From 9a091be9d91839624814547d71acbb33a769e913 Mon Sep 17 00:00:00 2001
From: Luke Childs <lukechilds123@gmail.com>
Date: Mon, 15 Nov 2021 19:31:36 +0700
Subject: [PATCH] Derive deterministic app passwords (#110)

---
 logic/apps.js             | 10 ++++++++++
 modules/derive-entropy.js | 16 ++++++++++++++++
 2 files changed, 26 insertions(+)
 create mode 100644 modules/derive-entropy.js

diff --git a/logic/apps.js b/logic/apps.js
index 146f04a..36b594a 100644
--- a/logic/apps.js
+++ b/logic/apps.js
@@ -1,5 +1,6 @@
 const diskLogic = require('logic/disk.js');
 const NodeError = require('models/errors.js').NodeError;
+const deriveEntropy = require('modules/derive-entropy');
 
 async function get(query) {
   let apps = await diskLogic.readAppRegistry();
@@ -13,6 +14,15 @@ async function get(query) {
     }
   }));
 
+  // Derive all passwords concurrently
+  await Promise.all(apps.filter(app => app.deterministicPassword).map(async app => {
+    try {
+      app.defaultPassword = await deriveEntropy(`app-${app.id}-seed-APP_PASSWORD`);
+    } catch(e) {
+      app.defaultPassword = '';
+    }
+  }));
+
   if (query.installed === true) {
     const {installedApps} = await diskLogic.readUserFile();
     apps = apps.filter(app => installedApps.includes(app.id));
diff --git a/modules/derive-entropy.js b/modules/derive-entropy.js
new file mode 100644
index 0000000..c7c3656
--- /dev/null
+++ b/modules/derive-entropy.js
@@ -0,0 +1,16 @@
+const {promisify} = require('util');
+const readFile = promisify(require('fs').readFile);
+const crypto = require('crypto');
+
+const constants = require('utils/const.js');
+
+const deriveEntropy = async indentifier => {
+  const umbrel_seed = await readFile(constants.UMBREL_SEED_FILE);
+
+  return crypto
+    .createHmac('sha256', umbrel_seed)
+    .update(indentifier)
+    .digest('hex');
+};
+
+module.exports = deriveEntropy;
\ No newline at end of file