Update sdk to build 403 and move webcrypto rsa to use sdk rsa extract public key (#17771)

2025-12-06 00:13:28 +00:00 · 2025-12-02 14:39:32 +01:00
parent 2e8faa9994
commit 049acf1e12
4 changed files with 28 additions and 32 deletions
--- a/libs/common/src/key-management/crypto/services/web-crypto-function.service.spec.ts
+++ b/libs/common/src/key-management/crypto/services/web-crypto-function.service.spec.ts
@@ -1,12 +1,20 @@
 import { mock } from "jest-mock-extended";

 import { PlatformUtilsService } from "../../../platform/abstractions/platform-utils.service";
+import { SdkLoadService } from "../../../platform/abstractions/sdk/sdk-load.service";
 import { Utils } from "../../../platform/misc/utils";
 import { EcbDecryptParameters } from "../../../platform/models/domain/decrypt-parameters";
 import { SymmetricCryptoKey } from "../../../platform/models/domain/symmetric-crypto-key";

 import { WebCryptoFunctionService } from "./web-crypto-function.service";

+class TestSdkLoadService extends SdkLoadService {
+  protected override load(): Promise<void> {
+    // Simulate successful WASM load
+    return Promise.resolve();
+  }
+}
+
 const RsaPublicKey =
  "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0Vawl/toXzkEvB82FEtqHP" +
  "4xlU2ab/v0crqIfXfIoWF/XXdHGIdrZeilnRXPPJT1B9dTsasttEZNnua/0Rek/cjNDHtzT52irfoZYS7X6HNIfOi54Q+egP" +
@@ -40,6 +48,10 @@ const Sha512Mac =
  "5ea7817a0b7c5d4d9b00364ccd214669131fc17fe4aca";

 describe("WebCrypto Function Service", () => {
+  beforeAll(async () => {
+    await new TestSdkLoadService().loadAndInit();
+  });
+
  describe("pbkdf2", () => {
    const regular256Key = "pj9prw/OHPleXI6bRdmlaD+saJS4awrMiQsQiDjeu2I=";
    const utf8256Key = "yqvoFXgMRmHR3QPYr5pyR4uVuoHkltv9aHUP63p8n7I=";
--- a/libs/common/src/key-management/crypto/services/web-crypto-function.service.ts
+++ b/libs/common/src/key-management/crypto/services/web-crypto-function.service.ts
@@ -1,5 +1,8 @@
 import * as forge from "node-forge";

+import { SdkLoadService } from "@bitwarden/common/platform/abstractions/sdk/sdk-load.service";
+import { PureCrypto } from "@bitwarden/sdk-internal";
+
 import { EncryptionType } from "../../../platform/enums";
 import { Utils } from "../../../platform/misc/utils";
 import {
@@ -289,28 +292,9 @@ export class WebCryptoFunctionService implements CryptoFunctionService {
    return new Uint8Array(buffer);
  }

-  async rsaExtractPublicKey(privateKey: Uint8Array): Promise<Uint8Array> {
-    const rsaParams = {
-      name: "RSA-OAEP",
-      // Have to specify some algorithm
-      hash: { name: this.toWebCryptoAlgorithm("sha1") },
-    };
-    const impPrivateKey = await this.subtle.importKey("pkcs8", privateKey, rsaParams, true, [
-      "decrypt",
-    ]);
-    const jwkPrivateKey = await this.subtle.exportKey("jwk", impPrivateKey);
-    const jwkPublicKeyParams = {
-      kty: "RSA",
-      e: jwkPrivateKey.e,
-      n: jwkPrivateKey.n,
-      alg: "RSA-OAEP",
-      ext: true,
-    };
-    const impPublicKey = await this.subtle.importKey("jwk", jwkPublicKeyParams, rsaParams, true, [
-      "encrypt",
-    ]);
-    const buffer = await this.subtle.exportKey("spki", impPublicKey);
-    return new Uint8Array(buffer) as UnsignedPublicKey;
+  async rsaExtractPublicKey(privateKey: Uint8Array): Promise<UnsignedPublicKey> {
+    await SdkLoadService.Ready;
+    return PureCrypto.rsa_extract_public_key(privateKey) as UnsignedPublicKey;
  }

  async aesGenerateKey(bitLength = 128 | 192 | 256 | 512): Promise<CsprngArray> {