Ps/pm-8003/handle-dekstop-invalidated-message-encryption (#9181) (#9194)

* Do not initialize symmetric crypto keys with null * Require new message on invalid native message encryption Handling of this error is to require the user to retry, so the promise needs to resolve. Co-authored-by: Matt Gibson <mgibson@bitwarden.com>
2024-05-15 13:10:25 -04:00 · 2024-05-15 13:10:25 -04:00 · 6189491dde
parent 431e909f9b
commit 6189491dde
2 changed files with 12 additions and 3 deletions
--- a/apps/browser/src/background/nativeMessaging.background.ts
+++ b/apps/browser/src/background/nativeMessaging.background.ts
@ -167,6 +167,11 @@ export class NativeMessagingBackground {
              cancelButtonText: null,
              type: "danger",
            });
+
+            if (this.resolver) {
+              this.resolver(message);
+            }
+
            break;
          case "verifyFingerprint": {
            if (this.sharedSecret == null) {
--- a/apps/desktop/src/platform/services/electron-crypto.service.ts
+++ b/apps/desktop/src/platform/services/electron-crypto.service.ts
@ -89,7 +89,9 @@ export class ElectronCryptoService extends CryptoService {
    if (keySuffix === KeySuffixOptions.Biometric) {
      await this.migrateBiometricKeyIfNeeded(userId);
      const userKey = await this.stateService.getUserKeyBiometric({ userId: userId });
-      return new SymmetricCryptoKey(Utils.fromB64ToArray(userKey)) as UserKey;
+      return userKey == null
+        ? null
+        : (new SymmetricCryptoKey(Utils.fromB64ToArray(userKey)) as UserKey);
    }
    return await super.getKeyFromStorage(keySuffix, userId);
  }
@ -166,7 +168,9 @@ export class ElectronCryptoService extends CryptoService {
      // decrypt
      const masterKey = new SymmetricCryptoKey(Utils.fromB64ToArray(oldBiometricKey)) as MasterKey;
      userId ??= (await firstValueFrom(this.accountService.activeAccount$))?.id;
-      const encUserKeyPrim = await this.stateService.getEncryptedCryptoSymmetricKey();
+      const encUserKeyPrim = await this.stateService.getEncryptedCryptoSymmetricKey({
+        userId: userId,
+      });
      const encUserKey =
        encUserKeyPrim != null
          ? new EncString(encUserKeyPrim)
@ -174,7 +178,7 @@ export class ElectronCryptoService extends CryptoService {
      if (!encUserKey) {
        throw new Error("No user key found during biometric migration");
      }
-      const userKey = await this.decryptUserKeyWithMasterKey(masterKey, encUserKey);
+      const userKey = await this.decryptUserKeyWithMasterKey(masterKey, encUserKey, userId);
      // migrate
      await this.storeBiometricKey(userKey, userId);
      await this.stateService.setCryptoMasterKeyBiometric(null, { userId });