fix cli crypto service calls

2024-09-28 04:08:47 +02:00 · 2023-06-20 11:49:54 -04:00 · 2023-06-20 11:49:54 -04:00 · d16f76524c
commit d16f76524c
parent 690e9ffc4a
5 changed files with 36 additions and 10 deletions
--- a/apps/cli/src/bw.ts
+++ b/apps/cli/src/bw.ts
@ -334,7 +334,7 @@ export class Main {
    );

    const lockedCallback = async () =>
-      await this.cryptoService.clearStoredKey(KeySuffixOptions.Auto);
+      await this.cryptoService.clearStoredUserKey(KeySuffixOptions.Auto);

    this.vaultTimeoutSettingsService = new VaultTimeoutSettingsService(
      this.cryptoService,
--- a/apps/cli/src/commands/serve.command.ts
+++ b/apps/cli/src/commands/serve.command.ts
@ -421,11 +421,14 @@ export class ServeCommand {
      this.processResponse(res, Response.error("You are not logged in."));
      return true;
    }
-    if (await this.main.cryptoService.hasKeyInMemory()) {
+    if (await this.main.cryptoService.hasUserKeyInMemory()) {
      return false;
-    } else if (await this.main.cryptoService.hasKeyStored(KeySuffixOptions.Auto)) {
+    } else if (await this.main.cryptoService.hasUserKeyStored(KeySuffixOptions.Auto)) {
      // load key into memory
-      await this.main.cryptoService.getKey();
+      const userAutoKey = await this.main.cryptoService.getUserKeyFromStorage(
+        KeySuffixOptions.Auto
+      );
+      await this.main.cryptoService.setUserKey(userAutoKey);
      return false;
    }
    this.processResponse(res, Response.error("Vault is locked."));
--- a/apps/cli/src/program.ts
+++ b/apps/cli/src/program.ts
@ -597,11 +597,14 @@ export class Program {

  protected async exitIfLocked() {
    await this.exitIfNotAuthed();
-    if (await this.main.cryptoService.hasKeyInMemory()) {
+    if (await this.main.cryptoService.hasUserKeyInMemory()) {
      return;
-    } else if (await this.main.cryptoService.hasKeyStored(KeySuffixOptions.Auto)) {
+    } else if (await this.main.cryptoService.hasUserKeyStored(KeySuffixOptions.Auto)) {
      // load key into memory
-      await this.main.cryptoService.getKey();
+      const userAutoKey = await this.main.cryptoService.getUserKeyFromStorage(
+        KeySuffixOptions.Auto
+      );
+      await this.main.cryptoService.setUserKey(userAutoKey);
    } else if (process.env.BW_NOINTERACTION !== "true") {
      // must unlock
      if (await this.main.keyConnectorService.getUsesKeyConnector()) {
--- a/libs/common/src/platform/abstractions/crypto.service.ts
+++ b/libs/common/src/platform/abstractions/crypto.service.ts
@ -82,6 +82,12 @@ export abstract class CryptoService {
   * @param userId The desired user
   */
  clearUserKey: (clearSecretStorage?: boolean, userId?: string) => Promise<void>;
+  /**
+   * Clears the user's stored version of the user symmetric key
+   * @param keySuffix The desired version of the key to clear
+   * @param userId The desired user
+   */
+  clearStoredUserKey: (keySuffix: KeySuffixOptions, userId?: string) => Promise<void>;
  /**
   * Stores the master key encrypted user symmetric key
   * @param userSymKeyMasterKey The master key encrypted user symmetric key to set
--- a/libs/common/src/platform/services/crypto.service.ts
+++ b/libs/common/src/platform/services/crypto.service.ts
@ -76,7 +76,7 @@ export class CryptoService implements CryptoServiceAbstraction {
    if (userKey != null) {
      if (!(await this.validateUserKey(userKey))) {
        this.logService.warning("Wrong key, throwing away stored key");
-        await this.clearStoredUserKeys(userId);
+        await this.clearAllStoredUserKeys(userId);
        return null;
      }

@ -121,7 +121,21 @@ export class CryptoService implements CryptoServiceAbstraction {
  async clearUserKey(clearStoredKeys = true, userId?: string): Promise<void> {
    await this.stateService.setUserSymKey(null, { userId: userId });
    if (clearStoredKeys) {
-      await this.clearStoredUserKeys(userId);
+      await this.clearAllStoredUserKeys(userId);
+    }
+  }
+
+  async clearStoredUserKey(keySuffix: KeySuffixOptions, userId?: string): Promise<void> {
+    switch (keySuffix) {
+      case KeySuffixOptions.Auto:
+        this.stateService.setUserSymKeyAuto(null, { userId: userId });
+        break;
+      case KeySuffixOptions.Biometric:
+        this.stateService.setUserSymKeyBiometric(null, { userId: userId });
+        break;
+      case KeySuffixOptions.Pin:
+        this.stateService.setUserSymKeyPinEphemeral(null, { userId: userId });
+        break;
    }
  }

@ -813,7 +827,7 @@ export class CryptoService implements CryptoServiceAbstraction {
    return [new SymmetricCryptoKey(newSymKey) as T, protectedSymKey];
  }

-  private async clearStoredUserKeys(userId?: string): Promise<void> {
+  private async clearAllStoredUserKeys(userId?: string): Promise<void> {
    await this.stateService.setUserSymKeyAuto(null, { userId: userId });
    await this.stateService.setUserSymKeyBiometric(null, { userId: userId });
    await this.stateService.setUserSymKeyPinEphemeral(null, { userId: userId });