAAS,CAAC;AAChC,gBAAgB,IAAI,EAAE,kCAAkC;AACxD,gBAAgB,OAAO,EAAE,4BAA4B;AACrD,aAAa,CAAC;AACd;AACA,QAAQ,OAAO,IAAI,CAAC,iBAAiB;AACrC;AACA;AACA;AACA;AACA,IAAI,kBAAkB,GAAG;AACzB,QAAQ,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE;AACnC,YAAY,MAAM,IAAI,SAAS,CAAC;AAChC,gBAAgB,IAAI,EAAE,gCAAgC;AACtD,gBAAgB,OAAO,EAAE,wBAAwB;AACjD,aAAa,CAAC;AACd;AACA,QAAQ,OAAO,IAAI,CAAC,eAAe;AACnC;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,IAAI,MAAM,kBAAkB,CAAC,cAAc,EAAE,QAAQ,EAAE;AACvD,QAAQ,IAAI,CAAC,cAAc,GAAG,eAAe,EAAE;AAC/C,QAAQ,MAAM,cAAc,GAAG,CAAC,EAAE,cAAc,CAAC,EAAE,QAAQ,CAAC,CAAC,EAAE,IAAI,CAAC,cAAc,CAAC,CAAC;AACpF,QAAQ,MAAM,YAAY,GAAG,eAAe,CAAC,cAAc,CAAC;AAC5D,QAAQ,MAAM,SAAS,GAAG,eAAe,CAAC,cAAc,CAAC,EAAE,CAAC,CAAC;AAC7D;AACA,QAAQ,IAAI,CAAC,iBAAiB,GAAG,YAAY,CAAC,IAAI,UAAU,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC;AAC5E,QAAQ,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,KAAK;AAChD,YAAY,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,UAAU,CAAC,cAAc,CAAC,IAAI,CAAC,iBAAiB,GAAG,YAAY,CAAC,EAAE,EAAE,CAAC,EAAE,IAAI,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK;AAC9H,gBAAgB,IAAI,GAAG,EAAE;AACzB,oBAAoB,MAAM,CAAC,GAAG,CAAC;AAC/B,oBAAoB;AACpB;AACA,gBAAgB,IAAI,CAAC,eAAe,GAAG,YAAY,CAAC,MAAM,CAAC;AAC3D,gBAAgB,OAAO,EAAE;AACzB,aAAa,CAAC;AACd,SAAS,CAAC;AACV;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA;AACA,IAAI,MAAM,4BAA4B,CAAC,EAAE,QAAQ,EAAE,QAAQ,EAAE,YAAY,EAAE,IAAI,GAAG,EAAE;AACpF,QAAQ,IAAI,YAAY,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE;AAC9D,YAAY,MAAM,IAAI,KAAK,CAAC,mBAAmB,CAAC;AAChD;AACA,QAAQ,MAAM,CAAC,GAAG,UAAU,CAAC;AAC7B,YAAY,CAAC,EAAE,IAAI,CAAC,CAAC;AACrB,YAAY,CAAC,EAAE,YAAY;AAC3B,SAAS,CAAC;AACV,QAAQ,MAAM,gBAAgB,GAAG,CAAC,EAAE,IAAI,CAAC,YAAY,CAAC,EAAE,QAAQ,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC;AAC9E,QAAQ,MAAM,oBAAoB,GAAG,eAAe,CAAC,gBAAgB,CAAC;AACtE,QAAQ,MAAM,CAAC,GAAG,IAAI,UAAU,CAAC,cAAc,CAAC,YAAY,CAAC,IAAI,CAAC,GAAG,oBAAoB,CAAC,EAAE,EAAE,CAAC;AAC/F,QAAQ,MAAM,CAAC,GAAG,MAAM,UAAU,CAAC;AACnC,YAAY,CAAC,EAAE,IAAI,CAAC,CAAC;AACrB,YAAY,CAAC,EAAE,IAAI,CAAC,CAAC;AACrB,YAAY,CAAC,EAAE,IAAI,CAAC,CAAC;AACrB,YAAY,CAAC;AACb,YAAY,CAAC,EAAE,YAAY;AAC3B,YAAY,CAAC,EAAE,IAAI,CAAC,CAAC;AACrB,YAAY,CAAC;AACb,SAAS,CAAC;AACV,QAAQ,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,qBAAqB,CAAC;AACnE,QAAQ,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;AACnE,QAAQ,MAAM,IAAI,GAAG,IAAI,UAAU,CAAC,OAAO,CAAC,UAAU,GAAG,MAAM,CAAC,UAAU,CAAC;AAC3E,QAAQ,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;AAC5B,QAAQ,IAAI,CAAC,GAAG,CAAC,MAAM,EAAE,OAAO,CAAC,UAAU,CAAC;AAC5C,QAAQ,MAAM,OAAO,GAAG,UAAU,CAAC,eAAe,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,EAAE,eAAe,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC;AAC5G,QAAQ,OAAO,OAAO;AACtB;AACA;;;;"}