From 5e24a70a87345f2689ef310c06a7a7f0686e0af8 Mon Sep 17 00:00:00 2001 From: Matt Gibson Date: Mon, 21 Jun 2021 18:47:44 -0400 Subject: [PATCH] Vault should be locked if key is not in memory (#413) Key is loaded on startup if auto key exists. --- angular/src/components/lock.component.ts | 1 - common/src/abstractions/vaultTimeout.service.ts | 1 - common/src/services/vaultTimeout.service.ts | 13 +++---------- 3 files changed, 3 insertions(+), 12 deletions(-) diff --git a/angular/src/components/lock.component.ts b/angular/src/components/lock.component.ts index 1afaf13a2b..6dd8ddc2a2 100644 --- a/angular/src/components/lock.component.ts +++ b/angular/src/components/lock.component.ts @@ -182,7 +182,6 @@ export class LockComponent implements OnInit { private async doContinue() { this.vaultTimeoutService.biometricLocked = false; this.vaultTimeoutService.everBeenUnlocked = true; - this.vaultTimeoutService.manuallyOrTimerLocked = false; const disableFavicon = await this.storageService.get(ConstantsService.disableFaviconKey); await this.stateService.save(ConstantsService.disableFaviconKey, !!disableFavicon); this.messagingService.send('unlocked'); diff --git a/common/src/abstractions/vaultTimeout.service.ts b/common/src/abstractions/vaultTimeout.service.ts index 719acf3b71..d709d363b3 100644 --- a/common/src/abstractions/vaultTimeout.service.ts +++ b/common/src/abstractions/vaultTimeout.service.ts @@ -2,7 +2,6 @@ import { EncString } from '../models/domain/encString'; export abstract class VaultTimeoutService { biometricLocked: boolean; - manuallyOrTimerLocked: boolean; everBeenUnlocked: boolean; pinProtectedKey: EncString; isLocked: () => Promise; diff --git a/common/src/services/vaultTimeout.service.ts b/common/src/services/vaultTimeout.service.ts index 1a66024294..b08ed1d205 100644 --- a/common/src/services/vaultTimeout.service.ts +++ b/common/src/services/vaultTimeout.service.ts @@ -18,7 +18,6 @@ export class VaultTimeoutService implements VaultTimeoutServiceAbstraction { pinProtectedKey: EncString = null; biometricLocked: boolean = true; everBeenUnlocked: boolean = false; - manuallyOrTimerLocked: boolean = false; private inited = false; @@ -48,17 +47,12 @@ export class VaultTimeoutService implements VaultTimeoutServiceAbstraction { // Keys aren't stored for a device that is locked or logged out. async isLocked(): Promise { + // Handle never lock startup situation if (await this.cryptoService.hasKeyStored('auto') && !this.everBeenUnlocked) { await this.cryptoService.getKey('auto'); } - const hasKey = await this.cryptoService.hasKey(); - if (hasKey) { - if ((await this.isBiometricLockSet() && this.biometricLocked) || this.manuallyOrTimerLocked) { - return true; - } - } - return !hasKey; + return !this.cryptoService.hasKeyInMemory(); } async checkVaultTimeout(): Promise { @@ -108,7 +102,7 @@ export class VaultTimeoutService implements VaultTimeoutServiceAbstraction { } this.biometricLocked = true; - this.manuallyOrTimerLocked = true; + this.everBeenUnlocked = true; await this.cryptoService.clearKey(false); await this.cryptoService.clearOrgKeys(true); await this.cryptoService.clearKeyPair(true); @@ -149,7 +143,6 @@ export class VaultTimeoutService implements VaultTimeoutServiceAbstraction { clear(): Promise { this.everBeenUnlocked = false; - this.manuallyOrTimerLocked = false; this.pinProtectedKey = null; return this.storageService.remove(ConstantsService.protectedPin); }