merge: origin/main (Dev-E keyfile-ext + D-minors) into org-foundation
A-vs-E keep-both integration in 3 security-sensitive SW files: - shared/messages.ts: kept E's attach_vault keyfile second-factor fields (secondFactor/referenceImageBytes?/keyfileBytes?) AND my 4 org message types. - vault.ts: registerDeviceAndPersistConfig auto-merged to take BOTH E's factorStorage (image|keyfile) AND my handle (Task 4.5 device-key persist); both create/attach call sites pass (factorStorage, deviceName, h) so each flow does E secret-gen AND my register+persist in one coherent path. - router/popup-only.ts: took E's 'unlock' -> handleUnlock refactor and moved my device-key restore + migration into handleUnlock's shared tail (after setCurrent, before manifest fetch) so it runs for both image + keyfile unlock. - keyfile-unlock.test.ts: makeWasm mock gains persist_device_key + restore_device_key stubs (the merged create/attach/unlock flow now calls them) — no assertion weakened. Gates: SW vitest 175/175 (18 files); cargo core+wasm 243/0; wasm32 build clean; clippy -D warnings clean; build:all clean. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Claude-Session: https://claude.ai/code/session_014s527M917W47LDrfQ4t47g
This commit is contained in:
@@ -101,7 +101,7 @@ pub fn unlock_with_secret(
|
||||
pub fn keyfile_encode(secret: &[u8]) -> Result<Vec<u8>, JsError> {
|
||||
let arr: &[u8; 32] = secret.try_into()
|
||||
.map_err(|_| JsError::new("secret must be exactly 32 bytes"))?;
|
||||
Ok(relicario_core::keyfile::keyfile_encode(arr))
|
||||
Ok(relicario_core::keyfile::keyfile_encode(arr).to_vec())
|
||||
}
|
||||
|
||||
/// Decode a `relicario-keyfile-v1` armored file, returning the raw 32-byte secret.
|
||||
|
||||
Reference in New Issue
Block a user