Upstream/bitwarden-browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser.git synced 2025-02-08 00:01:28 +01:00
Code Issues Projects Releases Wiki Activity

[PM-5499] Use public key for approving auth requests (#8110)

Browse Source 
* change key check to public key check

* use public key for encryption

* fix tests
This commit is contained in:
Jake Fink 2024-02-27 11:28:50 -05:00 committed by GitHub
parent d36f0ce426
commit 5a1f09a568
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 12 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
libs/auth/src/common/services/auth-request/auth-request.service.spec.ts
View File

@ -39,12 +39,12 @@ describe("AuthRequestService", () => {
}); });
it("should throw if auth request is missing id or key", async () => { it("should throw if auth request is missing id or key", async () => {
const authRequestNoId = new AuthRequestResponse({ id: "", key: "KEY" }); const authRequestNoId = new AuthRequestResponse({ id: "", key: "KEY" });
const authRequestNoKey = new AuthRequestResponse({ id: "123", key: "" }); const authRequestNoPublicKey = new AuthRequestResponse({ id: "123", publicKey: "" });
await expect(sut.approveOrDenyAuthRequest(true, authRequestNoId)).rejects.toThrow( await expect(sut.approveOrDenyAuthRequest(true, authRequestNoId)).rejects.toThrow(
"Auth request has no id", "Auth request has no id",
); );
await expect(sut.approveOrDenyAuthRequest(true, authRequestNoKey)).rejects.toThrow( await expect(sut.approveOrDenyAuthRequest(true, authRequestNoPublicKey)).rejects.toThrow(
"Auth request has no public key", "Auth request has no public key",
); );
}); });
@ -53,7 +53,10 @@ describe("AuthRequestService", () => {
cryptoService.getMasterKey.mockResolvedValueOnce({ encKey: new Uint8Array(64) } as MasterKey); cryptoService.getMasterKey.mockResolvedValueOnce({ encKey: new Uint8Array(64) } as MasterKey);
stateService.getKeyHash.mockResolvedValueOnce("KEY_HASH"); stateService.getKeyHash.mockResolvedValueOnce("KEY_HASH");
await sut.approveOrDenyAuthRequest(true, new AuthRequestResponse({ id: "123", key: "KEY" })); await sut.approveOrDenyAuthRequest(
true,
new AuthRequestResponse({ id: "123", publicKey: "KEY" }),
);
expect(cryptoService.rsaEncrypt).toHaveBeenCalledWith(new Uint8Array(64), expect.anything()); expect(cryptoService.rsaEncrypt).toHaveBeenCalledWith(new Uint8Array(64), expect.anything());
}); });
@ -61,7 +64,10 @@ describe("AuthRequestService", () => {
it("should use the user key if the master key and hash do not exist", async () => { it("should use the user key if the master key and hash do not exist", async () => {
cryptoService.getUserKey.mockResolvedValueOnce({ key: new Uint8Array(64) } as UserKey); cryptoService.getUserKey.mockResolvedValueOnce({ key: new Uint8Array(64) } as UserKey);
await sut.approveOrDenyAuthRequest(true, new AuthRequestResponse({ id: "123", key: "KEY" })); await sut.approveOrDenyAuthRequest(
true,
new AuthRequestResponse({ id: "123", publicKey: "KEY" }),
);
expect(cryptoService.rsaEncrypt).toHaveBeenCalledWith(new Uint8Array(64), expect.anything()); expect(cryptoService.rsaEncrypt).toHaveBeenCalledWith(new Uint8Array(64), expect.anything());
}); });

4
libs/auth/src/common/services/auth-request/auth-request.service.ts
View File

@ -25,10 +25,10 @@ export class AuthRequestService implements AuthRequestServiceAbstraction {
if (!authRequest.id) { if (!authRequest.id) {
throw new Error("Auth request has no id"); throw new Error("Auth request has no id");
} }
if (!authRequest.key) { if (!authRequest.publicKey) {
throw new Error("Auth request has no public key"); throw new Error("Auth request has no public key");
} }
const pubKey = Utils.fromB64ToArray(authRequest.key); const pubKey = Utils.fromB64ToArray(authRequest.publicKey);
const masterKey = await this.cryptoService.getMasterKey(); const masterKey = await this.cryptoService.getMasterKey();
const masterKeyHash = await this.stateService.getKeyHash(); const masterKeyHash = await this.stateService.getKeyHash();