Page MenuHomePhabricator
Files F3401878

D4351.id13817.diff
No OneTemporary
Actions

D4351.id13817.diff
View Options

diff --git a/services/identity/src/service.rs b/services/identity/src/service.rs
--- a/services/identity/src/service.rs
+++ b/services/identity/src/service.rs
@@ -361,3 +361,53 @@
}
}
}
+
+async fn pake_login_finish(
+ user_id: &str,
+ device_id: &str,
+ client: DatabaseClient,
+ server_login: Option<ServerLogin<Cipher>>,
+ pake_credential_finalization: &[u8],
+ rng: &mut (impl Rng + CryptoRng),
+ num_messages_received: u8,
+ pake_workflow: PakeWorkflow,
+) -> Result<PakeLoginResponseStruct, Status> {
+ if (num_messages_received != 1
+ && matches!(pake_workflow, PakeWorkflow::Login))
+ || (num_messages_received != 2
+ && matches!(pake_workflow, PakeWorkflow::Registration))
+ {
+ error!("Too many messages received in stream, aborting");
+ return Err(Status::aborted("please retry"));
+ }
+ if user_id.is_empty() || device_id.is_empty() {
+ error!(
+ "Incomplete data: user ID {}, device ID {}",
+ user_id, device_id
+ );
+ return Err(Status::aborted("user not found"));
+ }
+ match server_login
+ .ok_or_else(|| Status::aborted("login failed"))?
+ .finish(
+ CredentialFinalization::deserialize(pake_credential_finalization)
+ .map_err(|e| {
+ error!("Failed to deserialize credential finalization bytes: {}", e);
+ Status::aborted("login failed")
+ })?,
+ ) {
+ Ok(_) => Ok(PakeLoginResponseStruct {
+ data: Some(AccessToken(
+ put_token_helper(client, AuthType::Password, user_id, device_id, rng)
+ .await?,
+ )),
+ }),
+ Err(e) => {
+ error!(
+ "Encountered a PAKE protocol error when finishing login: {}",
+ e
+ );
+ Err(Status::aborted("server error"))
+ }
+ }
+}

File Metadata

Mime Type
text/plain
Expires
Tue, Dec 3, 2:25 PM (2 h, 26 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
2611978
Default Alt Text
D4351.id13817.diff (1 KB)

Event Timeline