Upstream/bitwarden-browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser.git synced 2025-02-02 23:11:40 +01:00
Code Issues Projects Releases Wiki Activity

finish migrate auto key if needed

Browse Source 
- migrate whenever retrieved from storage
- add back the user symmetric key toggle
This commit is contained in:
Jacob Fink 2023-06-08 13:13:00 -04:00
parent 7963d3c996
commit 56c750d375
No known key found for this signature in database
GPG Key ID: C2F7ACF05859D008
2 changed files with 29 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
libs/common/src/platform/abstractions/crypto.service.ts
View File

@ -17,6 +17,11 @@ export abstract class CryptoService {
getKeyForUserEncryption: (key?: SymmetricCryptoKey) => Promise<SymmetricCryptoKey>;
setUserKey: (key: UserSymKey) => Promise<void>;
/**
* Gets the user key from memory and sets it again,
* kicking off a refresh of any additional keys that are needed.
*/
toggleKey: () => Promise<void>;
getUserKeyFromMemory: (userId?: string) => Promise<UserSymKey>;
getUserKeyFromStorage: (
keySuffix: KeySuffixOptions.Auto | KeySuffixOptions.Biometric,
@ -117,5 +122,4 @@ export abstract class CryptoService {
setEncKey: (encKey: string) => Promise<void>;
hasEncKey: () => Promise<boolean>;
clearEncKey: (memoryOnly?: boolean, userId?: string) => Promise<any>;
toggleKey: () => Promise<any>;
}

41
libs/common/src/platform/services/crypto.service.ts
View File

@ -69,6 +69,11 @@ export class CryptoService implements CryptoServiceAbstraction {
await this.storeAdditionalKeys(key, userId);
}
async toggleKey(): Promise<void> {
const key = await this.getUserKeyFromMemory();
await this.setUserKey(key);
}
/**
* Retrieves the user's symmetric key
* @param keySuffix The desired version of the user's key to retrieve
@ -948,15 +953,8 @@ export class CryptoService implements CryptoServiceAbstraction {
let userKey: string;
switch (keySuffix) {
case KeySuffixOptions.Auto: {
// migrate if needed
const oldAutoKey = await this.stateService.getCryptoMasterKeyAuto({ userId: userId });
if (oldAutoKey) {
await this.stateService.setUserSymKeyAuto(oldAutoKey, { userId: userId });
await this.stateService.setCryptoMasterKeyAuto(null, { userId: userId });
userKey = oldAutoKey;
} else {
userKey = await this.stateService.getUserSymKeyAuto({ userId: userId });
}
await this.migrateAutoKeyIfNeeded(userId);
userKey = await this.stateService.getUserSymKeyAuto({ userId: userId });
break;
}
case KeySuffixOptions.Biometric: {
@ -967,6 +965,23 @@ export class CryptoService implements CryptoServiceAbstraction {
return new SymmetricCryptoKey(Utils.fromB64ToArray(userKey).buffer) as UserSymKey;
}
private async migrateAutoKeyIfNeeded(userId?: string) {
const oldAutoKey = await this.stateService.getCryptoMasterKeyAuto({ userId: userId });
if (oldAutoKey) {
// decrypt
const masterKey = new SymmetricCryptoKey(
Utils.fromB64ToArray(oldAutoKey).buffer
) as MasterKey;
const userSymKey = await this.decryptUserSymKeyWithMasterKey(
masterKey,
new EncString(await this.stateService.getEncryptedCryptoSymmetricKey())
);
// migrate
await this.stateService.setUserSymKeyAuto(userSymKey.keyB64, { userId: userId });
await this.stateService.setCryptoMasterKeyAuto(null, { userId: userId });
}
}
private async stretchKey(key: SymmetricCryptoKey): Promise<SymmetricCryptoKey> {
const newKey = new Uint8Array(64);
const encKey = await this.cryptoFunctionService.hkdfExpand(key.key, "enc", 32, "sha256");
@ -1192,12 +1207,4 @@ export class CryptoService implements CryptoServiceAbstraction {
await this.stateService.setEncryptedCryptoSymmetricKey(null, { userId: userId });
}
}
/**
* @deprecated we wouldn't be saving encrypted/decrypted versions of the user symmetric key
*/
async toggleKey(): Promise<any> {
// const key = await this.getKey();
// await this.setKey(key);
}
}