[PM-8210] Discourage Active User in CryptoService (#9364)

* Add Helper For Preparing a Record For Use in `forkJoin` * Update & Test CryptoService Changes * Delete Unused Code * Update DeviceTrustService * Update CipherService * Make `userPublicKey$` Public * Rename convertValues File * Update libs/common/src/platform/abstractions/crypto.service.ts Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com> * Add `convertValues` Tests * Add Doc Comments * Convert to `function`'s Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com> * Fix Test Typos * Add param doc * Update Test Name * Add `@throws` Docs --------- Co-authored-by: Andreas Coroiu <acoroiu@bitwarden.com>
2025-12-17 16:53:34 +00:00 · 2024-05-31 12:10:23 -04:00
parent b784fe7593
commit 0e7ed8dd7f
14 changed files with 799 additions and 500 deletions
--- a/libs/common/src/platform/services/key-state/org-keys.state.ts
+++ b/libs/common/src/platform/services/key-state/org-keys.state.ts
@@ -1,10 +1,6 @@
 import { EncryptedOrganizationKeyData } from "../../../admin-console/models/data/encrypted-organization-key.data";
-import { BaseEncryptedOrganizationKey } from "../../../admin-console/models/domain/encrypted-organization-key";
-import { OrganizationId, ProviderId } from "../../../types/guid";
-import { OrgKey, ProviderKey, UserPrivateKey } from "../../../types/key";
-import { EncryptService } from "../../abstractions/encrypt.service";
-import { SymmetricCryptoKey } from "../../models/domain/symmetric-crypto-key";
-import { CRYPTO_DISK, CRYPTO_MEMORY, DeriveDefinition, UserKeyDefinition } from "../../state";
+import { OrganizationId } from "../../../types/guid";
+import { CRYPTO_DISK, UserKeyDefinition } from "../../state";

 export const USER_ENCRYPTED_ORGANIZATION_KEYS = UserKeyDefinition.record<
  EncryptedOrganizationKeyData,
@@ -13,42 +9,3 @@ export const USER_ENCRYPTED_ORGANIZATION_KEYS = UserKeyDefinition.record<
  deserializer: (obj) => obj,
  clearOn: ["logout"],
 });
-
-export const USER_ORGANIZATION_KEYS = new DeriveDefinition<
-  [
-    Record<OrganizationId, EncryptedOrganizationKeyData>,
-    UserPrivateKey,
-    Record<ProviderId, ProviderKey>,
-  ],
-  Record<OrganizationId, OrgKey>,
-  { encryptService: EncryptService }
->(CRYPTO_MEMORY, "organizationKeys", {
-  deserializer: (obj) => {
-    const result: Record<OrganizationId, OrgKey> = {};
-    for (const orgId of Object.keys(obj ?? {}) as OrganizationId[]) {
-      result[orgId] = SymmetricCryptoKey.fromJSON(obj[orgId]) as OrgKey;
-    }
-    return result;
-  },
-  derive: async ([encryptedOrgKeys, privateKey, providerKeys], { encryptService }) => {
-    const result: Record<OrganizationId, OrgKey> = {};
-    for (const orgId of Object.keys(encryptedOrgKeys ?? {}) as OrganizationId[]) {
-      if (result[orgId] != null) {
-        continue;
-      }
-      const encrypted = BaseEncryptedOrganizationKey.fromData(encryptedOrgKeys[orgId]);
-
-      let decrypted: OrgKey;
-
-      if (BaseEncryptedOrganizationKey.isProviderEncrypted(encrypted)) {
-        decrypted = await encrypted.decrypt(encryptService, providerKeys);
-      } else {
-        decrypted = await encrypted.decrypt(encryptService, privateKey);
-      }
-
-      result[orgId] = decrypted;
-    }
-
-    return result;
-  },
-});