From 156c58fd94040653f43ad3e67f8dcae69d5b08eb Mon Sep 17 00:00:00 2001 From: Jacob Fink Date: Tue, 27 Jun 2023 09:52:06 -0400 Subject: [PATCH] clear deprecated keys when setting new user key --- .../src/platform/services/electron-crypto.service.ts | 1 + libs/angular/src/components/set-pin.component.ts | 2 +- libs/common/src/platform/abstractions/crypto.service.ts | 2 +- libs/common/src/platform/services/crypto.service.ts | 6 ++++-- .../services/vaultTimeout/vaultTimeoutSettings.service.ts | 2 +- 5 files changed, 8 insertions(+), 5 deletions(-) diff --git a/apps/desktop/src/platform/services/electron-crypto.service.ts b/apps/desktop/src/platform/services/electron-crypto.service.ts index ef616bef10..9dc3a5243c 100644 --- a/apps/desktop/src/platform/services/electron-crypto.service.ts +++ b/apps/desktop/src/platform/services/electron-crypto.service.ts @@ -36,6 +36,7 @@ export class ElectronCryptoService extends CryptoService { } else { await this.stateService.setUserKeyBiometric(null, { userId: userId }); } + await this.stateService.setCryptoMasterKeyBiometric(null, { userId: userId }); } protected override async getKeyFromStorage( diff --git a/libs/angular/src/components/set-pin.component.ts b/libs/angular/src/components/set-pin.component.ts index b2bdc18d70..0ef9ce9af0 100644 --- a/libs/angular/src/components/set-pin.component.ts +++ b/libs/angular/src/components/set-pin.component.ts @@ -50,7 +50,7 @@ export class SetPinComponent implements OnInit { } else { await this.stateService.setUserKeyPin(pinProtectedKey); } - await this.cryptoService.clearOldPinKeys(); + await this.cryptoService.clearDeprecatedPinKeys(); this.modalRef.close(true); } diff --git a/libs/common/src/platform/abstractions/crypto.service.ts b/libs/common/src/platform/abstractions/crypto.service.ts index 233ddb2365..f7d1f167ab 100644 --- a/libs/common/src/platform/abstractions/crypto.service.ts +++ b/libs/common/src/platform/abstractions/crypto.service.ts @@ -293,7 +293,7 @@ export abstract class CryptoService { * Clears the user's old pin keys from storage * @param userId The desired user */ - clearOldPinKeys: (userId?: string) => Promise; + clearDeprecatedPinKeys: (userId?: string) => Promise; /** * Decrypts the user key with their pin * @param pin The user's PIN diff --git a/libs/common/src/platform/services/crypto.service.ts b/libs/common/src/platform/services/crypto.service.ts index a9f5793319..ed097d1ad8 100644 --- a/libs/common/src/platform/services/crypto.service.ts +++ b/libs/common/src/platform/services/crypto.service.ts @@ -513,10 +513,10 @@ export class CryptoService implements CryptoServiceAbstraction { async clearPinProtectedKey(userId?: string): Promise { await this.stateService.setUserKeyPin(null, { userId: userId }); - await this.clearOldPinKeys(userId); + await this.clearDeprecatedPinKeys(userId); } - async clearOldPinKeys(userId?: string): Promise { + async clearDeprecatedPinKeys(userId?: string): Promise { await this.stateService.setEncryptedPinProtected(null, { userId: userId }); await this.stateService.setDecryptedPinProtected(null, { userId: userId }); } @@ -714,10 +714,12 @@ export class CryptoService implements CryptoServiceAbstraction { } else { await this.stateService.setUserKeyAuto(null, { userId: userId }); } + await this.stateService.setCryptoMasterKeyAuto(null, { userId: userId }); const storePin = await this.shouldStoreKey(KeySuffixOptions.Pin, userId); if (storePin) { await this.storePinKey(key); + await this.clearDeprecatedPinKeys(userId); } else { await this.stateService.setUserKeyPin(null, { userId: userId }); } diff --git a/libs/common/src/services/vaultTimeout/vaultTimeoutSettings.service.ts b/libs/common/src/services/vaultTimeout/vaultTimeoutSettings.service.ts index d2a190504a..6e5c3bc1e6 100644 --- a/libs/common/src/services/vaultTimeout/vaultTimeoutSettings.service.ts +++ b/libs/common/src/services/vaultTimeout/vaultTimeoutSettings.service.ts @@ -118,6 +118,6 @@ export class VaultTimeoutSettingsService implements VaultTimeoutSettingsServiceA await this.stateService.setEverBeenUnlocked(false, { userId: userId }); await this.stateService.setUserKeyPinEphemeral(null, { userId: userId }); await this.stateService.setProtectedPin(null, { userId: userId }); - await this.cryptoService.clearOldPinKeys(userId); + await this.cryptoService.clearDeprecatedPinKeys(userId); } }