Generate and store wkd hash in the database

pravi · pravi · commit 1d7b0b06448d · 2024-05-31T22:57:15.000+05:30
Thanks to wkd-client npm module, Akshay S Dinesh and Ananthu CV
diff --git a/src/lib/util.js b/src/lib/util.js
@@ -1,6 +1,25 @@
 /**
  * Copyright (C) 2020 Mailvelope GmbH
  * Licensed under the GNU Affero General Public License version 3
+ *
+ * genWKDHash and encodeZBase32 are based on wkd-client node module,
+ * which is WKD client implementation in javascript
+ * Copyright (C) 2018 Wiktor Kwapisiewicz
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3.0 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301
+ * USA
  */
 
 'use strict';
@@ -87,6 +106,47 @@ exports.normalizeEmail = function(email) {
   return email;
 };
 
+exports.genWKDHash = function(email) {
+ return new Promise((resolve, reject) => {
+    const [localPart, domain] = email.split('@');
+    const localPartHashed = crypto.createHash('sha1')
+      .update(localPart.toLowerCase())
+      .digest();
+    const localPartBase32 = encodeZBase32(localPartHashed);
+    const wkdhash = localPartBase32 + '@' + domain;
+    resolve(wkdhash);
+  });
+}
+
+function encodeZBase32(data) {
+  if (data.length === 0) {
+    return "";
+  }
+  const ALPHABET = "ybndrfg8ejkmcpqxot1uwisza345h769";
+  const SHIFT = 5;
+  const MASK = 31;
+  let buffer = data[0];
+  let index = 1;
+  let bitsLeft = 8;
+  let result = '';
+  while (bitsLeft > 0 || index < data.length) {
+    if (bitsLeft < SHIFT) {
+      if (index < data.length) {
+        buffer <<= 8;
+        buffer |= data[index++] & 0xff;
+        bitsLeft += 8;
+      } else {
+        const pad = SHIFT - bitsLeft;
+        buffer <<= pad;
+        bitsLeft += pad;
+      }
+    }
+    bitsLeft -= SHIFT;
+    result += ALPHABET[MASK & (buffer >> bitsLeft)];
+  }
+  return result;
+}
+
 /**
  * Generate a cryptographically secure random hex string. If no length is
  * provided a 32 char hex string will be generated by default.
diff --git a/src/modules/public-key.js b/src/modules/public-key.js
@@ -162,6 +162,8 @@ class PublicKey {
       if (userId.notify === true) {
         // generate nonce for verification
         userId.nonce = util.random();
+        // generate wkd hash
+        userId.wkdhash = await util.genWKDHash(userId.email);
         await this._email.send({template: tpl.verifyKey, userId, keyId, origin, publicKeyArmored: userId.publicKeyArmored, i18n});
       }
     }

Original file line number	Diff line number	Diff line change
`@@ -162,6 +162,8 @@ class PublicKey {`
`162`	`162`	`if (userId.notify === true) {`
`163`	`163`	`// generate nonce for verification`
`164`	`164`	`userId.nonce = util.random();`
	`165`	`+ // generate wkd hash`
	`166`	`+ userId.wkdhash = await util.genWKDHash(userId.email);`
`165`	`167`	`await this._email.send({template: tpl.verifyKey, userId, keyId, origin, publicKeyArmored: userId.publicKeyArmored, i18n});`
`166`	`168`	`}`
`167`	`169`	`}`