Upstream/bitwarden-browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser.git synced 2024-11-06 09:20:43 +01:00
Code Issues Projects Releases Wiki Activity

Use cryptoservice to compare key to local keyhash (#331)

Browse Source 
* Use cryptoservice to compare key to local keyhash

* Fix bugs

Co-authored-by: Thomas Rittson <trittson@bitwarden.com>
This commit is contained in:
Matt Gibson 2021-06-21 13:23:30 -04:00 committed by GitHub
parent 12b36557bd
commit 62b5a05c40
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 10 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
src/commands/unlock.command.ts
View File

@ -13,6 +13,8 @@ import { PasswordVerificationRequest } from 'jslib-common/models/request/passwor
import { Utils } from 'jslib-common/misc/utils';
import { HashPurpose } from 'jslib-common/enums/hashPurpose';
export class UnlockCommand {
constructor(private cryptoService: CryptoService, private userService: UserService,
private cryptoFunctionService: CryptoFunctionService, private apiService: ApiService) { }
@ -36,20 +38,22 @@ export class UnlockCommand {
const kdf = await this.userService.getKdf();
const kdfIterations = await this.userService.getKdfIterations();
const key = await this.cryptoService.makeKey(password, email, kdf, kdfIterations);
const keyHash = await this.cryptoService.hashPassword(password, key);
const storedKeyHash = await this.cryptoService.getKeyHash();
let passwordValid = false;
if (keyHash != null) {
const storedKeyHash = await this.cryptoService.getKeyHash();
if (key != null) {
if (storedKeyHash != null) {
passwordValid = storedKeyHash === keyHash;
passwordValid = await this.cryptoService.compareAndUpdateKeyHash(password, key);
} else {
const serverKeyHash = await this.cryptoService.hashPassword(password, key, HashPurpose.ServerAuthorization);
const request = new PasswordVerificationRequest();
request.masterPasswordHash = keyHash;
request.masterPasswordHash = serverKeyHash;
try {
await this.apiService.postAccountVerifyPassword(request);
passwordValid = true;
await this.cryptoService.setKeyHash(keyHash);
const localKeyHash = await this.cryptoService.hashPassword(password, key,
HashPurpose.LocalAuthorization);
await this.cryptoService.setKeyHash(localKeyHash);
} catch { }
}
}