Prepare for UVFVault implementation.

ylangisc · chenkins · commit e89c1ee5a744 · 2025-02-25T18:09:30.000+01:00
diff --git a/hub/src/main/java/ch/iterate/hub/crypto/uvf/UvfMetadataPayload.java b/hub/src/main/java/ch/iterate/hub/crypto/uvf/UvfMetadataPayload.java
@@ -93,6 +93,12 @@ public static UvfMetadataPayload fromJWE(final String jwe) throws JsonProcessing
         return mapper.readValue(jwe, UvfMetadataPayload.class);
     }
 
+    public String toJSON() throws JsonProcessingException {
+        ObjectMapper mapper = new ObjectMapper();
+        mapper.registerModule(new JsonNullableModule());
+        return mapper.writeValueAsString(this);
+    }
+
     public static UvfMetadataPayload create() {
         final String kid = new AlphanumericRandomStringService(4).random();
         final byte[] rawSeed = new byte[32];
diff --git a/hub/src/main/java/ch/iterate/hub/protocols/hub/HubCryptoVault.java b/hub/src/main/java/ch/iterate/hub/protocols/hub/HubCryptoVault.java
@@ -32,7 +32,7 @@
 /**
  * Cryptomator vault implementation for Cipherduck (without masterkey file).
  */
-public class HubCryptoVault extends CryptoVault {
+public class HubCryptoVault extends CryptoVault { // TODO extend from UVFVault
     private static final Logger log = LogManager.getLogger(HubCryptoVault.class);
 
     // See https://github.com/cryptomator/hub/blob/develop/frontend/src/common/vaultconfig.ts
@@ -55,7 +55,7 @@ public HubCryptoVault(final Path home) {
     }
 
     public HubCryptoVault(final Path home, final String masterkey, final String config, final byte[] pepper) {
-        super(home);
+        super(home, masterkey, config, pepper);
     }
 
     /**
diff --git a/hub/src/main/java/ch/iterate/hub/protocols/s3/S3AutoLoadVaultSession.java b/hub/src/main/java/ch/iterate/hub/protocols/s3/S3AutoLoadVaultSession.java
@@ -13,7 +13,6 @@
 import ch.cyberduck.core.HostPasswordStore;
 import ch.cyberduck.core.LocaleFactory;
 import ch.cyberduck.core.LoginCallback;
-import ch.cyberduck.core.LoginOptions;
 import ch.cyberduck.core.PasswordStoreFactory;
 import ch.cyberduck.core.Path;
 import ch.cyberduck.core.exception.BackgroundException;
@@ -27,13 +26,11 @@
 import ch.cyberduck.core.ssl.X509KeyManager;
 import ch.cyberduck.core.ssl.X509TrustManager;
 import ch.cyberduck.core.threading.CancelCallback;
-import ch.cyberduck.core.vault.VaultCredentials;
 import ch.cyberduck.core.vault.VaultFactory;
 
 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
 
-import java.util.Base64;
 import java.util.UUID;
 
 import ch.iterate.hub.client.ApiException;
@@ -44,8 +41,7 @@
 import ch.iterate.hub.workflows.VaultServiceImpl;
 import ch.iterate.hub.workflows.exceptions.AccessException;
 import ch.iterate.hub.workflows.exceptions.SecurityFailure;
-import com.google.common.primitives.Bytes;
-import com.nimbusds.jose.util.Base64URL;
+import com.fasterxml.jackson.core.JsonProcessingException;
 
 public class S3AutoLoadVaultSession extends S3AssumeRoleSession {
     private static final Logger log = LogManager.getLogger(S3AutoLoadVaultSession.class);
@@ -83,23 +79,13 @@ public void login(final LoginCallback prompt, final CancelCallback cancel) throw
             super.login(prompt, cancel);
             final Path home = new DelegatingHomeFeature(new DefaultPathHomeFeature(host)).find();
             log.debug("Attempting to locate vault in {}", home);
-            final Vault vault = VaultFactory.get(home);
-            // TODO https://github.com/shift7-ch/cipherduck-hub/issues/19 !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! MUST NEVER BE RELEASED LIKE THIS
-            // TODO https://github.com/shift7-ch/cipherduck-hub/issues/19 use rawFileKey,rawNameKey as vault key for now (going into cryptolib's Masterkey)
             final UvfMetadataPayload vaultMetadata = new VaultServiceImpl(backend).getVaultMetadataJWE(
                     UUID.fromString(host.getUuid()), new UserKeysServiceImpl(backend).getUserKeys(backend.getHost(), FirstLoginDeviceSetupCallbackFactory.get()));
-            final byte[] rawFileKey = Base64URL.from(vaultMetadata.seeds().get(vaultMetadata.latestSeed())).decode();
-            final byte[] rawNameKey = Base64URL.from(vaultMetadata.seeds().get(vaultMetadata.latestSeed())).decode();
-            final byte[] vaultKey = Bytes.concat(rawFileKey, rawNameKey);
-            registry.add(vault.load(this, new DisabledPasswordCallback() {
-                @Override
-                public Credentials prompt(final Host bookmark, final String title, final String reason, final LoginOptions options) {
-                    return new VaultCredentials(Base64.getEncoder().encodeToString(vaultKey));
-                }
-            }));
+            final Vault vault = VaultFactory.get(home, vaultMetadata.toJSON(), null, null);
+            vault.load(this, new DisabledPasswordCallback());
             backend.close();
         }
-        catch(ApiException | SecurityFailure | AccessException e) {
+        catch(ApiException | SecurityFailure | AccessException | JsonProcessingException e) {
             throw new LoginFailureException(LocaleFactory.localizedString("Login failed", "Credentials"), e);
         }
     }

Original file line number	Diff line number	Diff line change
`@@ -32,7 +32,7 @@`
`32`	`32`	`/**`
`33`	`33`	`* Cryptomator vault implementation for Cipherduck (without masterkey file).`
`34`	`34`	`*/`
`35`		`-public class HubCryptoVault extends CryptoVault {`
	`35`	`+public class HubCryptoVault extends CryptoVault { // TODO extend from UVFVault`
`36`	`36`	`private static final Logger log = LogManager.getLogger(HubCryptoVault.class);`
`37`	`37`
`38`	`38`	`// See https://github.com/cryptomator/hub/blob/develop/frontend/src/common/vaultconfig.ts`
`@@ -55,7 +55,7 @@ public HubCryptoVault(final Path home) {`
`55`	`55`	`}`
`56`	`56`
`57`	`57`	`public HubCryptoVault(final Path home, final String masterkey, final String config, final byte[] pepper) {`
`58`		`- super(home);`
	`58`	`+ super(home, masterkey, config, pepper);`
`59`	`59`	`}`
`60`	`60`
`61`	`61`	`/**`