bitwarden/browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser synced 2026-01-31 00:33:33 +00:00
Code Issues Releases Wiki Activity

Fix master key not being set to state after kdf update

Browse Source
This commit is contained in:
Bernd Schoolmann
2025-12-16 10:57:37 +01:00
parent bab2684bbd
commit 30365797cb
2 changed files with 21 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
libs/angular/src/services/jslib-services.module.ts
View File

@@ -528,7 +528,7 @@ const safeProviders: SafeProvider[] = [
safeProvider({
provide: ChangeKdfService,
useClass: DefaultChangeKdfService,
deps: [ChangeKdfApiService, SdkService],
deps: [ChangeKdfApiService, SdkService, KeyService, InternalMasterPasswordServiceAbstraction],
}),
safeProvider({
provide: EncryptedMigrator,
@@ -1333,7 +1333,7 @@ const safeProviders: SafeProvider[] = [
safeProvider({
provide: ChangeKdfService,
useClass: DefaultChangeKdfService,
deps: [ChangeKdfApiService, SdkService],
deps: [ChangeKdfApiService, SdkService, KeyService, InternalMasterPasswordServiceAbstraction],
}),
safeProvider({
provide: AuthRequestServiceAbstraction,

20
libs/common/src/key-management/kdf/change-kdf.service.ts
View File

@@ -1,12 +1,14 @@
import { firstValueFrom, map } from "rxjs";
import { assertNonNullish } from "@bitwarden/common/auth/utils";
import { HashPurpose } from "@bitwarden/common/platform/enums";
import { UserId } from "@bitwarden/common/types/guid";
// eslint-disable-next-line no-restricted-imports
import { KdfConfig } from "@bitwarden/key-management";
import { KdfConfig, KeyService } from "@bitwarden/key-management";
import { KdfRequest } from "../../models/request/kdf.request";
import { SdkService } from "../../platform/abstractions/sdk/sdk.service";
import { InternalMasterPasswordServiceAbstraction } from "../master-password/abstractions/master-password.service.abstraction";
import {
fromSdkAuthenticationData,
MasterPasswordAuthenticationData,
@@ -20,6 +22,8 @@ export class DefaultChangeKdfService implements ChangeKdfService {
constructor(
private changeKdfApiService: ChangeKdfApiService,
private sdkService: SdkService,
private keyService: KeyService,
private masterPasswordService: InternalMasterPasswordServiceAbstraction,
) {}
async updateUserKdfParams(masterPassword: string, kdf: KdfConfig, userId: UserId): Promise<void> {
@@ -56,5 +60,19 @@ export class DefaultChangeKdfService implements ChangeKdfService {
const request = new KdfRequest(authenticationData, unlockData);
request.authenticateWith(oldAuthenticationData);
await this.changeKdfApiService.updateUserKdfParams(request);
// Update the locally stored master key and hash, so that UV, etc. still works
const masterKey = await this.keyService.makeMasterKey(
masterPassword,
unlockData.salt,
unlockData.kdf,
);
const serverMasterKeyHash = await this.keyService.hashMasterKey(
masterPassword,
masterKey,
HashPurpose.ServerAuthorization,
);
await this.masterPasswordService.setMasterKeyHash(serverMasterKeyHash, userId);
await this.masterPasswordService.setMasterKey(masterKey, userId);
}
}