пре 4 година · afc853f5f5
--- a/src/main/java/org/cryptomator/ui/keyloading/hub/RegisterDeviceController.java
+++ b/src/main/java/org/cryptomator/ui/keyloading/hub/RegisterDeviceController.java
@@ -1,7 +1,6 @@
 
				 package org.cryptomator.ui.keyloading.hub;
			
 
				 
			
 
				 import com.google.common.io.BaseEncoding;
			
 
				-import org.cryptomator.common.vaults.Vault;
			
 
				 import org.cryptomator.ui.common.FxController;
			
 
				 import org.cryptomator.ui.common.UserInteractionLock;
			
 
				 import org.cryptomator.ui.keyloading.KeyLoading;
			
@@ -9,11 +8,14 @@ import org.cryptomator.ui.keyloading.KeyLoadingScoped;
 
				 
			
 
				 import javax.inject.Inject;
			
 
				 import javafx.application.Application;
			
 
				-import javafx.event.Event;
			
 
				 import javafx.fxml.FXML;
			
 
				 import javafx.stage.Stage;
			
 
				 import javafx.stage.WindowEvent;
			
 
				+import java.nio.charset.StandardCharsets;
			
 
				 import java.security.KeyPair;
			
 
				+import java.security.MessageDigest;
			
 
				+import java.security.NoSuchAlgorithmException;
			
 
				+import java.security.SecureRandom;
			
 
				 import java.util.Objects;
			
 
				 import java.util.concurrent.atomic.AtomicReference;
			
 
				 
			
@@ -25,22 +27,25 @@ public class RegisterDeviceController implements FxController {
 
				 	private final HubConfig hubConfig;
			
 
				 	private final KeyPair keyPair;
			
 
				 	private final UserInteractionLock<HubKeyLoadingModule.HubLoadingResult> result;
			
 
				+	private final String verificationCode;
			
 
				 
			
 
				 	@Inject
			
 
				-	public RegisterDeviceController(Application application, @KeyLoading Stage window, HubConfig hubConfig, AtomicReference<KeyPair> keyPairRef, UserInteractionLock<HubKeyLoadingModule.HubLoadingResult> result) {
			
 
				+	public RegisterDeviceController(Application application, SecureRandom csprng, @KeyLoading Stage window, HubConfig hubConfig, AtomicReference<KeyPair> keyPairRef, UserInteractionLock<HubKeyLoadingModule.HubLoadingResult> result) {
			
 
				 		this.application = application;
			
 
				 		this.window = window;
			
 
				 		this.hubConfig = hubConfig;
			
 
				 		this.keyPair = Objects.requireNonNull(keyPairRef.get());
			
 
				 		this.result = result;
			
 
				 		this.window.addEventHandler(WindowEvent.WINDOW_HIDING, this::windowClosed);
			
 
				+		this.verificationCode = String.format("%06d", csprng.nextInt(1_000_000));
			
 
				 	}
			
 
				 
			
 
				 	@FXML
			
 
				 	public void browse() {
			
 
				 		var deviceKey = BaseEncoding.base64Url().omitPadding().encode(keyPair.getPublic().getEncoded());
			
 
				-		var url = hubConfig.deviceRegistrationUrl + "?device_key=" + deviceKey;
			
 
				-		// TODO append further params (including hmac of shown verification code)
			
 
				+		var deviceId = "desktop-app"; // TODO use actual device id
			
 
				+		var hash = computeVerificationHash(deviceId + deviceKey + verificationCode);
			
 
				+		var url = hubConfig.deviceRegistrationUrl + "?device_key=" + deviceKey + "&device_id=" + deviceId + "&verification_hash=" + hash;
			
 
				 		application.getHostServices().showDocument(url);
			
 
				 	}
			
 
				 
			
@@ -56,4 +61,20 @@ public class RegisterDeviceController implements FxController {
 
				 		}
			
 
				 	}
			
 
				 
			
 
				+	private static String computeVerificationHash(String input) {
			
 
				+		try {
			
 
				+			var digest = MessageDigest.getInstance("SHA-256");
			
 
				+			digest.update(StandardCharsets.UTF_8.encode(input));
			
 
				+			return BaseEncoding.base64Url().omitPadding().encode(digest.digest());
			
 
				+		} catch (NoSuchAlgorithmException e) {
			
 
				+			throw new IllegalStateException("Every implementation of the Java platform is required to support SHA-256.");
			
 
				+		}
			
 
				+	}
			
 
				+
			
 
				+	/* Getter */
			
 
				+
			
 
				+	public String getVerificationCode() {
			
 
				+		return verificationCode;
			
 
				+	}
			
 
				+
			
 
				 }
			
--- a/src/main/resources/fxml/hub_register_device.fxml
+++ b/src/main/resources/fxml/hub_register_device.fxml
@@ -8,6 +8,8 @@
 
				 <?import javafx.scene.layout.HBox?>
			
 
				 <?import javafx.scene.layout.VBox?>
			
 
				 <?import javafx.scene.control.Hyperlink?>
			
 
				+<?import javafx.scene.text.TextFlow?>
			
 
				+<?import javafx.scene.text.Text?>
			
 
				 <VBox xmlns:fx="http://javafx.com/fxml"
			
 
				 	  xmlns="http://javafx.com/javafx"
			
 
				 	  fx:controller="org.cryptomator.ui.keyloading.hub.RegisterDeviceController"
			
@@ -25,7 +27,12 @@
 
				 			</ImageView>
			
 
				 
			
 
				 			<VBox spacing="12">
			
 
				-				<Hyperlink text="TODO: Register Device" onAction="#browse"/>
			
 
				+				<TextFlow styleClass="text-flow">
			
 
				+					<Text text="TODO: Please click on "/>
			
 
				+					<Hyperlink styleClass="hyperlink-underline" text="TODO: Register Device" onAction="#browse"/>
			
 
				+					<Text text=" and enter this device verification code: "/>
			
 
				+					<Text text="${controller.verificationCode}"/>
			
 
				+				</TextFlow>
			
 
				 			</VBox>
			
 
				 		</HBox>