Ps/pm 5533/migrate decrypted user key (#7970)

* Move user key memory state to state providers

Note: state service observable change is because these updates are no longer internal to the class, but reporter directly to account service through crypto service on update of a user key

* remove decrypted user key state

Note, we're going to move the encrypted cryptoSymmetric key (and associated master key encrypted user keys)  as part of the master key service creation. Crypto service will no longer be responsible for the encrypted forms of user key.

* Deprecate notices belong on abstraction

* Allow for single-direction status updates

This is necessary since we don't want to have to guarantee that the update to logged out occurs after the update to locked.

* Remove deprecated subject

It turns out the set for cryptoMasterKey was also unused 🎉

apps/browser/jest.config.js

@@ -9,7 +9,10 @@ module.exports = {
   ...sharedConfig,
   preset: "jest-preset-angular",
   setupFilesAfterEnv: ["<rootDir>/test.setup.ts"],
-  moduleNameMapper: pathsToModuleNameMapper(compilerOptions?.paths || {}, {
-    prefix: "<rootDir>/",
-  }),
+  moduleNameMapper: pathsToModuleNameMapper(
+    { "@bitwarden/common/spec": ["../../libs/common/spec"], ...(compilerOptions?.paths ?? {}) },
+    {
+      prefix: "<rootDir>/",
+    },
+  ),
 };

apps/browser/src/platform/services/browser-crypto.service.ts

@@ -1,7 +1,8 @@
+import { firstValueFrom } from "rxjs";
+
 import { KeySuffixOptions } from "@bitwarden/common/platform/enums";
-import { Utils } from "@bitwarden/common/platform/misc/utils";
-import { SymmetricCryptoKey } from "@bitwarden/common/platform/models/domain/symmetric-crypto-key";
 import { CryptoService } from "@bitwarden/common/platform/services/crypto.service";
+import { USER_KEY } from "@bitwarden/common/platform/services/key-state/user-key.state";
 import { UserId } from "@bitwarden/common/types/guid";
 import { UserKey } from "@bitwarden/common/types/key";
 
@@ -29,9 +30,9 @@ export class BrowserCryptoService extends CryptoService {
         return null;
       }
 
-      const userKey = await this.stateService.getUserKey({ userId: userId });
+      const userKey = await firstValueFrom(this.stateProvider.getUserState$(USER_KEY, userId));
       if (userKey) {
-        return new SymmetricCryptoKey(Utils.fromB64ToArray(userKey.keyB64)) as UserKey;
+        return userKey;
       }
     }
 

apps/browser/src/platform/services/browser-state.service.spec.ts

@@ -1,6 +1,5 @@
 import { mock, MockProxy } from "jest-mock-extended";
 
-import { AccountService } from "@bitwarden/common/auth/abstractions/account.service";
 import { EnvironmentService } from "@bitwarden/common/platform/abstractions/environment.service";
 import { LogService } from "@bitwarden/common/platform/abstractions/log.service";
 import {
@@ -11,8 +10,10 @@ import { StateFactory } from "@bitwarden/common/platform/factories/state-factory
 import { GlobalState } from "@bitwarden/common/platform/models/domain/global-state";
 import { State } from "@bitwarden/common/platform/models/domain/state";
 import { MigrationRunner } from "@bitwarden/common/platform/services/migration-runner";
+import { mockAccountServiceWith } from "@bitwarden/common/spec";
 import { SendType } from "@bitwarden/common/tools/send/enums/send-type";
 import { SendView } from "@bitwarden/common/tools/send/models/view/send.view";
+import { UserId } from "@bitwarden/common/types/guid";
 
 import { Account } from "../../models/account";
 import { BrowserComponentState } from "../../models/browserComponentState";
@@ -30,12 +31,12 @@ describe("Browser State Service", () => {
   let logService: MockProxy<LogService>;
   let stateFactory: MockProxy<StateFactory<GlobalState, Account>>;
   let useAccountCache: boolean;
-  let accountService: MockProxy<AccountService>;
   let environmentService: MockProxy<EnvironmentService>;
   let migrationRunner: MockProxy<MigrationRunner>;
 
   let state: State<GlobalState, Account>;
-  const userId = "userId";
+  const userId = "userId" as UserId;
+  const accountService = mockAccountServiceWith(userId);
 
   let sut: BrowserStateService;
 
