4nk/ihm_client
5
0
Fork 0
Code Issues 6 Pull Requests Actions Packages Projects Releases Wiki Activity

debug: add detailed logging for WebAuthn decryption

Browse Source
This commit is contained in:
NicolasCantu 2025-10-26 02:36:27 +01:00
parent 3e63b9d8fc
commit 0e75a49b08
1 changed files with 29 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
src/services/credentials/webauthn.service.ts
View File

@ -310,6 +310,7 @@ export class WebAuthnService {
} }
// Déchiffrer la clé avec le credentialId WebAuthn // Déchiffrer la clé avec le credentialId WebAuthn
console.log('🔐 Decrypting PBKDF2 key with credentialId:', credentialId);
const encrypted = atob(result.encryptedKey); const encrypted = atob(result.encryptedKey);
const combined = new Uint8Array(encrypted.length); const combined = new Uint8Array(encrypted.length);
for (let i = 0; i < encrypted.length; i++) { for (let i = 0; i < encrypted.length; i++) {
@ -321,6 +322,13 @@ export class WebAuthnService {
const iv = combined.slice(16, 28); const iv = combined.slice(16, 28);
const encryptedData = combined.slice(28); const encryptedData = combined.slice(28);
console.log('🔐 Extraction complete:', {
saltLength: salt.length,
ivLength: iv.length,
encryptedDataLength: encryptedData.length,
totalLength: combined.length
});
// Dériver la clé avec PBKDF2 // Dériver la clé avec PBKDF2
const keyMaterial = await crypto.subtle.importKey( const keyMaterial = await crypto.subtle.importKey(
'raw', 'raw',
@ -350,15 +358,28 @@ export class WebAuthnService {
); );
// Déchiffrer // Déchiffrer
const decrypted = await crypto.subtle.decrypt( console.log('🔐 Attempting AES-GCM decryption...');
{ name: 'AES-GCM', iv: iv }, try {
cryptoKey, const decrypted = await crypto.subtle.decrypt(
encryptedData { name: 'AES-GCM', iv: iv },
); cryptoKey,
encryptedData
);
const decryptedKey = new TextDecoder().decode(decrypted); const decryptedKey = new TextDecoder().decode(decrypted);
console.log('🔐 PBKDF2 key decrypted with WebAuthn'); console.log('🔐 PBKDF2 key decrypted with WebAuthn successfully');
return decryptedKey; return decryptedKey;
} catch (decryptError) {
console.error('❌ Decryption failed:', decryptError);
console.error('❌ Decryption error details:', {
errorName: decryptError instanceof Error ? decryptError.name : 'Unknown',
errorMessage: decryptError instanceof Error ? decryptError.message : String(decryptError),
credentialId: credentialId,
iv: Array.from(iv),
salt: Array.from(salt)
});
throw decryptError;
}
} catch (error) { } catch (error) {
secureLogger.error('Failed to retrieve PBKDF2 key with WebAuthn', error as Error, { secureLogger.error('Failed to retrieve PBKDF2 key with WebAuthn', error as Error, {