bitwarden/browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser synced 2025-12-16 16:23:44 +00:00
Code Issues Releases Wiki Activity

add decryption with MasterKey method to crypto service

Browse Source
This commit is contained in:
Jacob Fink
2023-05-30 09:46:08 -04:00
parent acd3ef2204
commit 6dc454e5e7
2 changed files with 37 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
libs/common/src/platform/abstractions/crypto.service.ts
View File

@@ -37,6 +37,7 @@ export abstract class CryptoService {
masterKey: MasterKey,
userSymKey?: UserSymKey
) => Promise<[UserSymKey, EncString]>;
decryptUserSymKeyWithMasterKey: (masterKey: MasterKey, userId?: string) => Promise<UserSymKey>;
hashPassword: (password: string, key: MasterKey, hashPurpose?: HashPurpose) => Promise<string>;
setKeyHash: (keyHash: string) => Promise<void>;
getKeyHash: () => Promise<string>;

36
libs/common/src/platform/services/crypto.service.ts
View File

@@ -229,6 +229,42 @@ export class CryptoService implements CryptoServiceAbstraction {
return this.buildProtectedUserSymKey(masterKey, userSymKey.key);
}
/**
* Decrypts the user symmetric key with the provided master key
* @param masterKey The user's master key
* @param userId The desired user
* @returns The user's symmetric key
*/
async decryptUserSymKeyWithMasterKey(masterKey: MasterKey, userId?: string): Promise<UserSymKey> {
masterKey ||= await this.getMasterKey();
if (masterKey == null) {
throw new Error("No Master Key found.");
}
// TODO: Do we need to let this be passed in as well?
const userSymKeyMasterKey = await this.stateService.getUserSymKeyMasterKey({ userId: userId });
if (userSymKeyMasterKey == null) {
throw new Error("No User Key found.");
}
let decUserKey: ArrayBuffer;
const encUserKey = new EncString(userSymKeyMasterKey);
if (encUserKey.encryptionType === EncryptionType.AesCbc256_B64) {
decUserKey = await this.decryptToBytes(encUserKey, masterKey);
} else if (encUserKey.encryptionType === EncryptionType.AesCbc256_HmacSha256_B64) {
const newKey = await this.stretchKey(masterKey);
decUserKey = await this.decryptToBytes(encUserKey, newKey);
} else {
throw new Error("Unsupported encryption type.");
}
if (decUserKey == null) {
return null;
}
// TODO: Do we want to set the user key here?
return new SymmetricCryptoKey(decUserKey) as UserSymKey;
}
/**
* Creates a master password hash from the user's master password. Can
* be used for local authentication or for server authentication depending