@@ -44,7 +45,6 @@ describe("Browser State Service", () => {
     diskStorageService = mock();
     logService = mock();
     stateFactory = mock();
-    accountService = mock();
     environmentService = mock();
     migrationRunner = mock();
     // turn off account cache for tests
@@ -57,6 +57,10 @@ describe("Browser State Service", () => {
     state.activeUserId = userId;
   });
 
+  afterEach(() => {
+    jest.resetAllMocks();
+  });
+
   describe("state methods", () => {
     let memoryStorageService: MockProxy<AbstractMemoryStorageService>;
 

apps/browser/src/popup/services/services.module.ts

@@ -73,6 +73,7 @@ import { ConfigService } from "@bitwarden/common/platform/services/config/config
 import { ConsoleLogService } from "@bitwarden/common/platform/services/console-log.service";
 import { ContainerService } from "@bitwarden/common/platform/services/container.service";
 import { MigrationRunner } from "@bitwarden/common/platform/services/migration-runner";
+import { WebCryptoFunctionService } from "@bitwarden/common/platform/services/web-crypto-function.service";
 import { DerivedStateProvider, StateProvider } from "@bitwarden/common/platform/state";
 import { SearchService } from "@bitwarden/common/services/search.service";
 import { PasswordGenerationServiceAbstraction } from "@bitwarden/common/tools/generator/password";
@@ -109,6 +110,7 @@ import { BrowserApi } from "../../platform/browser/browser-api";
 import BrowserPopupUtils from "../../platform/popup/browser-popup-utils";
 import { BrowserStateService as StateServiceAbstraction } from "../../platform/services/abstractions/browser-state.service";
 import { BrowserConfigService } from "../../platform/services/browser-config.service";
+import { BrowserCryptoService } from "../../platform/services/browser-crypto.service";
 import { BrowserEnvironmentService } from "../../platform/services/browser-environment.service";
 import { BrowserFileDownloadService } from "../../platform/services/browser-file-download.service";
 import { BrowserI18nService } from "../../platform/services/browser-i18n.service";
@@ -210,7 +212,7 @@ function getBgService<T>(service: keyof MainBackground) {
     { provide: CipherService, useFactory: getBgService<CipherService>("cipherService"), deps: [] },
     {
       provide: CryptoFunctionService,
-      useFactory: getBgService<CryptoFunctionService>("cryptoFunctionService"),
+      useFactory: () => new WebCryptoFunctionService(window),
       deps: [],
     },
     {
@@ -258,12 +260,36 @@ function getBgService<T>(service: keyof MainBackground) {
     },
     {
       provide: CryptoService,
-      useFactory: (encryptService: EncryptService) => {
-        const cryptoService = getBgService<CryptoService>("cryptoService")();
+      useFactory: (
+        cryptoFunctionService: CryptoFunctionService,
+        encryptService: EncryptService,
+        platformUtilsService: PlatformUtilsService,
+        logService: LogServiceAbstraction,
+        stateService: StateServiceAbstraction,
+        accountService: AccountServiceAbstraction,
+        stateProvider: StateProvider,
+      ) => {
+        const cryptoService = new BrowserCryptoService(
+          cryptoFunctionService,
+          encryptService,
+          platformUtilsService,
+          logService,
+          stateService,
+          accountService,
+          stateProvider,
+        );
         new ContainerService(cryptoService, encryptService).attachToGlobal(self);
         return cryptoService;
       },
-      deps: [EncryptService],
+      deps: [
+        CryptoFunctionService,
+        EncryptService,
+        PlatformUtilsService,
+        LogServiceAbstraction,
+        StateServiceAbstraction,
+        AccountServiceAbstraction,
+        StateProvider,
+      ],
     },
     {
       provide: AuthRequestCryptoServiceAbstraction,