34626711eb
- Add automatic re-hashing of legacy SHA-256 PINs to Argon2id on successful verification, returning new hash to frontend for persistence - Use constant-time comparison (subtle::ConstantTimeEq) for both Argon2id and legacy SHA-256 hash verification - Add unit tests for hash_pin, verify_pin (Argon2id and legacy paths), re-hashing flow, error cases, and hex encoding roundtrip - Update frontend to handle VerifyPinResult struct and save rehashed PIN hash via profile update Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
45 lines
1.2 KiB
TypeScript
45 lines
1.2 KiB
TypeScript
import { invoke } from "@tauri-apps/api/core";
|
|
|
|
export interface Profile {
|
|
id: string;
|
|
name: string;
|
|
color: string;
|
|
pin_hash: string | null;
|
|
db_filename: string;
|
|
created_at: string;
|
|
}
|
|
|
|
export interface ProfilesConfig {
|
|
active_profile_id: string;
|
|
profiles: Profile[];
|
|
}
|
|
|
|
export async function loadProfiles(): Promise<ProfilesConfig> {
|
|
return invoke<ProfilesConfig>("load_profiles");
|
|
}
|
|
|
|
export async function saveProfiles(config: ProfilesConfig): Promise<void> {
|
|
return invoke("save_profiles", { config });
|
|
}
|
|
|
|
export async function deleteProfileDb(dbFilename: string): Promise<void> {
|
|
return invoke("delete_profile_db", { dbFilename });
|
|
}
|
|
|
|
export async function getNewProfileInitSql(): Promise<string[]> {
|
|
return invoke<string[]>("get_new_profile_init_sql");
|
|
}
|
|
|
|
export async function hashPin(pin: string): Promise<string> {
|
|
return invoke<string>("hash_pin", { pin });
|
|
}
|
|
|
|
export interface VerifyPinResult {
|
|
valid: boolean;
|
|
/** New Argon2id hash when a legacy SHA-256 PIN was re-hashed on successful verification */
|
|
rehashed: string | null;
|
|
}
|
|
|
|
export async function verifyPin(pin: string, storedHash: string): Promise<VerifyPinResult> {
|
|
return invoke<VerifyPinResult>("verify_pin", { pin, storedHash });
|
|
}
|