Added GetOrDeriveMasterKey to UserVerificationService (#2808)

2023-10-03 12:54:22 +01:00 · 2023-10-03 12:54:22 +01:00 · f2be840a7d
parent 685e0f407a
commit f2be840a7d
4 changed files with 16 additions and 8 deletions
--- a/src/App/Services/MobilePasswordRepromptService.cs
+++ b/src/App/Services/MobilePasswordRepromptService.cs
@ -51,13 +51,7 @@ namespace Bit.App.Services
            {
                await AppHelpers.ResetInvalidUnlockAttemptsAsync();

-                var userKey = await _cryptoService.DecryptUserKeyWithMasterKeyAsync(masterKey);
-                await _cryptoService.SetMasterKeyAsync(masterKey);
-                var hasKey = await _cryptoService.HasUserKeyAsync();
-                if (!hasKey)
-                {
-                    await _cryptoService.SetUserKeyAsync(userKey);
-                }
+                await _cryptoService.UpdateMasterKeyAndUserKeyAsync(masterKey);
            }

            return passwordValid;
--- a/src/Core/Abstractions/ICryptoService.cs
+++ b/src/Core/Abstractions/ICryptoService.cs
@ -62,5 +62,6 @@ namespace Bit.Core.Abstractions
        Task<EncByteArray> EncryptToBytesAsync(byte[] plainValue, SymmetricCryptoKey key = null);
        Task<UserKey> DecryptAndMigrateOldPinKeyAsync(bool masterPasswordOnRestart, string pin, string email, KdfConfig kdfConfig, EncString oldPinKey);
        Task<MasterKey> GetOrDeriveMasterKeyAsync(string password, string userId = null);
+        Task UpdateMasterKeyAndUserKeyAsync(MasterKey masterKey);
    }
 }
--- a/src/Core/Services/CryptoService.cs
+++ b/src/Core/Services/CryptoService.cs
@ -719,6 +719,17 @@ namespace Bit.Core.Services
                await _stateService.GetActiveUserCustomDataAsync(a => new KdfConfig(a?.Profile)));
        }

+        public async Task UpdateMasterKeyAndUserKeyAsync(MasterKey masterKey)
+        {
+            var userKey = await DecryptUserKeyWithMasterKeyAsync(masterKey);
+            await SetMasterKeyAsync(masterKey);
+            var hasKey = await HasUserKeyAsync();
+            if (!hasKey)
+            {
+                await SetUserKeyAsync(userKey);
+            }
+        }
+
        // --HELPER METHODS--

        private async Task StoreAdditionalKeysAsync(UserKey userKey, string userId = null)
--- a/src/Core/Services/UserVerificationService.cs
+++ b/src/Core/Services/UserVerificationService.cs
@ -48,12 +48,14 @@ namespace Bit.Core.Services
            }
            else
            {
-                var passwordValid = await _cryptoService.CompareAndUpdateKeyHashAsync(secret, null);
+                var masterKey = await _cryptoService.GetOrDeriveMasterKeyAsync(secret);
+                var passwordValid = await _cryptoService.CompareAndUpdateKeyHashAsync(secret, masterKey);
                if (!passwordValid)
                {
                    await InvalidSecretErrorAsync(verificationType);
                    return false;
                }
+                await _cryptoService.UpdateMasterKeyAndUserKeyAsync(masterKey);
            }

            return true;