From 0c955d3f8ecbb29557ab4f73413e21b5404f671b Mon Sep 17 00:00:00 2001
From: TimHeflin <theflin@keepersecurity.com>
Date: Tue, 2 Jan 2024 16:05:55 -0800
Subject: [PATCH] trying out rsa to ec step, putting it into a try catch

---
 keeperapi/src/browser/platform.ts | 39 +++++++++++++++++++++++--------
 keeperapi/src/restMessages.ts     |  3 +++
 keeperapi/src/vaultx.ts           |  2 +-
 3 files changed, 33 insertions(+), 11 deletions(-)

diff --git a/keeperapi/src/browser/platform.ts b/keeperapi/src/browser/platform.ts
index 3256276..18aa6b3 100644
--- a/keeperapi/src/browser/platform.ts
+++ b/keeperapi/src/browser/platform.ts
@@ -105,7 +105,7 @@ export const browserPlatform: Platform = class {
     }
 
     static async importKeyEC(keyId: string, privateKey: Uint8Array, publicKey: Uint8Array, storage?: KeyStorage): Promise<void> {
-        const key = await this.importPrivateKeyEC(privateKey, publicKey)
+        const key = await this.importPrivateKeyEC(privateKey, publicKey)          
         cryptoKeysCache['ecc'][keyId] = key
 
         if (storage) {
@@ -214,9 +214,17 @@ export const browserPlatform: Platform = class {
                                 await this.importKeyRSA(keyId, keyBytes, storage)
                                 break
                             // TODO: add something like this, need to find pub/priv key pair
-                            // case 'ecc':
-                            //     await this.importKeyEC(keyId, keyBytes, keys[keyId].publicKey, storage)
-                            //     break
+                            case 'ecc':
+                                // gonna figure this out
+                                try {
+                                    debugger
+                                    const privkey = keyBytes.slice(ECC_PUB_KEY_LENGTH)
+                                    const pubKey = keyBytes.slice(0, ECC_PUB_KEY_LENGTH)
+                                    await this.importKeyEC(keyId, privkey, pubKey, storage)
+                                } catch(e){
+                                    console.error('ecc error in unwrapKeys: ', e)
+                                }
+                                break
                             default:
                                 throw new Error(`unable to import ${unwrappedType} key`)
                         }
@@ -267,13 +275,23 @@ export const browserPlatform: Platform = class {
                 await this.unwrapAesKey(key, keyId, unwrappingKeyId, encryptionType, storage, canExport)
                 break
             // TODO: add something like this, need to find pub/priv key pair
-            // case 'ecc':
-            //     if (cryptoKeysCache['gcm'][keyId]) {
-            //         return
-            //     }
+            case 'ecc':
+                if (cryptoKeysCache['gcm'][keyId]) {
+                    return
+                }
 
-            //     await this.unwrapECCKey(key, keyId, unwrappingKeyId, encryptionType, storage, canExport)
-            //     break
+                try {
+                    debugger
+                    // maybe this priv key?
+                    // const eccPrivateKey = await this.loadKey(unwrappingKeyId, 'ecc', storage)
+                    const privkey = key.slice(ECC_PUB_KEY_LENGTH)
+                    const pubKey = key.slice(0, ECC_PUB_KEY_LENGTH)
+    
+                    await this.unwrapECCKey(privkey, pubKey, keyId, unwrappingKeyId, encryptionType, storage)
+                } catch(e){
+                    console.error('ecc error in unwrapKey: ', e)
+                }
+                break
             default:
                 throw new Error('Unable to unwrap key type ' + unwrappedKeyType)
         }
@@ -370,6 +388,7 @@ export const browserPlatform: Platform = class {
                 return this.privateDecrypt(data, key)
             }
             case 'ecc': {
+                // explains ec privkey
                 const key = await this.loadKey(keyId, encryptionType, storage)
                 return this.privateDecryptECWebCrypto(data, key)
             }
diff --git a/keeperapi/src/restMessages.ts b/keeperapi/src/restMessages.ts
index f138e41..cec9a0b 100644
--- a/keeperapi/src/restMessages.ts
+++ b/keeperapi/src/restMessages.ts
@@ -277,6 +277,9 @@ export const updateSecurityData = (data: Authentication.ISecurityDataRequest): R
 export const setReusedPasswords = (data: Authentication.IReusedPasswordsRequest): RestInMessage<Authentication.IReusedPasswordsRequest> =>
     createInMessage(data, 'enterprise/set_reused_passwords', Authentication.ReusedPasswordsRequest)
 
+export const changeToKeyTypeOne = (data: Authentication.IChangeToKeyTypeOne): RestInMessage<Authentication.IChangeToKeyTypeOne> =>
+    createInMessage(data, 'vault/change_to_key_type_one', Authentication.ChangeToKeyTypeOne)
+
 /* -- SERVICE LOGGER -- */
 
 export const serviceLoggerGetMessage = (data: ServiceLogger.IServiceLogGetRequest): RestMessage<ServiceLogger.IServiceLogGetRequest, ServiceLogger.IServiceLogResponse> =>
diff --git a/keeperapi/src/vaultx.ts b/keeperapi/src/vaultx.ts
index 43fec8b..1fbf4eb 100644
--- a/keeperapi/src/vaultx.ts
+++ b/keeperapi/src/vaultx.ts
@@ -256,7 +256,7 @@ const mapKeyType = (keyType: Records.RecordKeyType): { keyId: string, encryption
             keyId = 'data'
             encryptionType = 'gcm'
             break
-        // RSA TAGGED - might have to fallback to ecc or force ecc
+        // RSA TAGGED - might have to fallback to ecc or force ecc - dont make a change here, rely on keeperapp to provide the correct keyType
         case RecordKeyType.ENCRYPTED_BY_PUBLIC_KEY:
             keyId = 'pk_rsa'
             encryptionType = 'rsa'