bitwarden/browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser synced 2025-12-16 08:13:42 +00:00
Code Issues Releases Wiki Activity

finish migrate auto key if needed

Browse Source 
- migrate whenever retrieved from storage
- add back the user symmetric key toggle
This commit is contained in:
Jacob Fink
2023-06-08 13:13:00 -04:00
parent 7963d3c996
commit 56c750d375
2 changed files with 29 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
libs/common/src/platform/services/crypto.service.ts
View File

@@ -69,6 +69,11 @@ export class CryptoService implements CryptoServiceAbstraction {
await this.storeAdditionalKeys(key, userId);
}
async toggleKey(): Promise<void> {
const key = await this.getUserKeyFromMemory();
await this.setUserKey(key);
}
/**
* Retrieves the user's symmetric key
* @param keySuffix The desired version of the user's key to retrieve
@@ -948,15 +953,8 @@ export class CryptoService implements CryptoServiceAbstraction {
let userKey: string;
switch (keySuffix) {
case KeySuffixOptions.Auto: {
// migrate if needed
const oldAutoKey = await this.stateService.getCryptoMasterKeyAuto({ userId: userId });
if (oldAutoKey) {
await this.stateService.setUserSymKeyAuto(oldAutoKey, { userId: userId });
await this.stateService.setCryptoMasterKeyAuto(null, { userId: userId });
userKey = oldAutoKey;
} else {
userKey = await this.stateService.getUserSymKeyAuto({ userId: userId });
}
await this.migrateAutoKeyIfNeeded(userId);
userKey = await this.stateService.getUserSymKeyAuto({ userId: userId });
break;
}
case KeySuffixOptions.Biometric: {
@@ -967,6 +965,23 @@ export class CryptoService implements CryptoServiceAbstraction {
return new SymmetricCryptoKey(Utils.fromB64ToArray(userKey).buffer) as UserSymKey;
}
private async migrateAutoKeyIfNeeded(userId?: string) {
const oldAutoKey = await this.stateService.getCryptoMasterKeyAuto({ userId: userId });
if (oldAutoKey) {
// decrypt
const masterKey = new SymmetricCryptoKey(
Utils.fromB64ToArray(oldAutoKey).buffer
) as MasterKey;
const userSymKey = await this.decryptUserSymKeyWithMasterKey(
masterKey,
new EncString(await this.stateService.getEncryptedCryptoSymmetricKey())
);
// migrate
await this.stateService.setUserSymKeyAuto(userSymKey.keyB64, { userId: userId });
await this.stateService.setCryptoMasterKeyAuto(null, { userId: userId });
}
}
private async stretchKey(key: SymmetricCryptoKey): Promise<SymmetricCryptoKey> {
const newKey = new Uint8Array(64);
const encKey = await this.cryptoFunctionService.hkdfExpand(key.key, "enc", 32, "sha256");
@@ -1192,12 +1207,4 @@ export class CryptoService implements CryptoServiceAbstraction {
await this.stateService.setEncryptedCryptoSymmetricKey(null, { userId: userId });
}
}
/**
* @deprecated we wouldn't be saving encrypted/decrypted versions of the user symmetric key
*/
async toggleKey(): Promise<any> {
// const key = await this.getKey();
// await this.setKey(key);
}
}