Update sdk to build 403 and move webcrypto rsa to use sdk rsa extract public key (#17771)

2025-12-06 00:13:28 +00:00 · 2025-12-02 14:39:32 +01:00
parent 2e8faa9994
commit 049acf1e12
4 changed files with 28 additions and 32 deletions
--- a/libs/common/src/key-management/crypto/services/web-crypto-function.service.spec.ts
+++ b/libs/common/src/key-management/crypto/services/web-crypto-function.service.spec.ts
@@ -1,12 +1,20 @@
 import { mock } from "jest-mock-extended";

 import { PlatformUtilsService } from "../../../platform/abstractions/platform-utils.service";
+import { SdkLoadService } from "../../../platform/abstractions/sdk/sdk-load.service";
 import { Utils } from "../../../platform/misc/utils";
 import { EcbDecryptParameters } from "../../../platform/models/domain/decrypt-parameters";
 import { SymmetricCryptoKey } from "../../../platform/models/domain/symmetric-crypto-key";

 import { WebCryptoFunctionService } from "./web-crypto-function.service";

+class TestSdkLoadService extends SdkLoadService {
+  protected override load(): Promise<void> {
+    // Simulate successful WASM load
+    return Promise.resolve();
+  }
+}
+
 const RsaPublicKey =
  "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl0Vawl/toXzkEvB82FEtqHP" +
  "4xlU2ab/v0crqIfXfIoWF/XXdHGIdrZeilnRXPPJT1B9dTsasttEZNnua/0Rek/cjNDHtzT52irfoZYS7X6HNIfOi54Q+egP" +
@@ -40,6 +48,10 @@ const Sha512Mac =
  "5ea7817a0b7c5d4d9b00364ccd214669131fc17fe4aca";

 describe("WebCrypto Function Service", () => {
+  beforeAll(async () => {
+    await new TestSdkLoadService().loadAndInit();
+  });
+
  describe("pbkdf2", () => {
    const regular256Key = "pj9prw/OHPleXI6bRdmlaD+saJS4awrMiQsQiDjeu2I=";
    const utf8256Key = "yqvoFXgMRmHR3QPYr5pyR4uVuoHkltv9aHUP63p8n7I=";
--- a/libs/common/src/key-management/crypto/services/web-crypto-function.service.ts
+++ b/libs/common/src/key-management/crypto/services/web-crypto-function.service.ts
@@ -1,5 +1,8 @@
 import * as forge from "node-forge";

+import { SdkLoadService } from "@bitwarden/common/platform/abstractions/sdk/sdk-load.service";
+import { PureCrypto } from "@bitwarden/sdk-internal";
+
 import { EncryptionType } from "../../../platform/enums";
 import { Utils } from "../../../platform/misc/utils";
 import {
@@ -289,28 +292,9 @@ export class WebCryptoFunctionService implements CryptoFunctionService {
    return new Uint8Array(buffer);
  }

-  async rsaExtractPublicKey(privateKey: Uint8Array): Promise<Uint8Array> {
-    const rsaParams = {
-      name: "RSA-OAEP",
-      // Have to specify some algorithm
-      hash: { name: this.toWebCryptoAlgorithm("sha1") },
-    };
-    const impPrivateKey = await this.subtle.importKey("pkcs8", privateKey, rsaParams, true, [
-      "decrypt",
-    ]);
-    const jwkPrivateKey = await this.subtle.exportKey("jwk", impPrivateKey);
-    const jwkPublicKeyParams = {
-      kty: "RSA",
-      e: jwkPrivateKey.e,
-      n: jwkPrivateKey.n,
-      alg: "RSA-OAEP",
-      ext: true,
-    };
-    const impPublicKey = await this.subtle.importKey("jwk", jwkPublicKeyParams, rsaParams, true, [
-      "encrypt",
-    ]);
-    const buffer = await this.subtle.exportKey("spki", impPublicKey);
-    return new Uint8Array(buffer) as UnsignedPublicKey;
+  async rsaExtractPublicKey(privateKey: Uint8Array): Promise<UnsignedPublicKey> {
+    await SdkLoadService.Ready;
+    return PureCrypto.rsa_extract_public_key(privateKey) as UnsignedPublicKey;
  }

