From 85bcaa51f7ddfef91fb878231ee39ad43be59b1c Mon Sep 17 00:00:00 2001
From: ansuz <ansuz@transitiontech.ca>
Date: Fri, 22 Jun 2018 11:37:48 +0200
Subject: [PATCH] export a constant for the number of required bytes at login
 time

allocate bytes for blockSeed when changing passwords
---
 customize.dist/login.js       | 12 ++++++------
 www/common/cryptpad-common.js | 13 ++++++++-----
 2 files changed, 14 insertions(+), 11 deletions(-)

diff --git a/customize.dist/login.js b/customize.dist/login.js
index ab0290909..5e2722d67 100644
--- a/customize.dist/login.js
+++ b/customize.dist/login.js
@@ -21,10 +21,13 @@ define([
             Feedback, LocalStore, Messages, nThen, Block) {
     var Exports = {
         Cred: Cred,
+        // this is depended on by non-customizable files
+        // be careful when modifying login.js
+        requiredBytes: 192,
     };
 
     var Nacl = window.nacl;
-    var allocateBytes = function (bytes) {
+    var allocateBytes = Exports.allocateBytes = function (bytes) {
         var dispense = Cred.dispenser(bytes);
 
         var opt = {};
@@ -44,10 +47,7 @@ define([
         var edSeed = opt.edSeed = dispense(32);
 
         // 32 more bytes to seed an additional signing key
-        opt.blockSignSeed = dispense(32);
-
-        // 32 more bytes for a symmetric key for block encryption
-        opt.blockSymmetric = dispense(32);
+        opt.blockSeed = dispense(64);
 
         // derive a private key from the ed seed
         var signingKeypair = Nacl.sign.keyPair.fromSeed(new Uint8Array(edSeed));
@@ -121,7 +121,7 @@ define([
         var RT;
 
         nThen(function (waitFor) {
-            Cred.deriveFromPassphrase(uname, passwd, 192, waitFor(function (bytes) {
+            Cred.deriveFromPassphrase(uname, passwd, Exports.requiredBytes, waitFor(function (bytes) {
                 // run scrypt to derive the user's keys
                 res.opt = allocateBytes(bytes);
             }));
diff --git a/www/common/cryptpad-common.js b/www/common/cryptpad-common.js
index 7cef662b5..95a1a9ef3 100644
--- a/www/common/cryptpad-common.js
+++ b/www/common/cryptpad-common.js
@@ -717,14 +717,16 @@ define([
         throw new Error("XXX");
 
         var blockHash = LocalStore.getBlockHash();
-        var Cred, Block;
+        var Cred, Block, Login;
         Nthen(function (waitFor) {
             require([
                 '/customize/credential.js',
-                '/common/outer/login-block.js'
-            ], waitFor(function (_Cred, _Block) {
+                '/common/outer/login-block.js',
+                '/customize/login.js'
+            ], waitFor(function (_Cred, _Block, _Login) {
                 Cred = _Cred;
                 Block = _Block;
+                Login = _Login;
             }));
         }).nThen(function (waitFor) {
             // Check if our drive is already owned
@@ -761,8 +763,9 @@ define([
             }));
         }).nThen(function (waitFor) {
             // Drive content copied: get the new block location
-            Cred.deriveFromPassphrase(accountName, newPassword, 192, waitFor(function (bytes) {
-                newBlockSeed = null; // XXX
+            Cred.deriveFromPassphrase(accountName, newPassword, Login.requiredBytes, waitFor(function (bytes) {
+                var allocated = Login.allocateBytes(bytes);
+                newBlockSeed = allocated.blockSeed;
             }));
         }).nThen(function (waitFor) {
             // Write the new login block