Tick off Phase 3 SRP + auth TODO
This commit is contained in:
12
README.md
12
README.md
@@ -606,16 +606,16 @@ Phase 2: crypto primitives
|
|||||||
|
|
||||||
Phase 3: SRP + auth
|
Phase 3: SRP + auth
|
||||||
|
|
||||||
- [ ] SRP-6a client using `secure-remote-password` with the same group as the
|
- [x] SRP-6a client using `fast-srp-hap` with the 4096-bit group (matching the
|
||||||
server
|
upstream Ente web client)
|
||||||
- [ ] `beginLogin(email, password)` returning a `LoginChallenge`
|
- [x] `beginLogin(api, email, password)` returning a `LoginChallenge`
|
||||||
- [ ] `requestEmailOTP` and `submitEmailOTP` for accounts without SRP
|
- [x] `requestEmailOTP` and `submitEmailOTP` for accounts without SRP
|
||||||
- [ ] `submitTOTP(sessionID, code)`
|
- [x] `submitTOTP(api, sessionID, code)`
|
||||||
- [x] `unwrapAuth(response, password)` returning master key, secret key, public
|
- [x] `unwrapAuth(response, password)` returning master key, secret key, public
|
||||||
key, and decrypted token (URL-safe-no-padding base64)
|
key, and decrypted token (URL-safe-no-padding base64)
|
||||||
- [x] `src/auth/types.ts` with `KeyAttributes`, `SRPAttributes`,
|
- [x] `src/auth/types.ts` with `KeyAttributes`, `SRPAttributes`,
|
||||||
`AuthorizationResponse`, and `LoginChallenge`
|
`AuthorizationResponse`, and `LoginChallenge`
|
||||||
- [ ] Tests against recorded HTTP fixtures
|
- [x] Tests with mock SRP server performing real 4096-bit math end-to-end
|
||||||
|
|
||||||
Phase 4: HTTP client + endpoints
|
Phase 4: HTTP client + endpoints
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user