  async aesGenerateKey(bitLength = 128 | 192 | 256 | 512): Promise<CsprngArray> {
--- a/package-lock.json
+++ b/package-lock.json
@@ -23,8 +23,8 @@
        "@angular/platform-browser": "20.3.15",
        "@angular/platform-browser-dynamic": "20.3.15",
        "@angular/router": "20.3.15",
-        "@bitwarden/commercial-sdk-internal": "0.2.0-main.395",
-        "@bitwarden/sdk-internal": "0.2.0-main.395",
+        "@bitwarden/commercial-sdk-internal": "0.2.0-main.403",
+        "@bitwarden/sdk-internal": "0.2.0-main.403",
        "@electron/fuses": "1.8.0",
        "@emotion/css": "11.13.5",
        "@koa/multer": "4.0.0",
@@ -4615,9 +4615,9 @@
      "link": true
    },
    "node_modules/@bitwarden/commercial-sdk-internal": {
-      "version": "0.2.0-main.395",
-      "resolved": "https://registry.npmjs.org/@bitwarden/commercial-sdk-internal/-/commercial-sdk-internal-0.2.0-main.395.tgz",
-      "integrity": "sha512-DrxL3iA29hzWpyxPyZjiXx0m+EHOgk4CVb+BAi2SoxsacmyHYuTgXuASFMieRz2rv85wS3UR0N64Ok9lC+xNYA==",
+      "version": "0.2.0-main.403",
+      "resolved": "https://registry.npmjs.org/@bitwarden/commercial-sdk-internal/-/commercial-sdk-internal-0.2.0-main.403.tgz",
+      "integrity": "sha512-M2ZUu29oua7CaDTNK7mCwY7PhaIUbNYogAAvxLOmkJuyHNxxqvS9usjjlD2CkQVNBeTUFqvAQpaZQo9vgzEEFA==",
      "license": "BITWARDEN SOFTWARE DEVELOPMENT KIT LICENSE AGREEMENT",
      "dependencies": {
        "type-fest": "^4.41.0"
@@ -4720,9 +4720,9 @@
      "link": true
    },
    "node_modules/@bitwarden/sdk-internal": {
-      "version": "0.2.0-main.395",
-      "resolved": "https://registry.npmjs.org/@bitwarden/sdk-internal/-/sdk-internal-0.2.0-main.395.tgz",
-      "integrity": "sha512-biExeL2Grp11VQjjK6QM16+WOYk87mTgUhYKFm+Bu/A0zZBzhL/6AocpA9h2T5M8rLCGVVJVUMaXUW3YrSTqEA==",
+      "version": "0.2.0-main.403",
+      "resolved": "https://registry.npmjs.org/@bitwarden/sdk-internal/-/sdk-internal-0.2.0-main.403.tgz",
+      "integrity": "sha512-ROEZdTbeKU68kDh9WYm9wKsLQD5jdTRclXLKl8x0aTj+Tx0nKyyXmLyUfOP+qh3EHIetij4jwPx2z3uS+7r8mg==",
      "license": "GPL-3.0",
      "dependencies": {
        "type-fest": "^4.41.0"
--- a/package.json
+++ b/package.json
@@ -157,8 +157,8 @@
    "@angular/platform-browser": "20.3.15",
    "@angular/platform-browser-dynamic": "20.3.15",
    "@angular/router": "20.3.15",
-    "@bitwarden/sdk-internal": "0.2.0-main.395",
-    "@bitwarden/commercial-sdk-internal": "0.2.0-main.395",
+    "@bitwarden/sdk-internal": "0.2.0-main.403",
+    "@bitwarden/commercial-sdk-internal": "0.2.0-main.403",
    "@electron/fuses": "1.8.0",
    "@emotion/css": "11.13.5",
    "@koa/multer": "4.0.0",