update vault timeout service with new crypto service

2025-02-25 02:51:59 +01:00 · 2023-05-30 13:11:10 -04:00 · 2023-05-30 13:11:10 -04:00 · 46abba2135
commit 46abba2135
parent ffc23bfcdb
3 changed files with 15 additions and 6 deletions
--- a/libs/common/src/platform/abstractions/crypto.service.ts
+++ b/libs/common/src/platform/abstractions/crypto.service.ts
@ -34,6 +34,7 @@ export abstract class CryptoService {
    kdf: KdfType,
    KdfConfig: KdfConfig
  ) => Promise<MasterKey>;
+  clearMasterKey: (userId?: string) => Promise<void>;
  encryptUserSymKeyWithMasterKey: (
    masterKey: MasterKey,
    userSymKey?: UserSymKey
--- a/libs/common/src/platform/services/crypto.service.ts
+++ b/libs/common/src/platform/services/crypto.service.ts
@ -66,7 +66,7 @@ export class CryptoService implements CryptoServiceAbstraction {
   */
  async setUserKey(key: UserSymKey, userId?: string): Promise<void> {
    await this.stateService.setUserSymKey(key, { userId: userId });
-    // TODO: Should we include additional keys here? When we set the memory key from storage,
+    // TODO(Jake): Should we include additional keys here? When we set the memory key from storage,
    // it will reset the keys in storage as well
    await this.storeAdditionalKeys(key, userId);
  }
@ -181,7 +181,7 @@ export class CryptoService implements CryptoServiceAbstraction {
   * @param userId The desired user
   */
  async setUserSymKeyMasterKey(userSymKeyMasterKey: string, userId?: string): Promise<void> {
-    // TODO: is this the best way to handle this from the identity token?
+    // TODO(Jake): is this the best way to handle this from the identity token?
    await this.stateService.setUserSymKeyMasterKey(userSymKeyMasterKey, { userId: userId });
  }

@ -219,6 +219,14 @@ export class CryptoService implements CryptoServiceAbstraction {
    return (await this.makeKey(password, email, kdf, KdfConfig)) as MasterKey;
  }

+  /**
+   * Clears the user's master key
+   * @param userId The desired user
+   */
+  async clearMasterKey(userId?: string): Promise<void> {
+    await this.stateService.setMasterKey(null, { userId: userId });
+  }
+
  /**
   * Encrypts the existing (or provided) user symmetric key with the
   * provided master key
@ -246,7 +254,7 @@ export class CryptoService implements CryptoServiceAbstraction {
      throw new Error("No Master Key found.");
    }

-    // TODO: Do we need to let this be passed in as well?
+    // TODO(Jake): Do we need to let this be passed in as well?
    const userSymKeyMasterKey = await this.stateService.getUserSymKeyMasterKey({ userId: userId });
    if (userSymKeyMasterKey == null) {
      throw new Error("No User Key found.");
@ -266,7 +274,7 @@ export class CryptoService implements CryptoServiceAbstraction {
      return null;
    }

-    // TODO: Do we want to set the user key here?
+    // TODO(Jake): Do we want to set the user key here?
    return new SymmetricCryptoKey(decUserKey) as UserSymKey;
  }

--- a/libs/common/src/services/vaultTimeout/vaultTimeout.service.ts
+++ b/libs/common/src/services/vaultTimeout/vaultTimeout.service.ts
@ -87,10 +87,10 @@ export class VaultTimeoutService implements VaultTimeoutServiceAbstraction {
    await this.stateService.setEverBeenUnlocked(true, { userId: userId });
    await this.stateService.setCryptoMasterKeyAuto(null, { userId: userId });

-    await this.cryptoService.clearKey(false, userId);
+    await this.cryptoService.clearUserKey(false, userId);
+    await this.cryptoService.clearMasterKey(userId);
    await this.cryptoService.clearOrgKeys(true, userId);
    await this.cryptoService.clearKeyPair(true, userId);
-    await this.cryptoService.clearEncKey(true, userId);

    await this.cipherService.clearCache(userId);
    await this.collectionService.clearCache(userId);